SEC-AUDIT – PowerShell Script for Security Configuration Audit

SEC-AUDIT is a powershell script that checks for various security settings / controls / policies applied on the host machine. The script also tells what the recommended value of a setting / control / policy should be according to known security standards.

This script comes in handy in situations where running automated configuration audit tools like Nipper or Nessus (with configuration audit policy configured) is not allowed.

SEC-AUDIT - PowerShell Script for Security Configuration Audit
SEC-AUDIT – PowerShell Script for Security Configuration Audit

The script can be used to evaluate your windows infrastructure and see if there are any missed compliance requirement. To run the script you can do the following:

  1. Open PowerShell with Administrator privileges.
  2. Before executing the script ensure that the PowerShell Script Execution Policy is set to Unrestricted.
  3. This can be done by running the command “Set-ExecutionPolicy Unrestricted -Force” in PowerShell.
  4. Navigate to the script directory and run the script. (.\SEC-AUDIT-(Secure).ps1).
  5. Once the script execution is complete, the output can be found in the script directory itself.

After running the script user will have General information this will include the timestamp for executing the script, Server information , Internet explorer information, Network configuration, Local account information such as password policy , Local group policy information , User settings and a full host configuration requirement such as renaming administrator account or disabling guest account and more.

You can read more and download the PS script over here: https://github.com/Sikkandar-Sha/SEC-AUDIT

Share