Today I Learned how to Create Chocolatey Packages
Today I Learned more about Ansible conditionals and variable management
Today I Learned more about WDAC Policy Creation and Implementation
Today I Learned more about Ansible conditionals and variable management
Today I Learned more about Ansible conditionals and variable management
Today I Learned more about Ansible conditionals and variable management
Automating Sysmon Deployment and Configuration
Increase your logging abilities to further your ability to detect threats and malicious activity on your systems.
Block Ads and Trackers System Wide on Windows 10
This script blocks Telemetry related domains via the hosts file and related IPs via Windows Firewall.
Optimize and Debloat Windows 10 Deployments
For those who seek to minimize their Windows 10 installs.
GLVK Auto Install Script for KMS Activation
A collection of example configurations and scripts to aid system administrators in hardening Apache web servers.GLVK Auto Install Script for KMS Activation
Harden Windows with Windows Defender Application Control (WDAC)
Harden Windows with Windows Defender Application Control (WDAC)
VirusTotal PowerShell Modules
A collection of PowerShell Modules for Interacting with the VirusTotal API
Hardening Windows Systems with Applocker
Lock down system resources to bare minumum needed for basic OS functionality
Hardening Windows Terminals. Command Prompt and PowerShell
Scripts and Documentation for Hardening Windows Command Prompt and PowerShell
Shodan Powershell Modules
A collection of PowerShell Modules for Interacting with the Shodan API
Hardening Windows Defender
Harden Windows Defender by enabling enterprise or command line only features
STIG Compliant GPOs and Importing them into a Windows Domain
Import all the GPOs provided by SimeonOnSecurity to assist in making your domain compliant with all applicable STIGs and SRGs.
Dot NET STIG Script
On July 14, 2020, Microsoft released a security updatApplying the .NET STIG is definitely not straightforward. For many administrators it can take hours to fully implement on a single system. This script applies the required registry changes and modifies the machine.config file to implement FIPS and other controls as required.
FireFox Privacy Script
Organizations like PrivacyTools.io and ffprofile have suggested changes to make FireFox more secure and private. These changes cover suggested browser extentions, blocking telemetry, disabling 3rd-party cookies, disabling trackers, etc.
FireFox STIG Script
The Firefox V4R29 isn’t the easiest of STIGs to apply. This script will implement most of the required FireFox policies. In the future, the FireFox ADMX templates and GPO’s will be applied in this script.
Windows 10 Branding
Many organizations have a need or want to control the branding of a Windows system. This includes the desktop wallpaper, the users avatar, the Windows lock screen, and sometimes the OEM Logo. In Windows 10, Windows Server 2016, and Windows Server 2019 this is not particularly easy. But, with the aide of the linked script, we can partially automate it and make the process much easier.
Automating Oracle JRE 8 STIG
The Oracle JRE STIGs aren’t so straight forward, requiring administrators to research JAVA documentation and generate java config files, when most administrators are used to solely STIG-ing using group policy.
Hardening Apache Web Server
A collection of example configurations and scripts to aid system administrators in hardening Apache web servers.
Optimize, Harden, and Debloat Windows 10 Deployments
Windows 10 is an invasive and insecure operating system out of the box. Organizations like PrivacyTools.io, Microsoft, Cyber.mil, the Department of Defense, and the [National Security Agency have recommended configuration changes to lockdown, harden, and secure the operating system. These changes cover a wide range of mitigations including blocking telemetry, macros, removing bloatware, and preventing many digital and physical attacks on a system. This script aims to automate the configurations recommended by those organizations.
Automating Windows Updates with Chocolatey, PSWindowsUpdate, and Startup Scripts
In today’s modern workplace environment, system administrators constantly are battling for time. Rolling out the latest Windows updates can be extremely time consuming taking up to a week given enough systems. Along with some assistance from Chocolatey, PSWindowsUpdates, and Startup Scripts, Systems Administrators can roll out update with as little as a single reboot of each machine.
Windows Spectre Meltdown Mitigation Script
Microsoft is aware of a new publicly disclosed class of vulnerabilities that are called “speculative execution side-channel attacks” and that affect many modern processors including Intel, AMD, VIA, and ARM.