+- Sinisterly (https://sinister.ly)
+-- Forum: Computers (https://sinister.ly/Forum-Computers)
+--- Forum: Operating Systems (https://sinister.ly/Forum-Operating-Systems)
+--- Thread: Tutorial Windows Basic Powershell Harden (/Thread-Tutorial-Windows-Basic-Powershell-Harden)
Windows Basic Powershell Harden - DoXeD - 09-22-2023
Code:
# Enable Windows Defender and ensure it's up to date
Set-MpPreference -DisableRealtimeMonitoring $false
Start-MpScan -ScanType QuickScan
Update-MpSignature
# Enable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
# Enable BitLocker for system drive encryption
# Note: Customize the encryption method as needed (e.g., AES256)
Enable-BitLocker -MountPoint "C:" -EncryptionMethod XtsAes256 -UsedSpaceOnly
# Set a strong password policy
# Note: Adjust settings based on your organization's policies
secpol.exe /s /t /p "Security Settings\Account Policies\Password Policy" /v "MinimumPasswordAge" /d "1"
secpol.exe /s /t /p "Security Settings\Account Policies\Password Policy" /v "PasswordComplexity" /d "1"
secpol.exe /s /t /p "Security Settings\Account Policies\Password Policy" /v "PasswordLength" /d "12"
# Disable Remote Assistance and Remote Desktop
# Adjust as per your requirements
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" -Value 1
# Disable PowerShell scripts from running without signing
Set-ExecutionPolicy RemoteSigned
# Enable User Account Control (UAC)
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "ConsentPromptBehaviorAdmin" -Value 5
# Enable SmartScreen Filter for Internet Explorer and Microsoft Edge
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" -Name "EnabledV9" -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "SmartScreenEnabled" -Value 1
# Disable Autorun for removable drives
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name "NoDriveTypeAutoRun" -Value 255
# Enable auditing of logon events
Auditpol /set /subcategory:"Logon" /success:enable /failure:enable
# Restart the system for changes to take effect
Restart-Computer -ForceRE: Windows Basic Powershell Harden - FosterKitty - 09-24-2023
Awesome,thanks for sharing.
Need something like this for work
RE: Windows Basic Powershell Harden - r00t020 - 11-08-2023
If you are looking for a good place to start learning PowerShell
RE: Windows Basic Powershell Harden - DoXeD - 01-27-2024
(11-08-2023, 11:05 PM)r00t020 Wrote: If you are looking for a good place to start learning PowerShellI agree with this user
RE: Windows Basic Powershell Harden - Oxy.exe - 03-25-2024
Damn, actually very interesting. I am looking to really harden Windows as much as possible. I use it for gaming so it will have a lot of spyware anticheats but I don't do anything bad on it. AC's these days are a huge attack vector. (Think about the recent Apex Legends hacks)