HardeningKitty
Sandboxie
HardeningKitty | Sandboxie | |
---|---|---|
14 | 93 | |
1,149 | 12,245 | |
3.8% | 2.3% | |
2.9 | 9.9 | |
about 2 months ago | 3 days ago | |
PowerShell | C | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
HardeningKitty
-
If You Had To Create All IT Policies From Scratch
Also Hardening-Kitty. https://github.com/scipag/HardeningKitty
- CIS benchmark Windows Server 2022
- Windows OS Security
-
Creating a jump host in 2023
Critically, harden the OS. Like, more than you think you need to. Way more. Consider the jump host capability as a core component of each system/environment/platform/application it's used to access/manage and assess value and risk with all those business processes/functions in mind even though you're using one jump host for each of those use cases because, inevitably, the same template/container/configuration/script will be reused so any misconfigurations will replicate. If you need a Windows OS, consider hardening kitty as it offers a locally executable option for both hardening and auditing. If you need to met regulatory requirements (HIPAA, CMMC, FISMA, PCI, etc.), consider OpenSCAP or whatever paid solution you use for agent-based vuln scans (avoid less intensive solutions that only run unauthenticated scans or network-based audits, they tend to avoid non-CVE vulns that exist in the configuration). If you need to rely on open source endpoint security solutions like Wazuh make sure they integrate nicely with SIEM, SOAR, and remote management. Wherever possible, use DevOps-friendly solutions for configuration management (think Ansible and Terraform vice Github Actions :) ) and remember that, if you're responding to an incident, you're going to want to suspend all of your jump boxes, retain any storage and their full memory state, and spin up verifiably clean jump boxes so you have confidence in your connections into the environment. This is the most commonly overlooked need (most orgs seem to be aware of their privilege sprawl issue) and it has a MASSIVE impact on your ability to quickly begin effective investigation and response efforts in the event of an incident (most orgs do NOT seem to be aware of this and it costs them time and meaningful information during incidents).
- Active Directory Security Tools
- Help!! Is there a Scanning tool that helps scan the whole Windows Build Image?
-
Is Windows Defender for Business any good?
Agree. Harden your endpoints (if unsure where to start consider hardening kitty, https://github.com/scipag/HardeningKitty) and harden Defender (https://0ut3r.space/2022/03/06/windows-defender/). Add Sysmon with a good config (https://github.com/olafhartong/sysmon-modular) and you've reached a good starting point.
-
Ciphers... Edge... I wanna AES256 SHA384 only
I use a tool called Hardening-Kitty https://github.com/scipag/HardeningKitty , which has recommended policy lists from a variety of organizations. I check my computer with all of them. They don't all agree, of course, so I kind of pick and choose a little. But the lists have helped me find things I had no idea where they were.
- PowerShell script to confirm server configuration
-
There’s a GitHub repo for testing every single Windows security / privilege mechanism. I’ve lost the book mark, anyone know it?
A related tool that I found somewhere on reddit recently: HardeningKitty
Sandboxie
-
How do you guys have access the office portal for multiple MSP tenants at the same time?
I used to use sandboxie so I could emulate multiple browser sessions without worrying about cached creds or the different portals screwing up my context. It works decently.
-
How are you all protecting your PC from the myriad of unaudited python packages which could be used as attack vectors?
Use Sandboxie on Windows. It's open source these days, and isolates processes from making changes on your system. It's perfect to install and run potentially unsafe programs. Sandboxie exists since 2003, and yet we still have people in business worlds running viruses from mail attachments.
-
Must have programs for a fresh Windows 10 install.
Sandboxie
-
A few less Googleable questions about local LLMs
You can allow applications inside a Sandboxie to communicate with each other through sockets even when network access by Sandboxie is blocked1. You can enable Sandboxie network access and use Windows firewall outside Sandboxie to block all applications inside the Sandboxie from accessing the network1. It is also possible to specify ports that cannot be accessed by boxed applications2. However, it is not possible to specify IP’s or IP ranges that cannot be accessed by boxed applications2.
-
Valve Restricts Accounts of 2500 Users Who Marked a Negative Game Review Useful
In addition to just taking all privileges way from the process, like Chrome does, there's also Sandboxie [1] and the official Windows Sandbox [2]
1: https://github.com/sandboxie-plus/Sandboxie
2: https://learn.microsoft.com/en-us/windows/security/threat-pr...
2b: https://learn.microsoft.com/en-us/windows/security/threat-pr...
-
hardware acceleration error
VirtualBox dropped 3D acceleration for old OS like XP a while back, you can see it it running "dxdiag" on your windows XP and running the tests, it will do DirectDraw only since the game is a 32 bit windows game it should run on modern windows like 10 and 11, I saw that the main problem is the DRM, so you will need a "cracked/pached" exe, I can't help with that, but do your own search, if you want to be "safe" you can try running it using something like SandBoxie-plus https://github.com/sandboxie-plus/Sandboxie/releases
-
Windows Sandbox
With those pre-reqs, is there anything Windows Sandbox can do that Sandboxie can't?
https://github.com/sandboxie-plus/Sandboxie
-
Coordinated vulnerability disclosure / contact for pCloud?
Could you pls. test if the vulnerability can be mitigated by using Sandboxie-Classic (that is the free version)?
-
Google & Youtube not working (only Firefox PC). Then all the other services I use break too. What god did I piss off?
I also want to recommand this piece of small software but it's very neat, Sandboxie: https://github.com/sandboxie-plus/Sandboxie
- Is there a program that shows what folders were created when you install a program?
What are some alternatives?
windows_hardening - HardeningKitty and Windows Hardening settings and configurations
PersistentWindows - fork of http://www.ninjacrab.com/persistent-windows/ with windows 10 update
AutomaticMaintenance - Helps IT engineers to establish a continuous update process in large intertangled infrastructures.
Open-Shell-Menu - Classic Shell Reborn.
SchannelConfiguration - Configure SChannel Security Settings via Group Policy
distroless - 🥑 Language focused docker images, minus the operating system.
hardentools - Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
PCem-ROMs - This is a collection of requiered ROMs files for PCem emulator. RIP PCem 2021
PowerZure - PowerShell framework to assess Azure security
qBittorrent - qBittorrent BitTorrent client
Audit-Test-Automation - The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.
stable-diffusion - Optimized Stable Diffusion modified to run on lower GPU VRAM