TABLE OF CONTENTS


Exempting the ATTACK Simulator's landing and training domains in Internet Explorer and Microsoft Edge can be done through the Group Policy, by Smart Screen Allow lists or by following the below steps: 

  • Click here to get a list of root landing and phish domains. 
  • Open up Internet Properties. This can be done a few different ways:  
    • Press Windows key + R, type inetcpl.cpl, and Press Enter, or 
    • Open up Internet Explorer. Click the settings icon in the top-right corner and choose Internet Options



  • Open the Security Tab
  • Click the Trusted sites icon. 
  • Click Sites.  



  • Type the phishing and landing domains in the "Add this website to the zone" textbox.  
  • Click "Close". 
  • After adding the domains, click on Custom level... (located in the Security tab). 
  • Scroll down to "Use Windows Defender SmartScreen" and disable it. Then, click "OK".  



 

Group Policy


This method will allow you to deploy Security Zone sites, whilst allowing the end user to modify the zones by adding or removing sites. If a user removes one of the sites deployed via this method, it will be re-added on the next Group Policy refresh.


You can check how to deploy registry settings in this article.


Create a new Group Policy Object and browse to User Configuration -> Preferences -> Windows Settings and Registry. Right click and choose new Registry Item. This is where you’re configure the sites, you will need 1 registry item per domain. Please check the current domains here.



  • Key path format is as follows: Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\website.com\www\
  • Value name will typically be http or https
  • Value type is REG_DWORD
  • Value Data uses the same as Site to Zone Assignment: 1 for Intranet Zone, 2 for Trusted Sites, 3 for Internet Zone and 4 for Restricted Sites Zone.

This is what you will see on the client machine.



SmartScreenAllowListDomains

You can use this group policy to configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings. This policy is available only on Windows instances that are joined to a Microsoft Active Directory domain. Follow the instructions detailed in this article article to set up your SmartScreenAllowListDomains.