The project started as a simple hardening list for Windows After some time, HardeningKitty was created to simplify the hardening of Windows. And of course my own hardening list. This is a hardening checklist that can be used in private and business environments for hardening Windows The checklist can be used for all Windows versions, but in Windows 10 Home the Group Policy Editor is not integrated and the adjustment must be done directly in the registry.
For this, there is the HailMary mode from HardeningKitty. The settings should be seen as security and privacy recommendation and should be carefully checked whether they will affect the operation of your infrastructure or impact the usability of key functions. It is important to weigh security against usability. The project started with the creation of a simple hardening checklist for Windows With the development of the HailMary mode, it will also be possible to apply settings of any Hardening Checklist on a Windows system.
Policy Analzyer reads out and compares local registry and local policy values to a defined baseline. The PolicyRule file from aha contains all rules which are needed to check Group Policy and Registry settings that are defined in the Windows 10 Hardening checklist. Policy Analyzer supports the hardening checklist up to version 0. Policy Analyzer is not able to query all values of the hardening checklist.
With the development of HardeningKittythe support of Policy Analyzer has become obsolete. There will no longer be a new version of the PolicyRule file. HardeningKitty supports hardening of a Windows system.
The configuration of the system is retrieved and assessed using a finding list. In addition, the system can be hardened according to predefined values. HardeningKitty reads settings windows 10 enterprise hardening guide free download the registry and uses other windows 10 enterprise hardening guide free download to read configurations outside the registry. The script was developed for English systems. It is possible that in other languages the analysis is incorrect. Please create an issue if this occurs.
The development of HardeningKitty happens in this repository. In the repository of scip AG is a stable version of HardeningKitty that has been signed with the code signing certificate of scip AG. This means that HardeningKitty can also be run on systems that only allow signed scripts. Run the script with administrative privileges to access machine settings. For the user settings it is better to execute them with a normal user account.
Ideally, the user account is used for daily work. Download HardeningKitty and copy it to the target system script and lists. Then HardeningKitty can be imported and executed:. HardeningKitty performs an audit, saves the results in a CSV file and creates a windows 10 enterprise hardening guide free download file. The files are automatically named and receive a timestamp. Using the parameters ReportFile or LogFileit is also possible to assign your own name and path.
HardeningKitty can be executed with a specific list defined by the parameter FileFindingList. If HardeningKitty is run several times on the same system, it may be useful to hide the machine information. The parameter SkipMachineInformation is used for this purpose. HardeningKitty ready only the setting with the windows 10 enterprise hardening guide free download list, and saves the results in a specific file. Backups are important. Really important.
Therefore, HardeningKitty also has a function to retrieve the current configuration and save it in a form that can be easily restored.
The Backup switch specifies that the file is written in form of a finding list and can thus be used for the HailMary mode. The name and path of the backup can be specified with the parameter BackupFile.
Please test this function to see if it really works properly on the target system before making any serious changes. The HailMary method is very windows 10 enterprise hardening guide free download. It can be used to deploy a finding list on a system.
All findings are set on this system as recommended in the list. With power comes responsibility. Please use this mode only if you know what you are doing. Be sure to have a backup of the system. Each Passed finding gives 4 points, a Low finding gives 2 points, a Medium finding gives 1 point and a High Finding gives 0 points.
The tool can be used to create your own lists and provides additional information on the hardening settings. The source code is under AGPL license and there is a demo site. Skip to content. Star Branches Tags. Could not load branches.
Could not load tags. Latest commit. Git windows 10 enterprise hardening guide free download commits. Failed to load latest commit information. Nov 16, Add language warning and update machine information. Oct 30, Initial commit.
Oct 23, Add Security Baseline Edge Oct 29, Update Policy Analyzer content. Feb 13, View code. Policy Analyzer deprecated Policy Analzyer reads out and compares local registry and local policy values to a defined baseline. HardeningKitty Windows 10 enterprise hardening guide free download supports hardening of a Windows system.
Signed version The development of HardeningKitty happens in this repository. How to run Run the script with administrative privileges to access machine settings.
About Windows Hardening settings and configurations Topics windows checklist security registry powershell audit windows hardening defense blueteam windows-hardening policy-analyzer. MIT License. Releases 10 v. May 17, Packages 0 Windows 10 enterprise hardening guide free download packages published.
Contributors You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window.