HardeningKitty
ConfigureDefender
HardeningKitty | ConfigureDefender | |
---|---|---|
14 | 95 | |
1,149 | 1,054 | |
3.8% | - | |
2.9 | 6.2 | |
about 2 months ago | 16 days ago | |
PowerShell | ||
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
HardeningKitty
-
If You Had To Create All IT Policies From Scratch
Also Hardening-Kitty. https://github.com/scipag/HardeningKitty
- CIS benchmark Windows Server 2022
- Windows OS Security
-
Creating a jump host in 2023
Critically, harden the OS. Like, more than you think you need to. Way more. Consider the jump host capability as a core component of each system/environment/platform/application it's used to access/manage and assess value and risk with all those business processes/functions in mind even though you're using one jump host for each of those use cases because, inevitably, the same template/container/configuration/script will be reused so any misconfigurations will replicate. If you need a Windows OS, consider hardening kitty as it offers a locally executable option for both hardening and auditing. If you need to met regulatory requirements (HIPAA, CMMC, FISMA, PCI, etc.), consider OpenSCAP or whatever paid solution you use for agent-based vuln scans (avoid less intensive solutions that only run unauthenticated scans or network-based audits, they tend to avoid non-CVE vulns that exist in the configuration). If you need to rely on open source endpoint security solutions like Wazuh make sure they integrate nicely with SIEM, SOAR, and remote management. Wherever possible, use DevOps-friendly solutions for configuration management (think Ansible and Terraform vice Github Actions :) ) and remember that, if you're responding to an incident, you're going to want to suspend all of your jump boxes, retain any storage and their full memory state, and spin up verifiably clean jump boxes so you have confidence in your connections into the environment. This is the most commonly overlooked need (most orgs seem to be aware of their privilege sprawl issue) and it has a MASSIVE impact on your ability to quickly begin effective investigation and response efforts in the event of an incident (most orgs do NOT seem to be aware of this and it costs them time and meaningful information during incidents).
- Active Directory Security Tools
- Help!! Is there a Scanning tool that helps scan the whole Windows Build Image?
-
Is Windows Defender for Business any good?
Agree. Harden your endpoints (if unsure where to start consider hardening kitty, https://github.com/scipag/HardeningKitty) and harden Defender (https://0ut3r.space/2022/03/06/windows-defender/). Add Sysmon with a good config (https://github.com/olafhartong/sysmon-modular) and you've reached a good starting point.
-
Ciphers... Edge... I wanna AES256 SHA384 only
I use a tool called Hardening-Kitty https://github.com/scipag/HardeningKitty , which has recommended policy lists from a variety of organizations. I check my computer with all of them. They don't all agree, of course, so I kind of pick and choose a little. But the lists have helped me find things I had no idea where they were.
- PowerShell script to confirm server configuration
-
There’s a GitHub repo for testing every single Windows security / privilege mechanism. I’ve lost the book mark, anyone know it?
A related tool that I found somewhere on reddit recently: HardeningKitty
ConfigureDefender
-
Can you force Defender to give a prompt before taking any action? What about alternative AV?
https://github.com/AndyFul/ConfigureDefender lets you dig into some settings, but not what I need.
-
Secure, Free/Affordable Antivirus Software?
Windows Defender + ConfigureDefender and set it to Maximum Protection Level = Defender on Steroids.
- Free software to replace Norton 360?
-
Is windows defender by default activated on a brand new PC with windows 11 installed?
When using defender I recommend using this utiliy https://github.com/AndyFul/ConfigureDefender
-
Any chance that hacker can access to other devices through wifi network?
You can prevent the LOLbin from contacting its C2 server by using an tool like FirewallHardening which you can download here, it allows you to add firewall block rules in Windows Firewall to prevent LOLbins from phoning home, not only .NET framework files but also things like Powershell and ConHost which are abused by the majority of malware.
-
Multiple users reporting Microsoft apps have disappeared
What is the easiest way to use all the links via the search function again if you are not an sys-admin?In my case it is about Windows Pro/Home in the private area, i used https://github.com/AndyFul/ConfigureDefender for my Windows Defender. I have no idea which script to start here now. :(
-
How to utilise enterprise level antivirus and threat detection in your personal pc
ConfigureDefender
-
Chinese hackers at it again. It’s crazy; I’ve changed my password twice lol. They really want this account.
For keeping malware off your machine Windows Defender and some common sense should be perfectly fine, although I would recommend running ConfigureDefender and choosing whatever security level you find most appropriate for your use case. Also if you ever suspect you have malware that Defender didn't detect, just download the free version of malwarebytes, do a quick scan and uninstall it again; it's highly unlikely that something would make it past both of them.
-
Best Antivirus for Personal Laptop
Microsoft Defender configured by configure defender
-
What Is The Best Free AntiVirus For Windows 11?
Windows 11 built-in security is quite good, particularly when paired with the likes of ConfigureDefender or DefenderUI which allows you to tweak the built-in protection https://github.com/AndyFul/ConfigureDefender but there are third party options out there. Andy Ful also has system hardening tools that add an extra layer of protection but there have been some compatibility issues with windows new SmartApp Control feature https://github.com/AndyFul/Hard_Configurator/tree/master/Simple%20Windows%20Hardening .
What are some alternatives?
windows_hardening - HardeningKitty and Windows Hardening settings and configurations
nextdns - NextDNS CLI client (DoH Proxy)
AutomaticMaintenance - Helps IT engineers to establish a continuous update process in large intertangled infrastructures.
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
SchannelConfiguration - Configure SChannel Security Settings via Group Policy
Authenticator - Two-Factor Authentication Client for iOS
hardentools - Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
PowerZure - PowerShell framework to assess Azure security
OS-Scripts - This is where I'll put my custom scripts/functions that might be useful in future projects of mine.
Audit-Test-Automation - The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.
syncthing-android - Wrapper of syncthing for Android.