Project: Harden Windows
Security is the top priority of this project. Because Harden Windows focuses on system hardening and defense, the following policies apply to all contributors and users.
This project is dedicated to improving Windows security through safe, ethical, and transparent configurations. It must never be used to exploit, damage, or compromise systems or individuals.
- Validate all scripts and configurations before submission.
- Use PowerShell script signing and hash verification whenever possible.
- Avoid disabling core security features (e.g., Windows Defender, UAC, BitLocker) unless explicitly documented and intended for legitimate testing.
- Do not include any payloads, exploits, backdoors, or reverse shells.
- Follow the project’s code quality and documentation standards during contributions.
If you discover a potential vulnerability:
- Do not disclose it publicly.
- Contact the maintainer privately via GitHub Security Advisories or a direct message.
- Provide a clear, reproducible description of the issue.
- Avoid sharing PoC (Proof of Concept) code without explicit approval.
Responsible reporters will be acknowledged in the changelog once the issue is verified and patched.
- All valid vulnerabilities will be addressed as quickly as possible.
- Each major configuration change will undergo a security review before merging.
- The maintainer reserves the right to revert or reject commits that reduce security integrity.
This project is intended only for defensive, educational, or research purposes. Misuse for hacking, surveillance, or unauthorized access is strictly prohibited and against the project’s principles.
The Contribution and Security policies are binding for all contributors. If a significant modification to these policies is required, it must be proposed via a formal pull request and approved by the maintainer.
@Mr-DS-ML-85 (Maintainer)