CyberPolice

An epic windows securing and hardening script
Log | Files | Refs | README

README.md (3104B)

      1 # CyberPolice (CyberPatriotScripts)
      2 ### Intro
      3 This script is for mainly for windows. It runs a bunch of hardening processes.<br />
      4 This script is supposed to be used for automation of system hardening.<br />
      5 This script was made for Cyber Patriot competition but can be used for other uses like system forensics and hardening.
      6 
      7 ### Useage
      8 Run `CyberPolice.bat` as Administrator
      9 
     10 #### Functions
     11 ```checkfiles``` (searches for specified extentions and words, outputs all to a log)<br />
     12 ```usermgmtff``` ([how this works](#user))<br />
     13 ```userprop``` (sets properties for users that is secure, like expiring passwords and change on login)<br />
     14 ```services``` (logs services on machine, disabled specific services set in `FirewallRulesOFF.txt`)<br />
     15 ```firewall``` (turns on firewall, disables set firewall rules in `Auto.txt`, `Disabled.txt`, `Manual.txt`)<br />
     16 ```features``` (turns off specified Windows features in `BadWinFeatures.txt`)<br />
     17 ```passwordPol``` (sets secure password policy)<br />
     18 ```audit``` (sets secure audit policy)<br />
     19 ```lockout``` (sets secure lockout policy)<br />
     20 ```rdp``` (turns rdp on/off and sets policies to allow for rdp on/off)<br />
     21 ```power``` (sets power settings)<br />
     22 ```sessions``` (checks for remote sessions and logs it)<br />
     23 ```shares``` (logs current shares, prompts user to edit shares)<br />
     24 ```checkdns``` (logs dns and hosts file, clears them afterwards)<br />
     25 ```uac``` (turns on UAC)<br />
     26 ```backuplsp``` (backs up current local security policy)<br />
     27 ```lsp``` (sets local security policy based one ones in/put in `ConfigFiles\lgpoTemplates`)<br />
     28 ```regharden``` (sets settings in the registy that are specified `RegistyHardenData.txt`)<br />
     29 ```verifysys``` (runs `sfc /verifyonly`)<br />
     30 ```auto``` (runs all functions in logical order)
     31 
     32 ### Tested OS'
     33 | Windows Version   | Tested | 
     34 | ------------- |---------------| 
     35 | Windows Server 2019 | No | 
     36 | Windows Server 2016 | Yes |
     37 | Windows Server 2012 | No |
     38 | Windows Server 2008 | No |
     39 | Windows 10     | Yes |
     40 | Windows 8.1 | No | 
     41 | Windows 8 | No |
     42 | Windows 7 | No |
     43 | Windows Vista | No |
     44 | Windows XP | No |
     45 
     46 ### Config Files
     47 
     48 Some config files allow for commenting with `#` as the first line<br />
     49 Files that allow for commenting:<br />
     50 ```RegistryHardenData.txt```<br />
     51 ```FirewallRulesOFF.txt```
     52 
     53 Most config files you just put the name of the object you want to change in the text file that applies to that object
     54 
     55 `RegistyHardenData.txt` useage<br />
     56 To enter a registry change do the following (with ":" included)<br />
     57 ```Path:Key:Variable:Value```<br />
     58 Example:<br />
     59 ```HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon:AutoAdminLogon:REG_DWORD:0```
     60 
     61 ### <a name="user"></a> User Config
     62 The `PasteUsersHere.txt` is to be copy and pasted from the Cyber Patriot competition README (or made yourself)<br />
     63 Example:
     64 ```Authorized Administrators:
     65 bwayne (you)
     66 	password: !@mBatM@n!
     67 jgordon
     68 	password: BaRbr@
     69 apennyworth
     70 	password: WayN3$
     71 tdrake
     72 	password: T1tANsGo!
     73 bgordon
     74 	password: password
     75 Authorized Users:
     76 hbullock
     77 lfox
     78 harold
     79 hstrange
     80 jtodd
     81 twayne
     82 dwayne
     83 skyle