|
1 | | -## 🚀 Complete PowerShell and VBScript Toolkit |
| 1 | +## 🚀 Complete PowerShell and VBScript Toolkit |
2 | 2 |
|
3 | 3 | ### ITSM Compliance for Windows 10/11 Workstations and Windows Server 2019/2022 |
4 | 4 |
|
5 | | -Welcome to the **PowerShell Toolset for Windows Server Administration** and **VBScript Repository** — a curated collection of automation scripts by [`@brazilianscriptguy`](https://github.com/brazilianscriptguy) for secure, compliant, and scalable Windows infrastructure management. |
| 5 | +Welcome to **Windows-SysAdmin-ProSuite** — a comprehensive and enterprise-grade collection of **PowerShell** and **VBScript** automation tools by [`@brazilianscriptguy`](https://github.com/brazilianscriptguy), designed for **secure**, **compliant**, and **scalable** Windows infrastructure management. |
6 | 6 |
|
7 | | -> ✨ Most tools include intuitive **graphical user interfaces (GUI)**, generate structured `.log` files, and many also export `.csv` audit reports. |
| 7 | +> ✨ Most tools include intuitive **graphical user interfaces (GUI)**, generate structured `.log` files for auditing, and many also export `.csv` reports to support compliance, forensics, and ITSM workflows. |
| 8 | +
|
| 9 | +--- |
| 10 | + |
| 11 | +## 🧭 Scope & Target Audience |
| 12 | + |
| 13 | +This toolkit is purpose-built for: |
| 14 | + |
| 15 | +* 🏛️ **Public-sector IT environments** (courts, universities, government agencies) |
| 16 | +* 🏢 **Enterprise Windows domains** (on-prem and hybrid) |
| 17 | +* 🛡️ **Blue Team / DFIR operations** (event logs, artifacts, investigations) |
| 18 | +* 📋 **ITSM-aligned provisioning** of servers and workstations |
| 19 | +* 📑 **Compliance-driven automation** (auditability, repeatability, governance) |
8 | 20 |
|
9 | 21 | --- |
10 | 22 |
|
11 | 23 | ## 🛠️ Toolkit Overview |
12 | 24 |
|
13 | | -**Purpose-built for critical IT service domains:** |
| 25 | +**Organized by critical IT service domains:** |
14 | 26 |
|
15 | | -| Folder | Description | |
16 | | -|--------|-------------| |
17 | | -| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/BlueTeam-Tools) | PowerShell forensic tooling for DFIR, including **Event Log monitoring** and **incident response** modules for triage, analysis, and digital evidence workflows. | |
18 | | -| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/Core-ScriptLibrary) | Core scripting modules for CI/CD pipelines, helper functions, and reusable logic blocks — including **NuGet packaging** support. | |
19 | | -| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/ITSM-Templates-SVR) | Standardized **Windows Server 2019/2022** baseline templates: DNS, AD CS, GPO, DHCP, IIS, and institutional compliance automation. | |
20 | | -| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/ITSM-Templates-WKS) | Institutional ITSM automation for **Windows 10/11**: `BeforeJoinDomain`, `AfterJoinDomain`, and workstation standardization routines. | |
21 | | -| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/SysAdmin-Tools) | Centralized **PowerShell + VBScript** GUIs for AD, GPO, WSUS, DNS, DHCP, CA, and infrastructure orchestration — organized into 7 categories. | |
| 27 | +| Folder | Description | |
| 28 | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |
| 29 | +| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/BlueTeam-Tools) | PowerShell forensic tooling for DFIR, including **Event Log monitoring**, **incident response**, and investigative workflows aligned with digital evidence handling. | |
| 30 | +| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/Core-ScriptLibrary) | Foundational scripting modules for **reusability**, **helper functions**, **GUI backends**, CI/CD integration, and **NuGet packaging** automation. | |
| 31 | +| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/ITSM-Templates-SVR) | Standardized **Windows Server 2019/2022** baselines: DNS, AD CS, GPO, DHCP, IIS, WSUS, and institutional compliance automation. | |
| 32 | +| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/ITSM-Templates-WKS) | ITSM automation for **Windows 10/11**: `BeforeJoinDomain`, `AfterJoinDomain`, asset tagging, security hardening, and workstation standardization routines. | |
| 33 | +| [](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/tree/main/SysAdmin-Tools) | Centralized **PowerShell + VBScript GUIs** for AD, GPO, WSUS, DNS, DHCP, CA, and infrastructure orchestration, organized into multiple operational categories. | |
22 | 34 |
|
23 | 35 | --- |
24 | 36 |
|
25 | 37 | ## 💻 Core Features |
26 | 38 |
|
27 | | -- 🧪 **Forensic readiness:** Artifact collection, Event Log parsing, and breach detection support |
28 | | -- ⚡ **PowerShell-driven automation:** Secure scripting patterns with reusability and CI support |
29 | | -- 🔐 **Server & workstation hardening:** Enforces institutional baselines, including firewall, DNS, and GPO policies |
30 | | -- 👤 **IAM & domain readiness:** Tools for AD objects, logon behavior, SID tracking, and offline logon caching |
31 | | -- 📋 **Registry + GPO integration:** Leverages native Windows `.reg`, `.vbs`, and `.hta` to maintain compliance |
| 39 | +* 🧪 **Forensic readiness:** Artifact collection, Event Log parsing, timeline support, and breach detection |
| 40 | +* ⚡ **PowerShell-driven automation:** Secure scripting patterns with modularity and CI/CD support |
| 41 | +* 🔐 **Server & workstation hardening:** Enforcement of institutional baselines (firewall, DNS, GPOs, services) |
| 42 | +* 👤 **IAM & domain readiness:** AD objects, logon behavior analysis, SID tracking, offline logon controls |
| 43 | +* 📋 **Registry + GPO integration:** Native use of `.reg`, `.vbs`, `.hta`, and PowerShell for policy enforcement |
32 | 44 |
|
33 | 45 | --- |
34 | 46 |
|
35 | | -## 🌟 Key Highlights & Core Competencies |
| 47 | +## 🌟 Key Highlights & Engineering Principles |
36 | 48 |
|
37 | | -- 🖼️ **GUI-driven interfaces:** Interactive tools with guided automation |
38 | | -- 📝 **Standardized logging:** Detailed `.log` outputs stored in consistent directories |
39 | | -- 📊 **CSV audit reports:** BIOS, SID, OS posture, update status, and software inventory exports |
40 | | -- 🧩 **Modular design:** Reusable components with parameters and consistent conventions |
41 | | -- 🔁 **Release automation:** GitHub Actions for linting, packaging, and NuGet publishing |
42 | | -- 🛡️ **Zero third-party binaries:** Built to remain native to the Windows ecosystem |
| 49 | +* 🖼️ **GUI-driven interfaces:** User-friendly tools with guided execution |
| 50 | +* 📝 **Standardized logging model:** Deterministic `.log` outputs in predefined directories |
| 51 | +* 📊 **CSV audit reports:** BIOS, SID, OS posture, update status, and software inventory exports |
| 52 | +* 🧩 **Modular architecture:** Reusable components, consistent naming, and parameterization |
| 53 | +* 🔁 **Release automation:** GitHub Actions for linting, SARIF analysis, packaging, and NuGet publishing |
| 54 | +* 🛡️ **Native Windows tooling only:** No bundled third-party binaries |
43 | 55 |
|
44 | 56 | --- |
45 | 57 |
|
46 | | -## ⚙️ Requirements & Environment Setup |
| 58 | +## 🏛️ Governance, Quality & Security |
| 59 | + |
| 60 | +This repository follows **enterprise-grade governance standards**: |
| 61 | + |
| 62 | +* Semantic versioning (`vMAJOR.MINOR.PATCH`) |
| 63 | +* Tag- and release-based distribution |
| 64 | +* CI pipelines with PowerShell & VBScript SARIF analysis |
| 65 | +* Documented **Security Policy**, **Code of Conduct**, and **Contribution Guidelines** |
| 66 | +* Responsible vulnerability disclosure process |
| 67 | +* MIT License (SPDX compatible) |
| 68 | + |
| 69 | +--- |
| 70 | + |
| 71 | +## ⚙️ Requirements & Environment Setup |
| 72 | + |
| 73 | +| Requirement | Minimum Version / Notes | |
| 74 | +| ------------------------ | -------------------------------------------------------------- | |
| 75 | +| **PowerShell** | Windows PowerShell **5.1** or **PowerShell 7.x** (recommended) | |
| 76 | +| **Operating System** | Windows **10/11**, Windows Server **2019/2022** | |
| 77 | +| **Execution Policy** | Recommended: `RemoteSigned` | |
| 78 | +| **Administrator Rights** | Required for most automation tasks | |
| 79 | +| **.NET Framework** | **4.8** recommended (legacy GUI compatibility) | |
| 80 | +| **Optional Tools** | Git, Visual Studio Code, Task Scheduler | |
| 81 | + |
| 82 | +--- |
| 83 | + |
| 84 | +## 🚀 Quick Start |
| 85 | + |
| 86 | +```powershell |
| 87 | +git clone https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite.git |
| 88 | +cd Windows-SysAdmin-ProSuite |
| 89 | +Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned |
| 90 | +.\ITSM-Templates-WKS\BeforeJoinDomain\Initialize-WKSBaseline.ps1 |
| 91 | +``` |
47 | 92 |
|
48 | | -| Requirement | Minimum Version / Notes | |
49 | | -|-------------|--------------------------| |
50 | | -| **PowerShell** | **Windows PowerShell 5.1** (built-in) or **PowerShell 7.x** recommended | |
51 | | -| **Operating System** | **Windows 10/11** (Workstation), **Windows Server 2019/2022** | |
52 | | -| **Execution Policy** | Recommended: `RemoteSigned` (avoid `Unrestricted` unless required by your environment) | |
53 | | -| **Administrator Rights** | Required for many `.ps1`, `.hta`, and registry-modifying `.vbs` tasks | |
54 | | -| **.NET Framework** | **4.8** recommended (for legacy GUI components); Windows 11 commonly includes modern runtimes | |
55 | | -| **Optional Tools** | Git (for `git clone`), VS Code (recommended), Task Scheduler for automation | |
| 93 | +> ⚠️ Always review scripts before running them in production environments. |
56 | 94 |
|
57 | 95 | --- |
58 | 96 |
|
59 | 97 | ## ▶️ How to Use |
60 | 98 |
|
61 | 99 | ### Run scripts |
62 | 100 |
|
63 | | -| File Type | Execution Method | |
64 | | -|----------|-------------------| |
65 | | -| `.ps1` | Right-click → **Run with PowerShell** (or run from an elevated terminal) | |
66 | | -| `.vbs` | Run via `cscript.exe` (recommended) or double-click for `wscript.exe` | |
67 | | -| `.hta` | Double-click (run as administrator when required) | |
| 101 | +| File Type | Execution Method | |
| 102 | +| --------- | ----------------------------------------------------------------------- | |
| 103 | +| `.ps1` | Right-click → **Run with PowerShell** or execute from elevated terminal | |
| 104 | +| `.vbs` | Run via `cscript.exe` (recommended) or `wscript.exe` | |
| 105 | +| `.hta` | Double-click (run as administrator when required) | |
68 | 106 |
|
69 | | -### View logs and reports |
| 107 | +### Logs and reports |
70 | 108 |
|
71 | | -| Path | Purpose | |
72 | | -|------|---------| |
73 | | -| `C:\ITSM-Logs-WKS\` | Workstation automation logs | |
74 | | -| `C:\ITSM-Logs-SVR\` | Server-side execution logs | |
75 | | -| `C:\Scripts-LOGS\` | GPO sync, agent deployment, antivirus logs | |
76 | | -| `C:\Logs-TEMP\` | General-purpose and legacy script output | |
| 109 | +| Path | Purpose | |
| 110 | +| ------------------- | -------------------------------------- | |
| 111 | +| `C:\ITSM-Logs-WKS\` | Workstation automation logs | |
| 112 | +| `C:\ITSM-Logs-SVR\` | Server-side execution logs | |
| 113 | +| `C:\Scripts-LOGS\` | GPO sync, agents, and security tooling | |
| 114 | +| `C:\Logs-TEMP\` | General-purpose and legacy outputs | |
77 | 115 |
|
78 | 116 | --- |
79 | 117 |
|
80 | 118 | ## 🤝 Support & Contributions |
81 | 119 |
|
82 | | -[](mailto:[email protected]) |
83 | | -[](https://www.patreon.com/brazilianscriptguy) |
84 | | -[](https://buymeacoffee.com/brazilianscriptguy) |
85 | | -[](https://ko-fi.com/brazilianscriptguy) |
86 | | -[](https://www.gofundme.com/f/brazilianscriptguy) |
87 | | -[](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/issues) |
88 | | -[](https://whatsapp.com/channel/0029VaEgqC50G0XZV1k4Mb1c) |
| 120 | +* 📧 Email : [luizhamilton.lhr@gmail.com](mailto:[email protected]) |
| 121 | +* 🐞 Issues: [https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/issues](https://github.com/brazilianscriptguy/Windows-SysAdmin-ProSuite/issues) |
| 122 | +* 💙 Patreon: [https://www.patreon.com/brazilianscriptguy](https://www.patreon.com/brazilianscriptguy) |
| 123 | +* ☕ Buy Me a Coffee: [https://buymeacoffee.com/brazilianscriptguy](https://buymeacoffee.com/brazilianscriptguy) |
| 124 | +* 💠 Ko-fi: [https://ko-fi.com/brazilianscriptguy](https://ko-fi.com/brazilianscriptguy) |
| 125 | +* 🌐 GoFundMe: [https://www.gofundme.com/f/brazilianscriptguy](https://www.gofundme.com/f/brazilianscriptguy) |
| 126 | +* 📱 WhatsApp Channel: [https://whatsapp.com/channel/0029VaEgqC50G0XZV1k4Mb1c](https://whatsapp.com/channel/0029VaEgqC50G0XZV1k4Mb1c) |
89 | 127 |
|
90 | 128 | --- |
91 | 129 |
|
92 | | -💼 Thank you for using **Windows-SysAdmin-ProSuite** — your trusted toolkit for automating administrative tasks, enforcing security policies, and supporting ITSM excellence across public-sector or enterprise infrastructure. |
| 130 | +💼 Thank you for using **Windows-SysAdmin-ProSuite** — a professional toolkit for automating administrative tasks, enforcing security baselines, and sustaining ITSM excellence in enterprise and public-sector Windows environments. |
93 | 131 |
|
94 | | -© 2026 Luiz Hamilton. All rights reserved. |
| 132 | +© 2026 Luiz Hamilton Silva. All rights reserved. |
0 commit comments