This is a collection of configuration files that are great starting points. I have tried to include mostly files related to securing different protocols in different ways however that is not always what is needed so I have included some insecure configuations such as in the file smb.conf.
- tmux.conf Configuration file that can be used to start your Tmux configuration
- 1-ConfigureWindowsFTPS-CreateFTP-UsersAndGroup.ps1 This script is meant to be run on a Domain Controller. It creates an FTP users and administrators group
- 2-ConfigureWindowsFTPS-ConfigureFTPoverSSLserver.ps1 This script is meant to be run on a Windows Server 2019 FTPS server hosted through IIS
- StartupScriptDisableNetBIOSandLMHO This script is meant to be run as a startup script in a domain environment to ensure NetBIOS and LLMNR are disabled
- smb.conf Anonymous SMB access Not Secure This Samba configuration file is one I used while performing offensive attacks, hosting payloads over SMB. DO NOT use this as a main configuration for any SMB servers in an enviornment as it is purposefully insecure
- ccpd-config.yml This configuration file is used to provide a template that allows you to use LDAP over SSL authentication with CIS-CAT Pro Dashboard (CCPD) when it is hosted on a Window Server. The documentation on their site does not cover how to define this values when hosted on a Windows Server so I made the info readily available.
- cronjob-vsftpd-cert-expires.sh Script can be used as a cronjob that runs once a year to replace expired certificates used by VSFTPD or whatever service you wish to modify this too
- sshd_config Great starting place for configuring SSH in a secure manner. I have included/centralized setting descriptors for anyone who may not be familiar with the protocol
- vsftpd.conf Anonymous Downloads FTP configuration for securely allowing anonymous users to only download files from a server
- vsftpd.conf Anonymous Uploads FTP configuration for securely allowing anonymous users to only upload files to a server
- vsftpd.conf for FTP over SSL FTP configuration for securely allowing authenticated users to upload or download files to an FTP server
- Harden-Windows10.ps1 Script that can be used to harden a Windows 10 operating system on a single computer. Not recommended for domain environments as the settings should be applied differently in a domain situation.