What is winsecMCP?
winsecMCP is an AI-powered agent designed to automate Windows security hardening tasks, helping administrators configure security settings efficiently.
How to use winsecMCP?
To use winsecMCP, run the script with administrator privileges using the command: python winsecMCP.py.
Key features of winsecMCP?
- Automates Windows security configuration tasks
- Checks and modifies firewall settings, RDP settings, UAC settings, and account policies
- Gathers system information and security status
Use cases of winsecMCP?
- Automating the configuration of Windows Firewall settings.
- Managing user account policies and security settings in a corporate environment.
- Ensuring compliance with security standards by automating hardening tasks.
FAQ from winsecMCP?
- Is winsecMCP safe to use?
Yes, but it modifies system settings that can impact functionality, so always test in a controlled environment first.
- What are the requirements to run winsecMCP?
You need a Windows operating system, Python 3.6+, and administrator privileges.
- What license is winsecMCP under?
winsecMCP is licensed under the Apache License 2.0.
Overview
winsecMCP is a Python-based MCP server with Claude for client that helps administrators automate Windows security configuration. It provides a set of tools to check and modify security settings including:
- Firewall configuration
- Remote Desktop Protocol (RDP) settings
- User Account Control (UAC) settings
- Account policies (password requirements, lockout policies)
- Service management and hardening
- User account management
Requirements
- Windows OS
- Python 3.10+
- Administrator privileges (for most operations)
- Required Python packages:
- mcp
Usage
Run the script with administrator privileges and start Claude client:
python winsecMCP.py
Make sure to add this to your claude_desktop_config.json file:
{
"mcpServers": {
"windows_hardening_agent": {
"command": "python",
"args": [
"C:\\Path\\to\\hardening_server.py"
]
}
}
}
Features
Information Gathering
- Get system status and privilege level
- Check RDP, firewall, UAC, and guest account status
- Review password policies and account lockout settings
- Scan for potentially insecure services
Security Hardening
- Enable/disable RDP
- Configure Windows Firewall
- Manage UAC settings
- Set password and account lockout policies
- Disable unnecessary services
- Manage user accounts and group memberships
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Disclaimer
This tool modifies system settings that can impact system functionality. Always test in a controlled environment before using in production. The authors are not responsible for any damages or issues resulting from the use of this tool.