Sandcat AV removal
UMWP opened this issue · 1 comments
UMWP commented
How can I deploy sandcat agent on remote windows machine while AV (ESET or Windows Defender) doesn't allow it. I have go lang installed on caldera:
root@caldera:~# go version go1.18.1 lunux/amd64
Any ideas?
elegantmoose commented
@UMWP Yes, we deal with this issue a lot ourselves as sandcat is well known now. Our approach is to generally pursue security policy exceptions, obviously solution mileage may vary depending on target environment and ability to enable such exception policies.