A collection of example configurations and scripts to aid system administrators in hardening Apache web servers.GLVK Auto Install Script for KMS Activation
Harden Windows with Windows Defender Application Control (WDAC)
Lock down system resources to bare minumum needed for basic OS functionality
Scripts and Documentation for Hardening Windows Command Prompt and PowerShell
Harden Windows Defender by enabling enterprise or command line only features
Import all the GPOs provided by SimeonOnSecurity to assist in making your domain compliant with all applicable STIGs and SRGs.
On July 14, 2020, Microsoft released a security updatApplying the .NET STIG is definitely not straightforward. For many administrators it can take hours to fully implement on a single system. This script applies the required registry changes and modifies the machine.config file to implement FIPS and other controls as required.
The Firefox V4R29 isn’t the easiest of STIGs to apply. This script will implement most of the required FireFox policies. In the future, the FireFox ADMX templates and GPO’s will be applied in this script.
The Oracle JRE STIGs aren’t so straight forward, requiring administrators to research JAVA documentation and generate java config files, when most administrators are used to solely STIG-ing using group policy.
Windows 10 is an invasive and insecure operating system out of the box. Organizations like PrivacyTools.io, Microsoft, Cyber.mil, the Department of Defense, and the [National Security Agency have recommended configuration changes to lockdown, harden, and secure the operating system. These changes cover a wide range of mitigations including blocking telemetry, macros, removing bloatware, and preventing many digital and physical attacks on a system. This script aims to automate the configurations recommended by those organizations.