Script Updates

This commit is contained in:
simeononsecurity
2021-04-10 00:03:18 -05:00
parent b6698632bb
commit ba5409d2e5
4 changed files with 121 additions and 124 deletions

View File

@@ -133,9 +133,7 @@ if [ ! -f vmware.bin ]; then
fi fi
# libncursew5 is required for console installation. Install the package if not # libncursew5 is required for console installation. Install the package if not
# already present on the system. # already present on the system.
if ! dpkg-query -W -f='${Status}' libncurses5-dev \ if ! dpkg-query -W -f='${Status}' libncurses5-dev | grep "ok installed"; then sudo apt install libncurses5-dev libncursesw5-dev --quiet --yes --no-install-recommends
| grep "ok installed"; then
sudo apt install libncurses5-dev libncursesw5-dev --quiet --yes --no-install-recommends
fi fi
# Install VMware Workstation Pro # Install VMware Workstation Pro
sudo sh ./vmware.bin \ sudo sh ./vmware.bin \

View File

@@ -3,7 +3,7 @@ Start-Job -Name "Install and Configure Chocolatey" -ScriptBlock {
# Setting up directories for values # Setting up directories for values
Set-ExecutionPolicy Bypass -Scope Process -Force Set-ExecutionPolicy Bypass -Scope Process -Force
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
choco feature enable -n=allowGlobalConfirmation choco feature enable -n=allowGlobalConfirmation
choco feature enable -n=useFipsCompliantChecksums choco feature enable -n=useFipsCompliantChecksums
choco feature enable -n=useEnhancedExitCodes choco feature enable -n=useEnhancedExitCodes
@@ -20,7 +20,7 @@ Start-Job -Name "Install and Configure Chocolatey" -ScriptBlock {
Add-WUServiceManager -ServiceID 7971f918-a847-4430-9279-4a52d1efe18d -Confirm:$false Add-WUServiceManager -ServiceID 7971f918-a847-4430-9279-4a52d1efe18d -Confirm:$false
Install-WindowsUpdate -MicrosoftUpdate -AcceptAll Install-WindowsUpdate -MicrosoftUpdate -AcceptAll
Get-WuInstall -AcceptAll -IgnoreReboot Get-WuInstall -AcceptAll -IgnoreReboot
} }
} }
Start-Job -Name "Installing Browsers" -Scriptblock { Start-Job -Name "Installing Browsers" -Scriptblock {
@@ -42,7 +42,7 @@ Start-Job -Name "Installing Administrative, Networking, and Security Tools " -Sc
Start-Job -Name "Installing Dev Tools" -Scriptblock { Start-Job -Name "Installing Dev Tools" -Scriptblock {
Write-Host "Installing Java" Write-Host "Installing Java"
choco install jre8 openjdk openjdk.portable choco install jre8 openjdk openjdk.portable
} }
Start-Job -Name "Installing Other Tools and Software" -Scriptblock { Start-Job -Name "Installing Other Tools and Software" -Scriptblock {
Write-host "Installing PatchMyPCHome" Write-host "Installing PatchMyPCHome"
@@ -61,7 +61,7 @@ Start-Job -Name "Installing Other Tools and Software" -Scriptblock {
Start-Job -Name "Configuring Windows - Optimizations And Debloating" -ScriptBlock { Start-Job -Name "Configuring Windows - Optimizations And Debloating" -ScriptBlock {
Write-Host "Configuring Windows - Optimizations, Debloating, and Hardening" Write-Host "Configuring Windows - Optimizations, Debloating, and Hardening"
New-Item "C:\" -Name "temp" -ItemType "directory" -Force New-Item "C:\" -Name "temp" -ItemType "directory" -Force
iex ((New-Object System.Net.WebClient).DownloadString('https://simeononsecurity.ch/scripts/windowsoptimizeanddebloat.ps1')) Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://simeononsecurity.ch/scripts/windowsoptimizeanddebloat.ps1'))
} }
Start-Job -Name "Customizations" -ScriptBlock { Start-Job -Name "Customizations" -ScriptBlock {

View File

@@ -21,13 +21,13 @@ Start-Job -Name "Install and Configure Chocolatey" -ScriptBlock {
Add-WUServiceManager -ServiceID 7971f918-a847-4430-9279-4a52d1efe18d -Confirm:$false Add-WUServiceManager -ServiceID 7971f918-a847-4430-9279-4a52d1efe18d -Confirm:$false
Install-WindowsUpdate -MicrosoftUpdate -AcceptAll Install-WindowsUpdate -MicrosoftUpdate -AcceptAll
Get-WuInstall -AcceptAll -IgnoreReboot Get-WuInstall -AcceptAll -IgnoreReboot
} }
} }
Start-Job -Name "Installing Optional Windows Features" -ScriptBlock { Start-Job -Name "Installing Optional Windows Features" -ScriptBlock {
#https://www.ghacks.net/2017/07/14/use-windows-powershell-to-install-optional-features/ #https://www.ghacks.net/2017/07/14/use-windows-powershell-to-install-optional-features/
#Enable-WindowsOptionalFeature -Online -FeatureName "" -All #Enable-WindowsOptionalFeature -Online -FeatureName "" -All
ForEach ($OptionalFeature in ("Client-ProjFS", "ClientForNFS-Infrastructure", "DataCenterBridging", "DirectoryServices-ADAM-Client", "Microsoft-Windows-Subsystem-Linux", "NFS-Administration", "ServicesForNFS-ClientOnly", "SimpleTCP", "WindowsMediaPlayer")){ ForEach ($OptionalFeature in ("Client-ProjFS", "ClientForNFS-Infrastructure", "DataCenterBridging", "DirectoryServices-ADAM-Client", "Microsoft-Windows-Subsystem-Linux", "NFS-Administration", "ServicesForNFS-ClientOnly", "SimpleTCP", "WindowsMediaPlayer")) {
Enable-WindowsOptionalFeature -Online -FeatureName "$OptionalFeature" -All -NoRestart -WarningAction SilentlyContinue | Out-Null Enable-WindowsOptionalFeature -Online -FeatureName "$OptionalFeature" -All -NoRestart -WarningAction SilentlyContinue | Out-Null
} }
@@ -48,7 +48,7 @@ Start-Job -Name "Installing Optional Windows Features" -ScriptBlock {
#https://www.powershellgallery.com/packages/PSWindowsUpdate/2.2.0.2 #https://www.powershellgallery.com/packages/PSWindowsUpdate/2.2.0.2
#https://www.powershellgallery.com/packages/SpeculationControl/1.0.14 #https://www.powershellgallery.com/packages/SpeculationControl/1.0.14
#https://www.powershellgallery.com/packages/xCertificate/3.2.0.0 #https://www.powershellgallery.com/packages/xCertificate/3.2.0.0
ForEach ($module in ("AnonUpload", "Carbon", "PoshInternals", "PowerShellGet", "PowerShellProTools", "PSWindowsUpdate", "ReportHTML","xCertificate")){ ForEach ($module in ("AnonUpload", "Carbon", "PoshInternals", "PowerShellGet", "PowerShellProTools", "PSWindowsUpdate", "ReportHTML", "xCertificate")) {
Update-Module -Name $module -Force Update-Module -Name $module -Force
Install-Module -Name $module -Force Install-Module -Name $module -Force
Import-Module -Name $module -Force Import-Module -Name $module -Force
@@ -153,9 +153,9 @@ Start-Job -Name "Configuring Windows - Optimizations, Debloating, and Hardening"
Start-Sleep 120 Start-Sleep 120
Write-Host "Configuring Windows - Optimizations, Debloating, and Hardening" Write-Host "Configuring Windows - Optimizations, Debloating, and Hardening"
New-Item "C:\" -Name "temp" -ItemType "directory" -Force New-Item "C:\" -Name "temp" -ItemType "directory" -Force
iwr -useb 'https://simeononsecurity.ch/scripts/windowsoptimizeandharden.ps1' | iex Invoke-WebRequest -useb 'https://simeononsecurity.ch/scripts/windowsoptimizeandharden.ps1' | Invoke-Expression
Start-Job -Name "System Wide Ad and Tracker Blocking" -ScriptBlock { Start-Job -Name "System Wide Ad and Tracker Blocking" -ScriptBlock {
iwr -useb 'https://raw.githubusercontent.com/simeononsecurity/System-Wide-Windows-Ad-Blocker/main/sos-system-wide-windows-ad-block.ps1' | iex Invoke-WebRequest -useb 'https://raw.githubusercontent.com/simeononsecurity/System-Wide-Windows-Ad-Blocker/main/sos-system-wide-windows-ad-block.ps1' | Invoke-Expression
} }
#Fix high performance timers to get better performance from Windows 10. #Fix high performance timers to get better performance from Windows 10.
bcdedit /deletevalue useplatformclock bcdedit /deletevalue useplatformclock
@@ -244,7 +244,7 @@ Start-Job -Name "Configuring Windows - Optimizations, Debloating, and Hardening"
powercfg -change -monitor-timeout-ac 15 powercfg -change -monitor-timeout-ac 15
#Enable Num Lock on logon and lock screen #Enable Num Lock on logon and lock screen
sp "HKU:\.DEFAULT\Control Panel\Keyboard" "InitialKeyboardIndicators" 2 Set-ItemProperty "HKU:\.DEFAULT\Control Panel\Keyboard" "InitialKeyboardIndicators" 2
#Enable Darkmode #Enable Darkmode
New-Item -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" -Force | Out-Null New-Item -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" -Force | Out-Null
@@ -328,7 +328,7 @@ Start-Job -Name "Configuring Windows - Optimizations, Debloating, and Hardening"
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" -Name "SearchboxTaskbarMode" -Type DWord -Value 0 Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" -Name "SearchboxTaskbarMode" -Type DWord -Value 0
#Removes Paint3D stuff from context menu #Removes Paint3D stuff from context menu
$Paint3Dstuff = @( $Paint3Dstuff = @(
"HKCR:\SystemFileAssociations\.3mf\Shell\3D Edit" "HKCR:\SystemFileAssociations\.3mf\Shell\3D Edit"
"HKCR:\SystemFileAssociations\.bmp\Shell\3D Edit" "HKCR:\SystemFileAssociations\.bmp\Shell\3D Edit"
"HKCR:\SystemFileAssociations\.fbx\Shell\3D Edit" "HKCR:\SystemFileAssociations\.fbx\Shell\3D Edit"
@@ -348,12 +348,11 @@ $Paint3Dstuff = @(
Set-Item $Paint3D $rmPaint3D Set-Item $Paint3D $rmPaint3D
} }
} }
}) }
Write-Host "Disabling Action Center..." Write-Host "Disabling Action Center..."
If (!(Test-Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer")) { If (!(Test-Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer")) {
New-Item -Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer" | Out-Null New-Item -Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer" | Out-Null
}
Set-ItemProperty -Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer" -Name "DisableNotificationCenter" -Type DWord -Value 1
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications" -Name "ToastEnabled" -Type DWord -Value 0
} }
Set-ItemProperty -Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\Explorer" -Name "DisableNotificationCenter" -Type DWord -Value 1
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications" -Name "ToastEnabled" -Type DWord -Value 0