# Bypasses

Bypasses are stored in yamls found in `/empire/server/bypass/` and uses a similar formatting as modules. Bypasses are currently only available to PowerShell modules and require a minimum version of PowerShell 3. Earlier version of PowerShell did not contain protections that require bypasses.

When Empire first loads, it will write the data from the yamls to the database. The bypasses can then be edited via Starkiller or the API with the changes going only to the version stored in the database.

## Default Bypasses

Default bypasses can be configured in the `config.yaml` file under `database.defaults.bypasses`. These bypasses will be automatically applied to stagers and modules when they are generated. The default bypasses are specified as a list of bypass names.

```yaml
database:
  defaults:
    bypasses:
      - mattifestation
      - etw
```

### Example Bypasses YAML

```
name: ''
authors:
  - ''
description: ''
comments:
  - ''
language: powershell
min_language_version: '3'
script: ''


```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bc-security.gitbook.io/empire-wiki/settings/bypasses.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.