-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathWindowsQuickScan_src.cs
131 lines (112 loc) · 5.18 KB
/
WindowsQuickScan_src.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
// $t@$h - This script quickly scans Windows host for obvious holes
// This script does NOT require Admin privileges
// This script does NOT modify your system IN ANY WAY. Enjoy
using Microsoft.Win32;
using System.Management;
using NetFwTypeLib;
public class SecurityPostureCheckApp
{
[STAThread]
static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
// Scanners
CheckSecureBoot();
CheckWindowsFirewall();
CheckWindowsDefender();
CheckAntivirusStatus();
CheckWindowsUpdateStatus();
CheckUACStatus();
CheckFirewallProfiles();
}
static void CheckSecureBoot()
{
var secureBootKey = Registry.LocalMachine.OpenSubKey(@"SYSTEM\CurrentControlSet\Control\SecureBoot\State");
var secureBootValue = secureBootKey?.GetValue("UEFISecureBootEnabled");
string message = secureBootValue != null && (int)secureBootValue == 1
? "Secure Boot is enabled."
: "Secure Boot is NOT enabled!! Enabling it is HIGHLY recommended for security.";
MessageBox.Show(message, "Secure Boot Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
static void CheckWindowsFirewall()
{
try
{
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
bool isFirewallEnabled = firewallPolicy.get_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_DOMAIN)
&& firewallPolicy.get_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PRIVATE)
&& firewallPolicy.get_FirewallEnabled(NET_FW_PROFILE_TYPE2_.NET_FW_PROFILE2_PUBLIC);
string message = isFirewallEnabled ? "Windows Firewall is active." : "Windows Firewall is NOT active.";
MessageBox.Show(message, "Windows Firewall Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception e)
{
MessageBox.Show($"Error checking Windows Firewall: {e.Message}", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
static void CheckWindowsDefender()
{
var defenderKey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows Defender");
var defenderValue = defenderKey?.GetValue("DisableAntiSpyware");
string message = defenderValue != null && (int)defenderValue == 0
? "Windows Defender is enabled."
: "Windows Defender is NOT enabled. It's recommended to enable Windows Defender for protection.";
MessageBox.Show(message, "Windows Defender Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
static void CheckAntivirusStatus()
{
try
{
using (var searcher = new ManagementObjectSearcher(@"\\" + Environment.MachineName + @"\root\SecurityCenter2", "SELECT * FROM AntivirusProduct"))
{
var antivirusProducts = searcher.Get();
var message = antivirusProducts.Count > 0 ? "Antivirus protection is active." : "No active antivirus protection found.";
MessageBox.Show(message, "Antivirus Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
catch
{
MessageBox.Show("Error checking antivirus status.", "Antivirus Check", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
static void CheckWindowsUpdateStatus()
{
var updateKey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU");
var auOptions = updateKey?.GetValue("AUOptions");
string message = auOptions != null && (int)auOptions == 4
? "Automatic Windows Updates are enabled."
: "Automatic Windows Updates are NOT enabled. It's recommended to enable automatic updates for security.";
MessageBox.Show(message, "Windows Update Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
static void CheckUACStatus()
{
var uacKey = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System");
var enableLua = uacKey?.GetValue("EnableLUA");
string message = enableLua != null && (int)enableLua == 1
? "User Account Control (UAC) is enabled."
: "User Account Control (UAC) is NOT enabled. It's recommended to enable UAC for added security.";
MessageBox.Show(message, "UAC Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
static void CheckFirewallProfiles()
{
try
{
string firewallEnabledMessage = "Firewall Status:\n";
using (var firewallSearcher = new ManagementObjectSearcher(@"root\StandardCimv2", "SELECT * FROM MSFT_NetFirewallProfile"))
{
foreach (ManagementObject obj in firewallSearcher.Get())
{
string profileName = obj["Name"].ToString();
UInt16 enabled = (UInt16)obj["Enabled"];
firewallEnabledMessage += $"{profileName} Profile: {(enabled == 1 ? "Enabled" : "Disabled")}\n";
}
}
MessageBox.Show(firewallEnabledMessage, "Firewall Profile Check", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
catch (Exception e)
{
MessageBox.Show($"Error check firewall profiles: {e.Message}", "Firewall Profile Check", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
}