Despite admin privileges an EDR product in Windows can be very annoying from red team perspective. Therefor we search ways to disable the EDR without relying on a uninstall password, Windows security center etc.
Daniel Feichter works since a few years as red teamer and penetration tester in Austria. His focus is on Windows environment red teaming, pentesting and research. Among other things, he is intensively engaged in AV/EDR systems under Windows OS. At the end of 2021 he decided to start his own company which is called Infosec Tirol (https://www.infosec.tirol), with which he focus on product independent offensive security services to improve the IT-Security in companies in Austria.