Tips-Of-Mine/Harden-Sysvol
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
32 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Dakhama mehdi 6cc6e0e86b
Update README.md
2024-10-25 16:46:00 +02:00
Pictures
Add files via upload
2024-09-27 16:06:13 +02:00
file_extensions.xml
Add files via upload
2024-05-24 21:46:15 +02:00
LICENSE
Initial commit
2024-05-14 15:22:35 +02:00
README.md
Update README.md
2024-10-25 16:46:00 +02:00

README.md

Hardensysvol - Ensure the security of your AD

License: MIT PowerShell Status: In Progress PowerShell Gallery PowerShell Gallery Version

Support This Project : ❤️/paypalme/mdunca13

🚧 Project Status: In Progress

⚠️ This project is currently under construction. Features may change, and some functionality might be incomplete. Please feel free to test it and report any issues or suggestions as we continue to improve it.

Description

Hardensysvol is a PowerShell module designed to enhance Active Directory (AD) security by analyzing and detecting threats within the Sysvol folder. It scans for sensitive keywords, identifies suspicious files, and generates a detailed HTML report for easier filtering.

Hardensysvol can be used for AD audits or pentesting, complementing existing solutions such as PingCastle, PurpleKnight, and GPOZaurr.

Key Features of Hardensysvol

Feature Description Supported File Types
Binary Comparison Analyzes and compares well-known binaries with the ability to extend to additional signatures to detect suspicious files. All binary types (EXE, DLL, MSI, etc.) with customizable signature extension.
Keyword Search Searches for sensitive keywords such as passwords and usernames across a wide variety of files. Pdf, docx, xlsx, doc, xls, pptx, ods, odt, odp, bat, reg, ps1, vbs, py, xml, and other scripts.
Certificate Verification Verifies certificates protected by password or containing exportable private keys. PFX, CER, DER, PEM, P7B certificates.
Steganography Analyzes images to detect hidden files by searching for file signatures like EXE, ZIP, etc. Images (JPEG, PNG, BMP, GIF, etc.) and hidden files (EXE, MSI, ZIP, RAR, 7z).

Requirements

  • PowerShell: 5.1 or higher.
  • Permissions: The tool can be run by any standard account on the domain.
  • Compatibility: Works with Windows Server environments and Windows 10/11

Installation

Install via PowerShell Gallery

To install directly from PowerShell Gallery, run:

Magic number default check :

doc, xls, msi, ppt, vsd, docx, xlsx, pptx, odp, ods, jar, odt, zip, ott, vsdx, exe, dll, rar, zip, 7z, png, pdf, jpg, jpeg, gif, tif, ico, class, msu, cab, bmp, p7b, p7c, cer, pfx, der, pem, p7b, otf, webp, mp3, gz, tar, jp2, rtf

Default extensions support :

bat, bmp, cab, class, csproj, config, csv, cer, der, doc, docx, dll, exe, gif, gz, html, ico, ini, jar, jpg, jpeg, jp2, msi, msu, mp3, odp, ods, odt, otf, ott, p7b, p7c, pdf, pfx, png, pol, pptx, ppt, py, ps1, psm1, rar, rdp, reg, rtf, tar, tif, txt, vbs, xls, xlsx, xml, vbsx, webp, zip, 7z

Default pattern check :

accesskey, auth, credentials, cred, identifiant, mdp, mdpass, motdepasse, private-key, pwd, secret, ssh-key, token, login, apikey, password, securestring, SHA-1, SHA-256, SHA-512, net user

Description
No description provided
Readme 4 MiB
Languages
PowerShell 100%