Skip to content

Releases: SysAdminDoc/DefenderControl

DefenderControl v3.2.1

24 Apr 20:27
@SysAdminDoc SysAdminDoc
v3.2.1
ccc09aa

Choose a tag to compare

View all tags
DefenderControl v3.2.1 Latest
Latest

DefenderControl v3.2.1 - PowerShell 7 compatibility

Fixed

  • Running the script from PowerShell 7 (pwsh.exe) no longer errors out with "Wrong PowerShell Edition". The script now detects PS 7 / Core and auto-relaunches itself under Windows PowerShell 5.1 (powershell.exe) with all original arguments preserved.
  • CLI mode waits synchronously so stdout / stderr / exit codes return to the caller.
  • GUI mode fires a new window.
  • If the caller isn't already elevated, the re-launch also handles UAC in the same step.

Install

Download DefenderControl.ps1, verify SHA256 against SHA256SUMS.txt, run (it works from both powershell.exe and pwsh.exe now).

SHA256

698e240b0c422d64220615ca65dcd5c1a14112644fb90d1edad9d2c96e523693  DefenderControl.ps1
Assets 4
Loading

DefenderControl v3.2.0

24 Apr 19:50
@SysAdminDoc SysAdminDoc
v3.2.0
bf25ecf

Choose a tag to compare

View all tags
DefenderControl v3.2.0

DefenderControl v3.2.0

First release with a CLI surface, machine-checked firewall integrity, audit manifests, and a pass/fail verification suite.

Added

  • CLI mode with -Mode Status | Health | Verify | Manifest for read-only automation
  • -Json emits stable JSON for scripting pipelines
  • Stable CLI exit codes: 0 success, 1 partial, 2 tamper-blocked, 3 safe-mode-needed, 4 usage-error, 5 verify-fail
  • Firewall integrity guard: Disable + Enable snapshot firewall profile state (Domain/Private/Public enabled) plus mpssvc / BFE service state before the first change and verify after the last change. Any divergence is logged as an ERROR. The "firewall untouched" promise is now machine-checked, not just documented.
  • Third-party AV pre-flight: Phase 0 of Disable queries root\SecurityCenter2\AntivirusProduct and warns when no non-Microsoft AV is registered.
  • Undo / audit manifest: every Disable/Enable persists a JSON manifest to %ProgramData%\DefenderControl\manifests\<op>-<ts>.json with schema version, timestamps, firewall before/after, third-party AV list, and phases completed.
  • Verification suite: -Mode Verify -Expect Enabled|Disabled|Auto asserts the current state against an expected shape with per-check pass/fail reporting in JSON or human-readable form.
  • EICAR synthetic detection test (opt-in via -Mode Verify -Eicar -Force): writes the standard EICAR AV-signature test string, waits 2.5s, reports whether Defender quarantined it, cleans up regardless of outcome.

Changed

  • Self-elevation forwards all original arguments through the UAC re-launch so CLI flags survive elevation.
  • WPF assemblies are skipped entirely in CLI mode for faster startup.
  • README hero image referenced a deleted asset (removed).

Install

Download DefenderControl.ps1, verify SHA256 against SHA256SUMS.txt, right-click -> Run with PowerShell (it will self-elevate).

sha256sum -c SHA256SUMS.txt

SHA256

c3b0c3a35af52eaeca1ca05057daf41a472eee4ca3b6d4a1648901be9ad1adb5  DefenderControl.ps1
Loading

v3.1.0

13 Apr 16:44
@SysAdminDoc SysAdminDoc
v3.1.0
032049c

Choose a tag to compare

View all tags
v3.1.0

Release v3.1.0

Loading