Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/A-mIn3/WINspect
Powershell-based Windows Security Auditing Toolbox
https://github.com/A-mIn3/WINspect
Last synced: about 1 month ago
JSON representation
Powershell-based Windows Security Auditing Toolbox
- Host: GitHub
- URL: https://github.com/A-mIn3/WINspect
- Owner: A-mIn3
- License: gpl-2.0
- Created: 2017-08-10T15:10:10.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2019-01-09T12:56:57.000Z (almost 6 years ago)
- Last Synced: 2024-08-01T19:37:03.823Z (4 months ago)
- Language: PowerShell
- Size: 141 KB
- Stars: 571
- Watchers: 57
- Forks: 116
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - A-mIn3/WINspect - Powershell-based Windows Security Auditing Toolbox (PowerShell)
README
## Description
WINspect is part of a larger project for auditing different areas of Windows environments.
It focuses on enumerating different parts of a Windows machine to identify security weaknesses
and point to components that need further hardening.
## Features
This current version of the script supports the following features :
- Checking for installed security products.
- Checking for DLL hijackability (Authenticated Users security context).
- Checking for User Account Control settings.
- Checking for unattended installs leftovers.
- Enumerating world-exposed local filesystem shares.
- Enumerating domain users and groups with local group membership.
- Enumerating registry autoruns.
- Enumerating local services that are configurable by Authenticated Users group members.
- Enumerating local services for which corresponding binary is writable by Authenticated Users group members.
- Enumerating non-system32 Windows Hosted Services and their associated DLLs.
- Enumerating local services with unquoted path vulnerability.
- Enumerating non-system scheduled tasks.## TODO-LIST
- Local Security Policy controls.
- Administrative shares configs.
- User-defined COM.
- Suspicious loaded DLLs.
- Established/listening connections.
- Exposed GPO scripts.## Supported Powershell Version
This version was tested in a powershell v2.0 environment.
## Contributions
You are welcome to contribute and suggest any improvements.
If you want to point to an issue, Please [file an issue](https://github.com/A-mIn3/WINspect/issues).## Direct contributions
Fork the repository && File a pull request && You are good to go ;)
## Need HelpIf you have questions or need further guidance on using the tool, please [file an issue](https://github.com/A-mIn3/WINspect/issues).
## License
This project is licensed under The GPL terms.