New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rewrite Hardentools in a more suitable language? #38
Comments
Wouldn't it make more sense to improve Golang's elevation instead of rewriting (and leaving go behind)? Are there other problems besides requesting elevated rights? |
Maybe it's good to make a list with Pros/Cons in the first post to keep it "facts based":
I really don't think that PoSh is such an irony. The problem with PoSh is how .NET is implemented in Windows and this makes it nearly impossible to stop PoSh exploits and still maintain a working system. What could be done in this case is to use EventLogs and trigger a message that a suspicious activity was detected. But thats another topic ... |
My suggestion would be to move to an orchestration tool (ansible, salt, puppet and the like) and just make a good and accessible user interface with sane defaults, rollback option and good explanations shameless plug on my own hardening role: https://github.com/juju4/ansible-harden-windows |
I'm not sure that would give much benefit for our use case. We're not shooting for corporate networks but rather at-risk individuals, so I'm not convinced ansible-like stuff would be much beneficial. |
As pointed out in #31, there are limitations due to the use of Golang. It might be worth considering rewriting Hardentools with a more suitable language. Some suggested PowerShell (although, that would be a sad irony).
Let's discuss here what we all think is the best way forward.
The text was updated successfully, but these errors were encountered: