diff --git a/docs/tactics/defense_evasion.md b/docs/tactics/defense_evasion.md index 8c2250e..80cc699 100644 --- a/docs/tactics/defense_evasion.md +++ b/docs/tactics/defense_evasion.md @@ -1,2 +1,11 @@ Defense Evasion -========================================= \ No newline at end of file +========================================= +## Disabled security products +**Description:** List all the disabled security products. + +**Author:** [Janantha Marasinghe](https://medium.com/@blueteamops) + +**Query:** + +```SELECT * FROM windows_security_products WHERE state = 'Off'; +```