eversec_boxstarter

eversec_boxstarter_base.txt

$ErrorActionPreference = "SilentlyContinue"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true};
choco feature enable -n allowGlobalConfirmation
if ($PSVersionTable.PSVersion.Major -eq 5){
    cinst -y PowerShell
} else {
    Write-Output "Powershell v5.1 detected, good to go"
}
Set-WindowsExplorerOptions -EnableShowHiddenFilesFoldersDrives -EnableShowProtectedOSFiles -EnableShowFileExtensions 
Enable-RemoteDesktop
Set-StartScreenOptions -EnableBootToDesktop
cinst -y git-credential-winstore 
cinst -y sublimetext2 
cinst -y poshgit 
cinst -y vscode 
cinst -y 7zip 
cinst -y vlc 
cinst -y winrar 
cinst -y cmdermini 
cinst -y googlechrome 
cinst -y vim 
cinst -y poweriso 

# Install Scoop
iwr -useb get.scoop.sh | iex

# Disable Defender
Set-MpPreference -DisableRealtimeMonitoring $true
Set-MpPreference -DisableRealtimeMonitoring $true -ErrorAction Ignore;
Set-MpPreference -DisableBehaviorMonitoring $true -ErrorAction Ignore;
Set-MpPreference -DisableBlockAtFirstSeen $true -ErrorAction Ignore;
Set-MpPreference -DisableIOAVProtection $true -ErrorAction Ignore;
Set-MpPreference -DisablePrivacyMode $true -ErrorAction Ignore;
Set-MpPreference -SignatureDisableUpdateOnStartupWithoutEngine $true -ErrorAction Ignore;
Set-MpPreference -DisableArchiveScanning $true -ErrorAction Ignore;
Set-MpPreference -DisableIntrusionPreventionSystem $true -ErrorAction Ignore;
Set-MpPreference -DisableScriptScanning $true -ErrorAction Ignore;
Set-MpPreference -SubmitSamplesConsent 2 -ErrorAction Ignore;
Set-MpPreference -MAPSReporting 0 -ErrorAction Ignore;
Set-MpPreference -HighThreatDefaultAction 6 -Force -ErrorAction Ignore;
Set-MpPreference -ModerateThreatDefaultAction 6 -ErrorAction Ignore;
Set-MpPreference -LowThreatDefaultAction 6 -ErrorAction Ignore;
Set-MpPreference -SevereThreatDefaultAction 6 -ErrorAction Ignore;

New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force
New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name DisableAntiVirus -Value 1 -PropertyType DWORD -Force

# Uninstall OneDrive

New-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name DisableAntiSpyware -Value 1 -PropertyType DWORD -Force

Write-Host "Removing OneDrive..."
$onedrive = Get-Process onedrive -ErrorAction SilentlyContinue
if ($onedrive) {
    taskkill /f /im OneDrive.exe
    c:\Windows\SysWOW64\OneDriveSetup.exe /uninstall
}

Write-Host "Disabling automatic screen turnoff in order to prevent screen locking..."
powercfg -change -monitor-timeout-ac 0
powercfg -change -standby-timeout-ac 0
powercfg -change -hibernate-timeout-ac 0

# Set Explorer options to show extensions and hidden system files
$keys = @('HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced','HKLM:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced')
foreach($key in $keys) {
    Set-ItemProperty $key Hidden 1
    Set-ItemProperty $key HideFileExt 0
    Set-ItemProperty $key ShowSuperHidden 1
    Set-ItemProperty $key DontPrettyPath 1
}

try {
 Import-Module PSReadLine -ErrorAction Ignore;
 Set-PSReadLineOption -EditMode Emacs
}
catch {
    Write-Host "PSReadline not installed"
    Install-Module -Name PowerShellGet -Force
    Find-Module psreadline | Install-Module -Force
    Import-Module PSReadLine
}



# Enable PS Remoting for Ansible

iwr -useb https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 | iex