Skip to content

Null-bin/ScriptsPowershell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
AD_Audit_Report.ps1
AD_Audit_Report.ps1
 
 
AdminActivityReport.ps1
AdminActivityReport.ps1
 
 
AdminReport.ps1
AdminReport.ps1
 
 
AjusteFirewall.ps1
AjusteFirewall.ps1
 
 
AnonynousLinkActivityReport.ps1
AnonynousLinkActivityReport.ps1
 
 
AplicarPolíticasSeguranca.ps1
AplicarPolíticasSeguranca.ps1
 
 
AppCertsAndSecretsExpiryNotification.ps1
AppCertsAndSecretsExpiryNotification.ps1
 
 
AppRegistrationsWithExpiringCertAndSecrets.ps1
AppRegistrationsWithExpiringCertAndSecrets.ps1
 
 
AuditDLPRuleMatches.ps1
AuditDLPRuleMatches.ps1
 
 
AuditDeletedEmails.ps1
AuditDeletedEmails.ps1
 
 
AuditEmailDeletionsInSharedMB.ps1
AuditEmailDeletionsInSharedMB.ps1
 
 
AuditEntraAppOperations.ps1
AuditEntraAppOperations.ps1
 
 
AuditExternalUserActivity.ps1
AuditExternalUserActivity.ps1
 
 
AuditFileAccess.ps1
AuditFileAccess.ps1
 
 
AuditFileActivities.ps1
AuditFileActivities.ps1
 
 
AuditFileDeletion.ps1
AuditFileDeletion.ps1
 
 
AuditFileDownloads.ps1
AuditFileDownloads.ps1
 
 
AuditGroupMembershipChanges.ps1
AuditGroupMembershipChanges.ps1
 
 
AuditM365UserCreations (1).ps1
AuditM365UserCreations (1).ps1
 
 
AuditM365UserCreations.ps1
AuditM365UserCreations.ps1
 
 
AuditMSTeamsChannelCreations.ps1
AuditMSTeamsChannelCreations.ps1
 
 
AuditMailboxPermissionChanges.ps1
AuditMailboxPermissionChanges.ps1
 
 
AuditPIMRoleActivations.ps1
AuditPIMRoleActivations.ps1
 
 
AuditSPOFolderActivities.ps1
AuditSPOFolderActivities.ps1
 
 
AuditSPOGroupMembershipChanges.ps1
AuditSPOGroupMembershipChanges.ps1
 
 
AuditSendAsEmails.ps1
AuditSendAsEmails.ps1
 
 
AuditSharedMailboxActivities.ps1
AuditSharedMailboxActivities.ps1
 
 
AuditTeamsFileSharingActivities.ps1
AuditTeamsFileSharingActivities.ps1
 
 
AuditTeamsMeetings.ps1
AuditTeamsMeetings.ps1
 
 
AuditTeamsMembershipChanges.ps1
AuditTeamsMembershipChanges.ps1
 
 
AuditUserAccountStatusChanges.ps1
AuditUserAccountStatusChanges.ps1
 
 
Auditoria_ADDC.ps1
Auditoria_ADDC.ps1
 
 
AutoArchiveInactiveTeams.ps1
AutoArchiveInactiveTeams.ps1
 
 
AutomateCompromisedAccountRemediation.ps1
AutomateCompromisedAccountRemediation.ps1
 
 
AutomateSignatureInOutlook.ps1
AutomateSignatureInOutlook.ps1
 
 
BlockExternalEmailForwarding.ps1
BlockExternalEmailForwarding.ps1
 
 
BlockSigninForSharedAndResourceMailbox.ps1
BlockSigninForSharedAndResourceMailbox.ps1
 
 
BreakGlassAccountActivityAlert.ps1
BreakGlassAccountActivityAlert.ps1
 
 
CheckMFAStatus.ps1
CheckMFAStatus.ps1
 
 
Coleta de informações de Disco Salvar em Share.ps1
Coleta de informações de Disco Salvar em Share.ps1
 
 
ConnectExchangeOnlinePowerShell.ps1
ConnectExchangeOnlinePowerShell.ps1
 
 
ConnectMSGraphCertificate.ps1
ConnectMSGraphCertificate.ps1
 
 
ConnectMgGraph.ps1
ConnectMgGraph.ps1
 
 
ConnectO365Services.ps1
ConnectO365Services.ps1
 
 
ConvertDLToM365Group.ps1
ConvertDLToM365Group.ps1
 
 
ConvertUserMailboxToSharedMailbox.ps1
ConvertUserMailboxToSharedMailbox.ps1
 
 
CopyMembersandOwnersfromDL.ps1
CopyMembersandOwnersfromDL.ps1
 
 
DLsWithExternalUsers.ps1
DLsWithExternalUsers.ps1
 
 
DeleteInactiveUsers.ps1
DeleteInactiveUsers.ps1
 
 
DeleteOlderEmails.ps1
DeleteOlderEmails.ps1
 
 
DesabilitarProtocolosLegados.ps1
DesabilitarProtocolosLegados.ps1
 
 
DirectLicenseCleanup.ps1
DirectLicenseCleanup.ps1
 
 
DisableSelfServicePurchase.ps1
DisableSelfServicePurchase.ps1
 
 
DocumentLibraryReport.ps1
DocumentLibraryReport.ps1
 
 
EmailForwardingReport.ps1
EmailForwardingReport.ps1
 
 
EnableMBAuditLogging.ps1
EnableMBAuditLogging.ps1
 
 
EnableMFAforAdmins.ps1
EnableMFAforAdmins.ps1
 
 
ExportCAPolicies.ps1
ExportCAPolicies.ps1
 
 
ExternalSharingReport.ps1
ExternalSharingReport.ps1
 
 
ExternalUserFileAccessReport.ps1
ExternalUserFileAccessReport.ps1
 
 
ExternalWarningRule.ps1
ExternalWarningRule.ps1
 
 
FindExpiredAnyoneLinks.ps1
FindExpiredAnyoneLinks.ps1
 
 
FindGroupsWithLicense.ps1
FindGroupsWithLicense.ps1
 
 
FindInactiveDistributionLists.ps1
FindInactiveDistributionLists.ps1
 
 
FindInactiveTeams.ps1
FindInactiveTeams.ps1
 
 
FindM365LicenseAssignmentPath.ps1
FindM365LicenseAssignmentPath.ps1
 
 
FindOrphanedTeams.ps1
FindOrphanedTeams.ps1
 
 
FindTeamsChannelsWithExternalMembers.ps1
FindTeamsChannelsWithExternalMembers.ps1
 
 
FindUnusedM365Licenses.ps1
FindUnusedM365Licenses.ps1
 
 
FindWhoSentEmailFromSharedMailbox.ps1
FindWhoSentEmailFromSharedMailbox.ps1
 
 
GetAllAnonymousLinks.ps1
GetAllAnonymousLinks.ps1
 
 
GetAllOffice365EmailAddresses.ps1
GetAllOffice365EmailAddresses.ps1
 
 
GetAllSharingLinks.ps1
GetAllSharingLinks.ps1
 
 
GetAppsCertificatesAndSecrets.ps1
GetAppsCertificatesAndSecrets.ps1
 
 
GetArchiveMailboxSize.ps1
GetArchiveMailboxSize.ps1
 
 
GetAzureADDevicesReport.ps1
GetAzureADDevicesReport.ps1
 
 
GetDistributionGroupMembers.ps1
GetDistributionGroupMembers.ps1
 
 
GetDistributionGroups.ps1
GetDistributionGroups.ps1
 
 
GetDistributionGroups_UserIsMemberOf.ps1
GetDistributionGroups_UserIsMemberOf.ps1
 
 
GetDynamicDistributionGroupMembers.ps1
GetDynamicDistributionGroupMembers.ps1
 
 
GetEnterpriseAppsReport.ps1
GetEnterpriseAppsReport.ps1
 
 
GetEntraFailedSignIns.ps1
GetEntraFailedSignIns.ps1
 
 
GetEntraSigninLogs.ps1
GetEntraSigninLogs.ps1
 
 
GetEntraUsersDetails.ps1
GetEntraUsersDetails.ps1
 
 
GetFileVersionHistoryReport.ps1
GetFileVersionHistoryReport.ps1
 
 
GetInboxRulesWithExternalForwarding.ps1
GetInboxRulesWithExternalForwarding.ps1
 
 
GetM365InactiveUserReport.ps1
GetM365InactiveUserReport.ps1
 
 
GetM365ManagerAndDirectReports.ps1
GetM365ManagerAndDirectReports.ps1
 
 
GetMB_NonAuditedActions.ps1
GetMB_NonAuditedActions.ps1
 
 
GetMFAStatus.ps1
GetMFAStatus.ps1
 
 
GetMFAStatusReport.ps1
GetMFAStatusReport.ps1
 
 
GetMailboxAutoReplyConfiguration.ps1
GetMailboxAutoReplyConfiguration.ps1
 
 
GetMailboxCalendarPermissions.ps1
GetMailboxCalendarPermissions.ps1
 
 
GetMailboxFolderPermissionReport.ps1
GetMailboxFolderPermissionReport.ps1
 
 
GetMailboxFolderStatisticsReport.ps1
GetMailboxFolderStatisticsReport.ps1
 
 
GetMailboxPermission.ps1
GetMailboxPermission.ps1
 
 
GetMailboxSizeReport.ps1
GetMailboxSizeReport.ps1
 
 
GetMailboxUsageAndQuotaReport.ps1
GetMailboxUsageAndQuotaReport.ps1
 
 
GetMailboxes.ps1
GetMailboxes.ps1
 
 
GetNestedDistributionGroupMembers.ps1
GetNestedDistributionGroupMembers.ps1
 
 

Repository files navigation

🛡️ Golden Image Hardening Scripts (Windows)

Este pacote contém scripts PowerShell para criação de uma Golden Image Windows endurecida (CIS Baseline / Microsoft Security Baseline).
O objetivo é padronizar uma imagem inicial segura para servidores ou estações de trabalho, reduzindo a superfície de ataque.

📦 Scripts incluídos

Script Função
01-Remove-UnnecessaryServices.ps1 Desabilita serviços desnecessários e reduz superfície de ataque.
02-Apply-SecurityPolicies.ps1 Aplica políticas de senha, bloqueio de conta e auditoria conforme recomendações CIS.
03-Enable-Logging.ps1 Habilita logging avançado e prepara instalação do Sysmon com configuração segura.
04-Set-Firewall.ps1 Reforça o firewall do Windows (bloqueio inbound por padrão e regras ajustadas).
05-Disable-LegacyProtocols.ps1 Desativa protocolos legados (SMB1, NTLMv1) e exige NLA no RDP.

▶️ Como usar

  1. Preparar a VM

    • Instale o Windows “limpo” (Server ou Client).
    • Atualize o sistema (Windows Update).

  2. Executar os scripts

    • Abra o PowerShell como Administrador.
    • Execute cada script nessa ordem: 
      Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass
.\01-Remove-UnnecessaryServices.ps1
.\02-Apply-SecurityPolicies.ps1
.\03-Enable-Logging.ps1
.\04-Set-Firewall.ps1
.\05-Disable-LegacyProtocols.ps1
    • Reinicie se necessário.

  3. Validar hardening

    • Revise logs no Event Viewer.
    • Confira Sysmon instalado com sysmonconfig.xml personalizado.
    • Teste conectividade e permissões de acordo com seu ambiente.

  4. Capturar a Golden Image

    • Após validar, rode o sysprep ou capture o template no Hyper-V, VMware ou Azure.
    • Use esta imagem como base para novas VMs.

🔒 Notas de Segurança

  • Ajuste a lista de serviços a desabilitar conforme suas necessidades (ex.: se usar SNMP, não desabilite).
  • Substitua a configuração do Sysmon (sysmonconfig.xml) por uma adequada ao seu ambiente.
  • Combine com GPOs ou Microsoft Security Compliance Toolkit para reforço adicional.
  • Em ambientes Azure, complemente com Defender for Endpoint e Intune Security Baselines.

📝 Benefícios

  • Redução de superfície de ataque.
  • Configuração consistente e auditável.
  • Acelera o provisionamento seguro de servidores e estações.

📚 Referências

Scripts fornecidos como exemplo, sem garantias. Adapte conforme seu ambiente.

About

Scripts de Powershell

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages