fo-sec recently posted a great writeup with ten different ways you may be able to bypass Windows Defender. If you have attempted or completed any CTFs, or intentionally vulnerable machines on Hack The Box, tryhackme, or Proving Grounds then you may have run into issues with Windows Defender blocking your efforts to gain a foothold or escalate privileges. I recently ran into Windows Defender when trying test out Mandiant’s Windows based attack box, Commando VM. The install instructions make it clear you need to sure Windows Defender is well and truly disabled, yet it managed to re-enable itself on me partway through the install!
A lot of these methods, (like many you will encounter when learning about pentesting or offensive security), will likely not work in a real environment with strong WDAC controls. However, it is still a worthwhile read to understand some methods that could potentially work in a poorly configured environment, CTF exercise, or lab environment.