CyberPatriot Security Guides

Comprehensive security hardening guides for competition success

Welcome

This repository contains comprehensive security hardening guides and scripts designed for CyberPatriot competitions. Each branch contains platform-specific guides with detailed step-by-step instructions and automated scripts to help secure systems efficiently.

Windows Guide

Branch: windows

Language: PowerShell

Description: Comprehensive Windows security hardening guide with PowerShell scripts. Covers everything from initial setup through advanced security configurations, user management, service hardening, and points hunting strategies.

Steps Included:

  1. Initial Setup - Create groups, users, and install programs
  2. Initialization - Configure execution policy and file visibility
  3. Forensics - Answer forensics questions using recommended tools
  4. Basic Security - Enable firewall, remove unwanted software and files
  5. Users and Groups - Manage user accounts and permissions
  6. Services - Disable unnecessary and dangerous services
  7. Miscellaneous - RDP, updates, and security policies
  8. Points Hunting - Additional security auditing and hardening

View Detailed Windows Guide →

Linux Guide

Branch: linux

Language: Bash

Description: Complete Linux security hardening guide with Bash scripts for Ubuntu, Debian, and other systemd-based distributions. Includes automated scripts and interactive tools for comprehensive system security.

Steps Included:

  1. Initial Setup - Create groups, users, and install programs
  2. Initialization - Document system state and create backups
  3. Forensics - Answer forensics questions using recommended tools
  4. Basic Security - Configure UFW firewall and security updates
  5. Users and Groups - Manage accounts and password policies
  6. Services - Disable dangerous services and secure SSH
  7. Miscellaneous - Interactive security configuration menu
  8. Points Hunting - Comprehensive security audit and hardening

Note: The main.sh script achieves 100 points on tr2 ubuntu.

View Detailed Linux Guide →

Windows Server Guide

Branch: win-server

Language: PowerShell

Description: Enhanced Windows Server security guide with advanced configurations and server-specific hardening steps. Similar structure to the Windows guide but optimized for server environments.

Steps Included:

  1. Initial Setup
  2. Initialization
  3. Forensics
  4. Basic Security
  5. Users and Groups
  6. Services
  7. Miscellaneous
  8. Points Hunting

View Windows Server Branch →

How to Use These Guides

  1. Select Your Platform: Choose the appropriate guide based on your competition image (Windows, Linux, or Windows Server).
  2. Follow Steps in Order: Execute steps sequentially, starting from Step 0.
  3. Read the README: Always read the competition README first to understand specific requirements.
  4. Use the Scripts: Download and run the provided scripts from the respective branch.
  5. Review Diagnostics: Check the diagnostics output files generated by each script.
  6. Manual Verification: Always verify that changes were applied correctly.

Repository Structure

  • main branch: General documentation and repository information
  • windows branch: Windows-specific scripts and detailed README
  • linux branch: Linux-specific scripts and detailed README
  • win-server branch: Windows Server scripts and documentation
  • web branch: HTML documentation files (this site)

Important Notes

  • All scripts should be run with appropriate administrative privileges.
  • Always create backups before making system changes.
  • Step 2 (Forensics) is handled manually and doesn't have automated scripts.
  • Review all script outputs and diagnostics files carefully.
  • Some scripts require configuration files (e.g., authusers.txt) before execution.
  • Interactive scripts (Step 6 on Linux) provide menu-driven options.

License & Usage

These guides are designed for use in CyberPatriot competitions and may be adapted for other cybersecurity competitions or educational purposes. Feel free to use, modify, and share these resources to help teams succeed in their cybersecurity training and competitions.