ULTRA Alpha. The name will prob change, and so will many things.
This repository contains code and resources related to Attack Surface Reduction (ASR) rules in Windows Defender. The primary goal of this project is to provide a comprehensive understanding of ASR rules, their configuration, and their impact on system security.
The content in this repository is intended for research and educational purposes only. It should be used responsibly and ethically. Any scripts or code that simulate potentially harmful actions are provided for the purpose of understanding and mitigating security threats with ASR. They should only be run in a controlled, secure environment for testing or educational purposes.
The codebase is organized into several Python scripts. Here's a brief overview of some key files:
pages/1_ASR Essentials.py: This Python script uses Streamlit to generate an interactive web page that provides a comprehensive overview of ASR rules.
pages/2_ASR Atomic Testing.py: This Python script generates an interactive web page for testing ASR rules.
asr.ps1: This PowerShell script provides a command-line interface for managing ASR rules.
We welcome contributions to this project. If you have a suggestion, bug report, or want to add to the codebase, please open an issue or submit a pull request.
This project is licensed under the terms of the Apache license.
$ claude mcp add ASRGEN \
-- python -m otcore.mcp_server <graph>