{"id":13710171,"url":"https://github.com/simeononsecurity/.NET-STIG-Script","last_synced_at":"2025-05-06T18:34:23.402Z","repository":{"id":48817599,"uuid":"288601992","full_name":"simeononsecurity/.NET-STIG-Script","owner":"simeononsecurity","description":"The only script to assist administrators in completing the .NET STIG. ","archived":false,"fork":false,"pushed_at":"2024-07-26T22:56:01.000Z","size":78,"stargazers_count":8,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-23T06:36:52.545Z","etag":null,"topics":["administrators","automation","compliance","microsoft","netframework","powershell","stig","stigs"],"latest_commit_sha":null,"homepage":"https://simeononsecurity.com/guides/mastering-dotnet-framework-4-security-best-practices","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simeononsecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["simeononsecurity"],"custom":["https://simeononsecurity.com","https://simeononsecurity.com/recommendhome","https://simeononsecurity.com/affiliate","https://twitter.com/simeonsecurity","https://discord.io/cybersentinels"]}},"created_at":"2020-08-19T01:22:21.000Z","updated_at":"2024-07-26T22:56:04.000Z","dependencies_parsed_at":"2024-01-14T22:03:44.739Z","dependency_job_id":"2d06de1b-3529-426f-bfc7-0a0e8213dc91","html_url":"https://github.com/simeononsecurity/.NET-STIG-Script","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2F.NET-STIG-Script","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2F.NET-STIG-Script/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2F.NET-STIG-Script/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2F.NET-STIG-Script/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simeononsecurity","download_url":"https://codeload.github.com/simeononsecurity/.NET-STIG-Script/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252744945,"owners_count":21797709,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["administrators","automation","compliance","microsoft","netframework","powershell","stig","stigs"],"created_at":"2024-08-02T23:00:52.663Z","updated_at":"2025-05-06T18:34:22.891Z","avatar_url":"https://github.com/simeononsecurity.png","language":"PowerShell","funding_links":["https://github.com/sponsors/simeononsecurity","https://simeononsecurity.com","https://simeononsecurity.com/recommendhome","https://simeononsecurity.com/affiliate","https://twitter.com/simeonsecurity","https://discord.io/cybersentinels"],"categories":["Application STIG Automation","Application Hardening"],"sub_categories":[],"readme":"# Automate the .NET Framework STIG\n\n[![Sponsor](https://img.shields.io/badge/Sponsor-Click%20Here-ff69b4)](https://github.com/sponsors/simeononsecurity) [![VirusTotal Scan](https://github.com/simeononsecurity/.NET-STIG-Script/actions/workflows/virustotal.yml/badge.svg)](https://github.com/simeononsecurity/.NET-STIG-Script/actions/workflows/virustotal.yml)\n\nApplying the .NET STIG is definitely not straightforward. For many administrators it can take hours to fully implement on a single system. This script applies the required registry changes and modifies the machine.config file to implement FIPS and other controls as required.\n\n## Notes:\n\nThis script can not and will not ever get the .NET stig to 100% compliance. Right now, as is, it stands to complete roughly 75% of the checks and does go back and complete the applicable checks on all previous .NET versions.\n\nManual intervention is required for any .NET application or IIS Site.\n\n## Ansible:\nWe now offer a playbook collection for this script. Please see the following:\n- [Github Repo](https://github.com/simeononsecurity/Windows_STIG_Ansible)\n- [Ansible Galaxy](https://galaxy.ansible.com/simeononsecurity/windows_stigs)\n\n## Requirements: \n- [X] Windows 7, Windows Server 2008 or newer\n- [X] Testing in your environment before running on production systems. \n\n## STIGS/SRGs Applied:\n\n- [Microsoft .Net Framework 4 V1R9](https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_DotNet_Framework_4-0_V1R9_STIG.zip)\n\n## Sources:\n\n- [Add from one XML data to another existing XML file](http://www.maxtblog.com/2012/11/add-from-one-xml-data-to-another-existing-xml-file/)\n- [Caspol.exe (Code Access Security Policy Tool)](https://docs.microsoft.com/en-us/dotnet/framework/tools/caspol-exe-code-access-security-policy-tool)\n- [Microsoft .NET Framework Documentation](https://docs.microsoft.com/en-us/dotnet/framework/)\n- [PowerShell $PSScriptRoot](https://riptutorial.com/powershell/example/27231/-psscriptroot)\n- [PowerShell: Run command from script's directory](https://stackoverflow.com/questions/4724290/powershell-run-command-from-scripts-directory)\n- [Powershell XML importnode from different file](https://stackoverflow.com/questions/9944885/powershell-xml-importnode-from-different-file)\n\n## Download the required files\n\nYou may download the required files from the [GitHub Repository](https://raw.githubusercontent.com/simeononsecurity/.NET-STIG-Script/)\n\n## How to run the script\n\n**The script may be launched from the extracted GitHub download like this:**\n\n## How to run the script\n### Manual Install:\nIf manually downloaded, the script must be launched from an administrative powershell in the directory containing all the files from the [GitHub Repository](https://github.com/simeononsecurity/.NET-STIG-Script)\n```powershell\nSet-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force\nGet-ChildItem -Recurse *.ps1 | Unblock-File\n.\\sos-.net-4-stig.ps1\n```\n### Automated Install:\nUse this one-liner to automatically download, unzip all supporting files, and run the latest version of the script.\n```powershell\niwr -useb 'https://simeononsecurity.ch/scripts/sosdotnet.ps1'|iex\n```\n\u003ca href=\"https://simeononsecurity.ch\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\n  \u003ch2\u003eExplore the World of Cybersecurity\u003c/h2\u003e\n\u003c/a\u003e\n\u003ca href=\"https://simeononsecurity.ch\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\n  \u003cimg src=\"https://simeononsecurity.ch/img/banner.png\" alt=\"SimeonOnSecurity Logo\" width=\"300\" height=\"300\"\u003e\n\u003c/a\u003e\n\n### Links:\n- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)\n- #### [simeononsecurity.ch](https://simeononsecurity.ch)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimeononsecurity%2F.NET-STIG-Script","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimeononsecurity%2F.NET-STIG-Script","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimeononsecurity%2F.NET-STIG-Script/lists"}