-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun.ps1
93 lines (78 loc) · 2.85 KB
/
run.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
#####
#
# PowerShell script per la configurazione degli strumenti di analisi e disativazione della protezione in tempo reale
#
#####
# Richiede permessi amministrativi
if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator"))
{
Write-Output "Esegui questo script come amministratore."
exit
}
# Disabilita Microsoft Defender Antivirus
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name "DisableAntiSpyware" -Value 1
Write-Output "Microsoft Defender Antivirus è stato disabilitato."
# Disabilita la Protezione in Tempo Reale
$realTimeProtectionPath = "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection"
if (!(Test-Path $realTimeProtectionPath)) {
New-Item -Path $realTimeProtectionPath -Force | Out-Null
}
Set-ItemProperty -Path $realTimeProtectionPath -Name "DisableRealtimeMonitoring" -Value 1
Write-Output "La protezione in tempo reale è stata disabilitata."
# Riavvia il sistema per applicare completamente le modifiche
Write-Output "Per completare la disattivazione, riavvia il computer."
Restart-Computer -Force
# Installazione di Chocolatey
Set-ExecutionPolicy Bypass -Scope Process -Force
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
choco feature enable -n allowGlobalConfirmation
cinst boxstarter
powershell -Command "Set-ExecutionPolicy RemoteSigned; iex ((New-Object System.Net.WebClient).DownloadString('https://boxstarter.org/bootstrapper.ps1')); get-boxstarter -Force"
powershell -Command "Disable-UAC"
# Lista tool
$tools = @(
"hackfont",
"vim",
"firefox",
"googlechrome",
"wget",
"python3",
"7zip",
"tor-browser",
"wireshark",
"git",
"cmder",
"ollydbg",
"processhacker",
"explorersuite",
"procexp",
"md5deep",
"hashdeep",
"file",
"strings",
"regshot",
"sysinternal",
"exeinfo",
"virustotaluploader",
"vt-cli",
"radare2",
"mitmproxy",
"fiddler",
"hxd",
"exiftool"
)
# Installa i tool
foreach ($tool in $tools) {
if (-not (choco list --local-only | Select-String $tool)) {
Write-Output "Sto installando $tool..."
choco install $tool -y
} else {
Write-Output "$tool è già installato."
}
}
# Configurazioni aggiuntive
New-Item -Path "HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force
Set-ItemProperty -Path "HKLM:\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoUpdate" -Value 1
powershell -Command "Set-MpPreference -DisableRealtimeMonitoring $true"
powershell -Command "Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False"