Automates forensic investigation, threat eradication, system hardening, and privacy fortification on Windows systems. Provides real-time progress bars for visibility throughout each security stage.
- Full forensic sweep: WMI, scheduled tasks, services, startup registry, users, event logs & more
- Finds and eradicates common persistence and backdoor mechanisms
- Applies Windows updates, hardens system policies, enforces encryption
- Enhances privacy and security settings for future use
- Visual loading bar shows progress at every stage
- Windows 10/11 or Server (Admin rights required)
- PowerShell 5.1 or later
- Internet connection (for module installations and updates)
- (Optional) BitLocker-compatible hardware for encryption steps
-
Clone or download this repository
git clone https://github.com/i-devr-com/windows-security-ops-script cd windows-security-ops-script -
Review the script
- Open
SecOps-Automation.ps1in an editor - (Optional) Edit removal/disabling sections as needed for your environment
-
Open PowerShell as Administrator
-
Run the script Set-ExecutionPolicy RemoteSigned .\SecOps-Automation.ps1
You will see a real-time progress bar for each major security stage. Execution may take several minutes depending on system state.
- Review All Outputs
- Collected artifacts and analysis results are saved as text files in the current directory
- Review these for manual follow-up or incident response as appropriate
- Customization highly recommended:
The removal/eradication section is template-based—adapt to match known bad artifacts/processes after performing initial detection. - Restoration & hardening actions may cause reboots or service interruptions.
- BitLocker:
Activating encryption will require a reboot. Back up your recovery key. - Test in a lab before deploying on production or business-critical systems.
Open to PRs and community feedback!
Raise issues or improvements via GitHub Issues.
Stay safe, stay secured.
