Skip to content

Commit

Permalink
Update HardeningKitty to release 0.9.0
Browse files Browse the repository at this point in the history
  • Loading branch information
0x6d69636b committed Dec 29, 2022
1 parent 1278edb commit 10367df
Show file tree
Hide file tree
Showing 42 changed files with 2,703 additions and 1,037 deletions.
294 changes: 294 additions & 0 deletions HardeningKitty.psd1

Large diffs are not rendered by default.

677 changes: 569 additions & 108 deletions Invoke-HardeningKitty.ps1 → HardeningKitty.psm1

Large diffs are not rendered by default.

59 changes: 43 additions & 16 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,63 +6,79 @@ _HardeningKitty_ supports hardening of a Windows system. The configuration of th

The script was developed for English systems. It is possible that in other languages the analysis is incorrect. Please create an issue if this occurs.

## How to run
## How to Run

Run the script with administrative privileges to access machine settings. For the user settings it is better to execute them with a normal user account. Ideally, the user account is used for daily work.

Download _HardeningKitty_ and copy it to the target system (script and lists). After that HardeningKitty can be imported and executed:
Download _HardeningKitty_ and copy it to the target system (script and lists). Then HardeningKitty can be imported and executed:

```powershell
PS C:\tmp> Import-Module .\Invoke-HardeningKitty.ps1
PS C:\tmp> Import-Module .\HardeningKitty.psm1
PS C:\tmp> Invoke-HardeningKitty -EmojiSupport
=^._.^=
_( )/ HardeningKitty 0.6.1-1628003775
_( )/ HardeningKitty 0.9.0-1662273740
[*] 8/7/2021 7:27:04 AM - Starting HardeningKitty
[*] 9/4/2022 8:54:12 AM - Starting HardeningKitty
[*] 8/7/2021 7:27:04 AM - Getting machine information
[*] 9/4/2022 8:54:12 AM - Getting user information
[*] Hostname: DESKTOP-DG83TOD
[*] Domain: WORKGROUP
...
[*] 8/7/2021 7:27:09 AM - Starting Category Account Policies
[*] [*] 9/4/2022 8:54:12 AM - Starting Category Account Policies
[😺] ID 1103, Store passwords using reversible encryption, Result=0, Severity=Passed
[😺] ID 1100, Account lockout threshold, Result=10, Severity=Passed
[😺] ID 1101, Account lockout duration, Result=30, Severity=Passed
...
[*] 8/7/2021 7:27:09 AM - Starting Category User Rights Assignment
[*] 9/4/2022 8:54:12 AM - Starting Category User Rights Assignment
[😿] ID 1200, Access this computer from the network, Result=BUILTIN\Administrators;BUILTIN\Users, Recommended=BUILTIN\Administrators, Severity=Medium
...
[*] 8/7/2021 7:27:12 AM - Starting Category Administrative Templates: Printer
[*] 9/4/2022 8:54:14 AM - Starting Category Administrative Templates: Printer
[🙀] ID 1764, Point and Print Restrictions: When installing drivers for a new connection (CVE-2021-34527), Result=1, Recommended=0, Severity=High
[🙀] ID 1765, Point and Print Restrictions: When updating drivers for an existing connection (CVE-2021-34527), Result=2, Recommended=0, Severity=High
...
[*] 8/7/2021 7:27:19 AM - Starting Category MS Security Guide
[*] 9/4/2022 8:54:19 AM - Starting Category MS Security Guide
[😿] ID 2200, LSA Protection, Result=, Recommended=1, Severity=Medium
[😼] ID 2201, Lsass.exe audit mode, Result=, Recommended=8, Severity=Low
...
[*] 8/7/2021 7:27:48 AM - HardeningKitty is done
[*] 8/7/2021 7:27:48 AM - Your HardeningKitty score is: 4.82. HardeningKitty Statistics: Total checks: 325 - Passed: 213, Low: 33, Medium: 76, High: 3.
[*] 9/4/2022 8:54:25 AM - HardeningKitty is done
[*] 9/4/2022 8:54:25 AM - Your HardeningKitty score is: 4.82. HardeningKitty Statistics: Total checks: 325 - Passed: 213, Low: 33, Medium: 76, High: 3.
```

## How To Install

First create the directory *HardeningKitty* and for every version a sub directory like *0.9.0* in a path listed in the *PSModulePath* environment variable.

Copy the module *HardeningKitty.psm1*, *HardeningKitty.psd1*, and the *lists* directory to this new directory.

```powershell
PS C:\tmp> $Version = "0.9.0"
PS C:\tmp> New-Item -Path $Env:ProgramFiles\WindowsPowerShell\Modules\HardeningKitty\$Version -ItemType Directory
PS C:\tmp> Copy-Item -Path .\HardeningKitty.psd1,.\HardeningKitty.psm1,.\lists\ -Destination $Env:ProgramFiles\WindowsPowerShell\Modules\HardeningKitty\$Version\ -Recurse
```

For more information see Microsoft's article [Installing a PowerShell Module](https://docs.microsoft.com/en-us/powershell/scripting/developer/module/installing-a-powershell-module).

## Examples

### Audit

HardeningKitty performs an audit, saves the results in a CSV file and creates a log file. The files are automatically named and receive a timestamp. Using the parameters _ReportFile_ or _LogFile_, it is also possible to assign your own name and path.
HardeningKitty performs an audit, saves the results in a CSV file and creates a log file. The files are automatically named and receive a timestamp. Using the parameters _ReportFile_ or _LogFile_, it is also possible to assign your own name and path.

The _Filter_ parameter can be used to filter the hardening list. For this purpose the PowerShell ScriptBlock syntax must be used, for example `{ $_.ID -eq 4505 }`. The following elements are useful for filtering: ID, Category, Name, Method, and Severity.

```powershell
Invoke-HardeningKitty -Mode Audit -Log -Report
Expand All @@ -74,10 +90,16 @@ HardeningKitty can be executed with a specific list defined by the parameter _Fi
Invoke-HardeningKitty -FileFindingList .\lists\finding_list_0x6d69636b_user.csv -SkipMachineInformation
```

HardeningKitty ready only the setting with the default list, and saves the results in a specific file
HardeningKitty uses the default list, and saves the results in a specific file.

```powershell
Invoke-HardeningKitty -Mode Config -Report -ReportFile C:\tmp\my_hardeningkitty_report.csv
```

HardeningKitty uses the default list, and checks only tests with the severity Medium.

```powershell
Invoke-HardeningKitty -Mode Config -Report -ReportFile C:\tmp\my_hardeningkitty_report.log
Invoke-HardeningKitty -Filter { $_.Severity -eq "Medium" }
```

### Backup
Expand Down Expand Up @@ -176,11 +198,16 @@ HardeningKitty can be used to audit systems against the following baselines / be
| Microsoft Security baseline for Microsoft Edge | 95 | Final |
| Microsoft Security baseline for Microsoft Edge | 96 | Final |
| Microsoft Security baseline for Microsoft Edge | 97 | Final |
| Microsoft Security baseline for Microsoft Edge | 98, 99, 100, 101, 102, 103, 104 | Final |
| Microsoft Security baseline for Microsoft Edge | 98, 99, 100, 101, 102, 103, 104, 105, 106 | Final |
| Microsoft Security baseline for Microsoft Edge | 107, 108 | Final |
| Microsoft Security baseline for Windows 10 | 2004 | Final |
| Microsoft Security baseline for Windows 10 | 20H2, 21H1 | Final |
| Microsoft Security baseline for Windows 10 | 21H2 | Final |
| Microsoft Security baseline for Windows 10 (Machine) | 22H2 | Final |
| Microsoft Security baseline for Windows 10 (User) | 22H2 | Final |
| Microsoft Security baseline for Windows 11 | 21H2 | Final |
| Microsoft Security baseline for Windows 11 (Machine) | 22H2 | Final |
| Microsoft Security baseline for Windows 11 (User) | 22H2 | Final |
| Microsoft Security baseline for Windows Server (DC) | 2004 | Final |
| Microsoft Security baseline for Windows Server (Member) | 2004 | Final |
| Microsoft Security baseline for Windows Server (DC) | 20H2 | Final |
Expand Down
Loading

0 comments on commit 10367df

Please sign in to comment.