Free-Friday 10/3/25

By /

So, I decided to start scripting for windows for cyberpatriot, working on a couple on things;

First, I opened the checklist on Github to see what to look for, then used copilot for extra help when i was confused.

# For windows

# Use PowerShell to open the official Microsoft Defender page in the default browser
powershell.exe Start-Process "https://www.microsoft.com/en-us/windows/comprehensive-security"


# Replace "Ethernet" with the name of your adapter
powershell.exe -Command "Disable-NetAdapterBinding -Name 'Ethernet' -ComponentID 'ms_tcpip6'"

# Stop SSDP Discovery Service (UPnP)
Stop-Service -Name SSDPSRV -Force

# Disable SSDPSRV from starting automatically
Set-Service -Name SSDPSRV -StartupType Disabled

# Block port 1900 (UDP) via Windows Firewall
New-NetFirewallRule -DisplayName "Block UPnP Port 1900" `
    -Direction Inbound `
    -Protocol UDP `
    -LocalPort 1900 `
    -Action Block

# List all Windows optional features and their current state
Get-WindowsOptionalFeature -Online | Select-Object FeatureName, State

# Save as check_features.ps1
Get-WindowsOptionalFeature -Online | Select-Object FeatureName, State
powershell.exe -ExecutionPolicy RemoteSigned -File check_features.ps1
# List current shares

Get-SmbShare | Where-Object {$_.Name -in @("Admin$", "IPC$", "C$")}

# Optional: Remove shares (use with caution)
# Remove-SmbShare -Name "Admin$" -Force
# Remove-SmbShare -Name "IPC$" -Force
# Remove-SmbShare -Name "C$" -Force

# Optional: Recreate shares (if removed)
# New-SmbShare -Name "Admin$" -Path "C:\Windows" -FullAccess "Administrators" -Description "Admin share"
# New-SmbShare -Name "IPC$" -Path "C:\Windows" -FullAccess "Administrators" -Description "IPC share"
# New-SmbShare -Name "C$" -Path "C:\" -FullAccess "Administrators" -Description "Default C drive share"

Set-ExecutionPolicy RemoteSigned -Scope Process
.\manage_admin_shares.ps1
# Check current firewall status
Write-Host "Checking firewall status..."
Get-NetFirewallProfile | Select-Object Name, Enabled

# Enable firewall for all profiles
Write-Host "Enabling firewall for all profiles..."
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

# Optional: Disable firewall (use with caution)
# Write-Host "Disabling firewall for all profiles..."
# Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False

# Create a custom inbound rule to block port 1900 (UPnP)
Write-Host "Blocking port 1900 (UPnP)..."
New-NetFirewallRule -DisplayName "Block UPnP Port 1900" `
    -Direction Inbound `
    -Protocol UDP `
    -LocalPort 1900 `
    -Action Block

# List all custom firewall rules
Write-Host "Listing custom firewall rules..."
Get-NetFirewallRule | Where-Object {$_.Group -eq ""} | Select-Object Name, Enabled, Direction, Action
Set-ExecutionPolicy RemoteSigned -Scope Process
.\firewall_settings.ps1

This is my script for windows so far, but I plan to work on Linux for myself next time

(Still doing my research, hopefully I’m some-wat prepared for this in 3 weeks.)

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top