DSCEA is a scanning engine for processing Test-DSCConfiguration results that provides the ability to scan an environment for compliance against a defined PowerShell DSC configuration. Visit https://microsoft.github.io/DSCEA for more information.

This Powershell module provides numerous security-related configurations, providing all-round basic protection.

A DSC resource for hardening Windows OS

Powershell resource for hardening Windows Server OS

Universal Policy Engine for Security Auditing and Enforcement. Supports MacroLevel filtering, Registry/Service/Feature rules, and comprehensive compliance reporting.

ArgosCCF (formerly CCF) is a professional PowerShell framework for secure configuration, logging, plugin management, and parallel execution. Designed for high-integrity automation and security hardening.

Dargslan.WinLocalGPO — Windows Local Group Policy editor toolkit — security options audit, user rights assignment, audit policy configuration, and local policy export (2026 Edition)

Windows security hardening audit toolkit — CIS benchmark checks, UAC status, BitLocker, Windows Defender, audit policy, and security scoring

Windows security remediation toolkit — common hardening fixes, quick remediation actions, baseline enforcement, and compliance repair

Audit Windows local users and the Administrators group: members, dormant accounts, Guest state, unknown SIDs.

Audit IIS bindings, SChannel TLS protocols, weak ciphers and app pool identities. JSON / HTML report.

Audit Windows Firewall profiles and rules. Detect risky Allow Any Any rules, disabled profiles and GPO overrides. JSON / HTML compliance report.

Audit Windows Firewall rules and network security policies — Part of the Dargslan Windows Admin Tools collection. More at https://dargslan.com

Audit Microsoft Defender configuration, ASR rule state, exclusions and tamper protection. JSON / HTML compliance report.

Audit Windows services for unquoted paths, weak ACLs and risky service accounts. JSON / HTML report.

Audit NTFS ACLs on a directory tree: Everyone / Authenticated Users excessive rights, broken inheritance, orphaned SIDs.

Check Windows kernel version and installed hotfixes — Part of the Dargslan Windows Admin Tools collection. More at https://dargslan.com

Audit Windows Print Spooler exposure (PrintNightmare): spooler state, Point-and-Print restrictions, unsigned drivers, package install policy.

Windows OS hardening assessment toolkit — CIS benchmark checks, STIG compliance, security baseline scoring, and hardening recommendations

Comprehensive Windows security posture analysis and attack surface assessment tool. Covers 23 security categories including hardware security (TPM/VBS/Secure Boot), BitLocker, Microsoft Defender ASR rules, exploit protection, privacy settings, network security, remote access, WSL, PowerShell security, authentication policy, scheduled tasks, and Win... More info