I want to try reverse shell. I tried to turn off Real Time Protection using Powershell command:
Set-MpPreference -DisableRealtimeMonitoring $true
But it doesn't work. I am pretty sure I did everything right. I opened it as administrator and ran the command. I tried restarting the windows, but it still doesn't work
Make sure you also turn off firewall, too. In PowerShell use this command:
netsh advfirewall set all profiles state off
This should do the trick; just tested it with reverse shell in Empire.
Also, keep in mind that uponr reboot, Realtime Monitoring is activated again (if you want persistence, you should find a workaround). Firewall, though, remains deactivated until you enable it again.