Windows Hardning

Hardening¶

A collection of scripts for activating Microsoft products using HWID / KMS38 / Online KMS activation methods with a focus on open-source code, less antivirus detection and user-friendliness.

Microsoft Baseline Security Analyzer
Attack Surface Analyzer

Windows Hardening Script
Hardentools is a utility that disables a number of risky Windows features.

DevSec Hardening Framework
https://gist.github.com/jaredhaight/e88b4323adce06395dace501841d3075

Memory Detection¶

Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).

Windows Server¶

Active Directory Security Practices

Logging¶

HELK

Group Policy¶

Find security-related misconfigurations in Active Directory Group Policy.

Relay Attacks¶

https://www.truesec.com/hub/blog/mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-adv210003-kb5005413-petitpotam