https://me.harvester.fr/tags/gpo/GPOHugoBlox Kit (https://hugoblox.com)en-usSun, 26 May 2024 00:00:00 +0000https://me.harvester.fr/media/icon_hu_59c72f5082cfcb9b.pnghttps://me.harvester.fr/tags/gpo/https://me.harvester.fr/project/docker-admxlint/Sun, 26 May 2024 00:00:00 +0000https://me.harvester.fr/project/docker-admxlint/<p><strong>docker-admxlint</strong> packages the C++ <code>admx-lint</code> validator tool into a lightweight, CI/CD-ready Docker image. This container allows system administrators and policy engineers to validate custom Administrative Templates (<code>.admx</code>) and language resource files (<code>.adml</code>) against official Microsoft XML Schema Definitions (XSD) without having to manually build or run dependencies locally.</p> <p>It is particularly useful for pipeline automation when building custom GPO baselines.</p> <h3 id="key-use-cases--features">Key Use Cases &amp; Features</h3> <ul> <li><strong>Schema Compliance:</strong> Verifies namespace structures, element definitions, and category mappings against official Group Policy schemas.</li> <li><strong>Pipeline Integration:</strong> Easily integrate ADMX lint checks into GitHub Actions, GitLab CI, or custom DevSecOps pipelines.</li> <li><strong>Zero Local Setup:</strong> Eliminates the need to configure build environments or C++ compilers on local development workstations.</li> </ul> <h3 id="quick-usage">Quick Usage</h3> <p>Run the linter on your ADMX files by mounting your templates folder into the container:</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">docker run --rm -v <span class="k">$(</span><span class="nb">pwd</span><span class="k">)</span>/policies:/workspace harvester57/docker-admxlint:latest /workspace </span></span></code></pre></div>https://me.harvester.fr/project/exploit-protection-policy/Wed, 22 May 2024 00:00:00 +0000https://me.harvester.fr/project/exploit-protection-policy/<p><strong>Exploit-Protection-policy</strong> provides a production-hardened Exploit Protection (EP) policy tailored for Windows 10 and Windows 11 systems. It combines multiple industry-standard security baselines with advanced restrictions to maximize security without breaking compatibility with everyday applications.</p> <p>This policy has been tested in air-gapped systems to protect endpoints from advanced threat vectors while maintaining productivity.</p> <h3 id="merged-security-baselines">Merged Security Baselines</h3> <ul> <li><strong>DISA STIG</strong> Exploit Protection v3.</li> <li><strong>Microsoft Security Baseline</strong> Exploit Protection policy (specifically aligned for enterprise systems).</li> <li><strong>milgradesec&rsquo;s</strong> custom Exploit Protection rule configurations.</li> </ul> <h3 id="key-protections-enforced">Key Protections Enforced</h3> <ul> <li><strong>System-Wide Mitigations:</strong> Enforces fundamental protections such as Control Flow Guard (CFG), Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Heap Protection by default.</li> <li><strong>Advanced Payload Controls:</strong> Restricts execution vectors using Export Address Filtering (EAF/EAF+), Import Address Filtering (IAF), and Return-Oriented Programming (ROP) mitigations.</li> <li><strong>Image &amp; Code Integrity Restrictions:</strong> Blocks loading of low-integrity or remote images, preventing malicious library injection.</li> <li><strong>Application-Specific Tuning:</strong> Includes pre-configured exceptions and application rules to balance high-security containment with software compatibility.</li> </ul>