Harden-Windows-Security

2022.12.26.2

Features of this Hardening script:

-Always up-to-date and works with latest build of Windows (Currently Windows 11 - compatible and fully tested a Lot on stable and Insider Dev builds)
-Doesn't break anything
-Doesn't remove or disable Windows functionlities against Microsoft's recommendation
-Above each command there are comments that explain what it does, why i
Features of this Hardening script:

-Always up-to-date and works with latest build of Windows (Currently Windows 11 - compatible and fully tested a Lot on stable and Insider Dev builds)
-Doesn't break anything
-Doesn't remove or disable Windows functionlities against Microsoft's recommendation
-Above each command there are comments that explain what it does, why it's there, provide extra important information about it and links to additional resources for better understanding
-When a hardening command is no longer necessary because it's applied by default by Microsoft on new builds of Windows, it will also be removed from this script in order to prevent any problems and because it won't be necessary anymore.
-The script can be run infinite number of times, it's made in a way that it won't make any duplicate changes at all.



Hardening Categories from top to bottom:

 Commands that require Administrator Privileges
 -Windows Security aka Defender
 -Attack surface reduction rules
 -Bitlocker Settings
 -TLS Security
 -Lock Screen
 -UAC (User Account Control)
 -Device Guard
 -Windows Firewall
 -Optional Windows Features
 -Windows Networking
 -Miscellaneous Configurations
Commands that don't require Administrator Privileges
 -Non-Admin Commands that only affect the current user and do not make machine-wide changes.




🎯 if you have any questions, requests, suggestions etc. about this script, please open a new discussion in Github:

https://github.com/HotCakeX/Harden-Windows-Security/discussions

Show more
The owner has unlisted this package. This could mean that the script is deprecated or shouldn't be used anymore.

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Script -Name Harden-Windows-Security -RequiredVersion 2022.12.26.2

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

2023

Package Details

Author(s)

  • HotCakeX

Tags

Windows Hardening Security Bitlocker Defender Firewall Edge Protection

Functions

ModifyRegistry Test-IsAdmin Compare-SecureString Firewallblock

Dependencies

This script has no dependencies.

Release Notes

Version 2022.12.8: Improved the script
Version 2022.12.9: Configured LSASS process to run as a protected process with UEFI Lock
Version 2022.12.9.1: Added new icon for the script
Version 2022.12.10: Enabled ECH (Encrypted Client Hello of TLS) feature for Edge browser
Version 2022.12.25: Entirely changed and organized the script's style to be easier to read and find commands
Version 2022.12.26: Further improved the script with explanatory comments and improved the Optional Windows Features section
Version 2022.12.26.1: Significantly improved Bitlocker script block, logic and style
Version 2022.12.26.2: Optimized the script by performing registry modifications using a function and saved 600 lines of code

FileList

Version History

Version Downloads Last updated