New Update Defender Hardening Console (part of Hawk Eye Analysis Platform)

[Gandalf_The_Grey]

Interesting project
I tried the easy settings, beginner, documents & work and got an exclamation mark in Microsoft Defender because of App & Browser Control was turned off.
Probably because Microsoft wants Unwanted App Blocker to be enabled.
Something to change in your scripts?

 

[Trident]

I am reviewing the entire configuration to create a NeverChange profile which is what it says.

It will add protection and won’t ever need to be changed.

@Gandalf_The_Grey I will review that, thanks.

 

[rashmi]

@Trident, How about "Tri"dent Security—Defender + Firewall + System—hardening with a beautiful portable interface? You are excellent at designing interfaces. I prefer an interface; it simplifies management, allows quick reverts, and offers flexible feature control.

 

[Trident]

Update released:
-Added config and pdf export.
-Added config import
-Added impact on scan management (pre-configured with profiles)
-Added one-click script generation and copy to remove all firewall rules
-Added NeverChange (r) profile
-Fixed a UI bug where the explanation board for the rules did not persist and was causing items to move up and down
-Fixed script logical flaws
-Fixed a typo in one of the rules
-PUA protection on for all configurations

 

[pytroman86]

HEAT - Defender Hardening Console

Hello,

I am excited to announce the official release of Defender Hardening Console (part of HEAP).

The Hawk Eye Analysis Platform which I am working on is a set of tools for malware analysis and cleanup.

The Defender Hardening Console takes a proactive stance by hardening the built-in Windows security in a user-fiendly way.

No tools/downloads are required, the project generates PowerShell code which simply needs to be copy/pasted per the instructions.

Special care has been taken for any hardening to not be overdone.

The online console offers the following benefits:
-Enable hidden Microsoft Defender features which bring it on par with the big dogs
-Learn more about the built-in security
-Harden the antivirus and firewall, all in one go.
-Block frequently exploited tools from establishing network connections
-Block common ports used and abused by malware

What does the future hold for this project?
-I've obtained a large set of bot/botnet information, I will use AI to study it and better block ports
-UI improvements (I have obsession with UIs)
-Quick cleanup - Orion Malware Cleaner (which will now be renamed to Hawk Eye Analysis Tool) proved that it is possible to effectively run heuristics in PowerShell.
Very basic cleanup of several locations Defender will not take care of will be added to the console and to the copy/pasted script.
-Standalone firewall hardening compatible with third-party AVs based on Windows Filtering Platform

The script generated has been tested on Windows 11 with Microsoft Defender and Defender Firewall enabled and with latest updates installed.

View attachment 292177View attachment 292178View attachment 292180

hello !

Is this software or Windows Defender hardening compatible with H_C etc.?



What makes it better?



Is it free?

 

[Trident]

hello !

Is this software or Windows Defender hardening compatible with H_C etc.?



What makes it better?



Is it free?

Hello and thank you for your interest.

The project is designed to fit within my set of platforms and tools that I am releasing.

Whereas Hawk Eye Analysis Tool is a damage and malware cleanup/repair tool, the Hardening Console aims to prevent damage from ever happening.

It is not a copy/clone of any project, it is designed so my offerings are 360-degree complete. Coming up next is ScamGuard, suitable for the elderly.

How is it better?
I think it is way easier to use and boosts security without causing damage, performance overhead and so on.
The NeverChange profile is suitable for beginners, so they get better security, without having to play with the settings on a weekly basis.

It will be compatible with any tool that does not block PowerShell execution, but I recommend that no additional hardening is applied, otherwise it will become difficult in case of issue, to trace which hardener is responsible.

I strongly recommend that no additional tampering with settings is performed, other than the one provided by the console. Home users don’t need their systems locked down like a fortress. Such configurations do more harm than good.

The project is free and will always be free.

 

[Halp2001]

@Trident


Hi Trident,

Thank you for sharing your work with the community. It’s clear that you’ve put a lot of time and effort into developing the Defender Hardening Console, and I truly appreciate that you’ve made it freely available to everyone.

As someone without advanced technical knowledge, I especially value how the project is designed to make security easier without unnecessary complications. Your practical approach makes it much more accessible for people like me to improve our system’s protection.

I appreciate your dedication and the fact that you continue to improve this tool with such care. It’s a meaningful contribution for anyone who wants to keep their system secure without having to dive into complex settings.

 

[simmerskool]

Coming up next is ScamGuard, suitable for the elderly.

 

[Gandalf_The_Grey]

Is there an error in the generated scripts?
Since the latest update they do not run/finish on my laptop.

 

[Trident]

Is there an error in the generated scripts?
Since the latest update they do not run/finish on my laptop.

I am working on an update to be released tonight.

 

[Trident]

Is there an error in the generated scripts?
Since the latest update they do not run/finish on my laptop.

The update is now complete.

 

[Gandalf_The_Grey]

The update is now complete.

Yes, the scripts work again

 

[Trident]

Hawk Eye Analysis | AI-Powered Cybersecurity Suite

Free AI-powered security tools. Antivirus, browser protection, firewall control, and more. No data collected, ever.

win.hea-p.com

Branding page now published

 

[oldschool]

There is that side of it too, but isn't there a portable version of Configure Defender that doesn't run in the background?

There is only one version of CD, and it's always been portable.

 

[EASTER]

Hawk Eye Analysis | AI-Powered Cybersecurity Suite

Free AI-powered security tools. Antivirus, browser protection, firewall control, and more. No data collected, ever.

win.hea-p.com

Branding page now published

BOOKMARKED!

Comprehensive Feature-Strong and as clear as day.

 

[simmerskool]

excellent -- what is tailwindcss.com -- just curious

 

[Trident]

excellent -- what is tailwindcss.com -- just curious

It’s a well known framework that allows customising items in html through individual utility classes. It allows to speed up the development a lot compared to defining css for every item individually.

Tailwind CSS - Rapidly build modern websites without ever leaving your HTML.

Tailwind CSS is a utility-first CSS framework for rapidly building modern websites without ever leaving your HTML.

tailwindcss.com

 

[outlawxtorn]

Awesome work!

 

[lokamoka820]

Excellent work. I have a question: Is the "Quarantine Removal Delay" parameter defined by Windows, and does this code modify or add the value?

I'm asking because I've noticed that quarantined items persist for a long time, and I wish there was a way to delete them when I need them, or, say, after 30 days.

Thank you.

 

[Trident]

Excellent work. I have a question: Is the "Quarantine Removal Delay" parameter defined by Windows, and does this code modify or add the value?

I'm asking because I've noticed that quarantined items persist for a long time, and I wish there was a way to delete them when I need them, or, say, after 30 days.

Thank you.

Thanks!

The default for Windows is 90 days.

By specifying 0 as value, quarantined items are kept indefinitely and will have to be manually managed.

This is the line that manages that set to 0 (manual management)
Set-MpPreference -QuarantinePurgeItemsAfterDelay 0