Manually auditing a Windows machine for security vulnerabilities is tedious and error-prone. Leaving unneeded network shares active, firewalls misconfigured, or guest accounts enabled creates massive security gaps on your network.
Instead of clicking through dozens of system menus, we can build a passive automation tool using Python's built-in modules. This script instantly audits critical operating system configurations and outputs a clean security health status report.
Here is the exact code framework and step-by-step setup guide to deploy your first automated system security scanner.
🐍 The Python Security Audit Script
This script requires zero third-party installations. It utilizes native modules like subprocess, os, and ctypes to safely inspect your Windows environment. Copy this code into a file named security_audit.py:
import os
import sys
import ctypes
import subprocess
def is_admin():
"""Checks if the script is running with administrative privileges."""
try:
return ctypes.windll.shell32.IsUserAnAdmin()
except:
return False
def check_firewall_status():
"""Audits the Windows Defender Firewall status across profiles."""
print("[*] Auditing Windows Firewall Status...")
try:
cmd = "netsh advfirewall show allprofiles state"
result = subprocess.check_output(cmd, shell=True, text=True)
if "OFF" in result.upper():
print("[ALERT] Firewall is turned OFF on one or more profiles!")
else:
print("[OK] Firewall profiles are active.")
except Exception as e:
print(f"[ERROR] Failed to audit firewall: {e}")
def check_network_shares():
"""Lists all active network shares exposed on the machine."""
print("\n[*] Auditing Active Network Shares...")
try:
result = subprocess.check_output("net share", shell=True, text=True)
print(result.strip())
except Exception as e:
print(f"[ERROR] Failed to fetch network shares: {e}")
def check_password_policy():
"""Checks the local password account requirements."""
print("\n[*] Auditing Account Password Policies...")
try:
result = subprocess.check_output("net accounts", shell=True, text=True)
print(result.strip())
except Exception as e:
print(f"[ERROR] Failed to fetch password policy: {e}")
def run_audit():
"""Executes the complete security audit sequence."""
print("=" * 50)
print(" AYOULI IT TECH SYSTEM SECURITY AUDIT ")
print("=" * 50)
if not is_admin():
print("[WARNING] Script is not running as Administrator.")
print("[WARNING] Some deep system metrics may be missing.\n")
check_firewall_status()
check_network_shares()
check_password_policy()
print("\n" + "=" * 50)
print("Audit Complete. Review the alerts above.")
print("=" * 50)
if __name__ == "__main__":
run_audit()
⚙️ Step-by-Step Execution Guide
1. Run Command Prompt as Administrator
Because auditing firewall profiles and account settings accesses system registry states, you need elevated privileges. Search for cmd in your Start menu, right-click it, and select Run as administrator.
2. Execute the Script
Navigate to the folder where you saved your file and execute it using the python command:
python security_audit.py
🛡️ How to Understand Your Audit Results
- Firewall Alerts: If the tool prints an
[ALERT], open your security console instantly and reactivate Windows Defender. - Network Shares: Look out for default templates or unexpected administrative shares like
C$orADMIN$being open to unauthorized local users. - Password Policies: Ensure your Minimum password length is set to at least 12 characters within your corporate environments.
No comments:
Post a Comment