Windows and macOS Hardening Interface to make security more accessible.

Overview

Work in progress label PHP Linting Deploy website

Welcome to the Hardening Interface

Introduction

To use HardeningKitty service more easily, we have created an interface which permits better understanding of Windows security policies. Also, this interface allows you to generate a CSV file for the purpose of auditing or applying a configuration.

Moreover, it works on macOS with HardeningDoggy based on HardeningKitty.

This web-interface use php, therefore, it's necessary to run it on serveur environnement like MAMP or similar.

You can also try this interface through a demo.

How can I use it ?

On windows

All details about HardeningKitty is on this repository : https://github.com/0x6d69636b/windows_hardening

How can I use HardeningKitty ?

  1. Download the HardeningKitty script here
  2. Import the ps1 script :
Import-Module .\Invoke-HardeningKitty.ps1

How can I run HardeningKitty audit mode ?

  1. Download your CSV file configuration
  2. Run this command :
Invoke-HardeningKitty -Mode Audit -FileFindingList <file.csv>

How can I save my configuration ?

  1. Download your CSV file configuration
  2. Run this command :
Invoke-HardeningKitty -Mode Config -FileFindingList <file.csv> -Backup

How can I apply a configuration ?

  1. Download your CSV file configuration
  2. Run this command :
Invoke-HardeningKitty -Mode HailMary -FileFindingList <file.csv>

On macOS

All details about HardeningDoggy is on this repository : https://github.com/ataumo/macos_hardening

How can I use HardeningDoggy ?

  1. Download the HardeningKitty script here
  2. Run the bash script :
./doggy.sh

How can I run HardeningDoggy audit mode ?

  1. Download your CSV file configuration
  2. Run this command :
./doggy.sh -a -file <file.csv>

How can I apply a configuration ?

  1. Download your CSV file configuration
  2. Run this command :
./doggy.sh -r -file <file.csv>

Would you like to see more about this project ?

You can see this to understand how the interface works.

Comments
  • Issue for Newcommers | Error when deployed on Windows

    Issue for Newcommers | Error when deployed on Windows

    If deployed with XAMPP on a Windows machine you are likely to get an error message. I would advise you to run the tool on a Linux machine if you don't have the corresponding PHP skills to fix the error yourself.

    opened by Higgs-CH 1
  • Change uix impact of 1727 policy

    Change uix impact of 1727 policy

    It may impact the user, for example use more bandwith, download updates faster...

    Source : https://docs.microsoft.com/en-us/windows/deployment/update/waas-delivery-optimization

    enhancement 
    opened by RomainL972 1
  • clear guide to setup interface help

    clear guide to setup interface help

    Hello, would it be possible to make a guide on how to install the interface from A to Z,

    and how to use it with hardening kitty

    because the instructions are not simple

    thank you very much

    documentation 
    opened by pm51000 6
  • "Broken links" in Realse 2.0

    Downloaded The Project over the Releases Tab and got the Version 2.0. After connecting to my local host I had problems loading the Windows Interfaces Site. After taking a look at the corresponding index.php I found out that the file should be located int the "policies_hardening_interface/interface/windows" instead of "policies_hardening_interface-2. 0.0/interface/windows" after renaming the directory appropriately it worked like a charm.

    bug 
    opened by Higgs-CH 0
  • Windows Interface not working in current realease

    Windows Interface not working in current realease

    The Windows interface is no longer working in the latest version. I took a look and at least the Categories & table.php are completely missing. And the index.php is pretty much empty. Had to revert to the Realese 2.0 version to get it to work.

    bug 
    opened by Higgs-CH 0
Releases(v2.0.0)
Owner
ataumo
ataumo
Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Graham Campbell 170 Nov 20, 2022
A multitool library offering access to recommended security related libraries, standardised implementations of security defences, and secure implementations of commonly performed tasks.

SecurityMultiTool A multitool library offering access to recommended security related libraries, standardised implementations of security defences, an

Pádraic Brady 131 Oct 30, 2022
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.

Floe design + technologies 654 Dec 28, 2022
The Security component provides a complete security system for your web application.

Security Component The Security component provides a complete security system for your web application. It ships with facilities for authenticating us

Symfony 1.2k Jan 1, 2023
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap

null 752 Jan 3, 2023
Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSRF tokens.

Security Component - CSRF The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSR

Symfony 1.5k Jan 3, 2023
A database of PHP security advisories

PHP Security Advisories Database The PHP Security Advisories Database references known security vulnerabilities in various PHP projects and libraries.

null 1.9k Dec 18, 2022
A php.ini scanner for best security practices

Scanner for PHP.ini The Iniscan is a tool designed to scan the given php.ini file for common security practices and report back results. Currently it

psec.io 1.5k Dec 5, 2022
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials.

Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.

Symfony 1.5k Dec 28, 2022
FunboxEasy - Proving Grounds - Offensive Security

FunboxEasy - Proving Grounds - Offensive Security

Hafiizh Ghulam 1 Oct 28, 2021
Php Security Class

Security Advanced Security Class for Php Features Secure From XSS, CSRF, SQL Injection, BASE64, RFI, LFI, Command Injection, Block Suspicious Request

Ömer Faruk Demirel 5 Dec 2, 2022
PHP frontend for security.symfony.com

SensioLabs Security Checker WARNING: Don't use this piece of software anymore as the underlying web service will stop working at the end of January 20

SensioLabs 2k Dec 25, 2022
Security advisories as a simple composer exclusion list, updated daily

Roave Security Advisories This package ensures that your application doesn't have installed dependencies with known security vulnerabilities. Installa

Roave, LLC 2.5k Jan 5, 2023
Security Component - Guard

The Guard component brings many layers of authentication together, making it much easier to create complex authentication systems where you have total control.

Symfony 1.4k Jan 5, 2023
Security issues for Magento have left a big question mark in the community of online stores

Magento 2 Security extension FREE. Security extension gives store owners the ability to detect the IP addresses that are intentionally attacking their store at any given time. Therefore, they have timely measures to prevent this issue such as blocking those IP addresses or sending warning emails to store owners.

Mageplaza 40 Apr 1, 2022
Web page performance/seo/security/accessibility analysis, browser-less for PHP

Web page performance/seo/security/accessibility analysis, browser-less for PHP

Lightship 5 Dec 15, 2022
Github Action which checks Security issues scanning package manager files

security-checker-action This action checks your composer.lock for known vulnerabilities in your package dependencies. Inputs lock optional The path to

Druid 0 May 5, 2022
A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryption, digital signing and message authentication.

PHP Encryption A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryp

null 19 Dec 31, 2022