winsecMCP
winsecMCP is a tool designed to help administrators automate and manage security configurations on Windows systems. It offers features such as firewall configuration, RDP settings management, and user account management. The project aims to improve system security by providing automated tools for security assessment and hardening.
Overview
winsecMCP is a Python-based MCP server with Claude for client that helps administrators automate Windows security configuration. It provides a set of tools to check and modify security settings including:
- Firewall configuration
- Remote Desktop Protocol (RDP) settings
- User Account Control (UAC) settings
- Account policies (password requirements, lockout policies)
- Service management and hardening
- User account management
Requirements
- Windows OS
- Python 3.10+
- Administrator privileges (for most operations)
- Required Python packages:
- mcp
Usage
Run the script with administrator privileges and start Claude client:
python winsecMCP.py
Make sure to add this to your claude_desktop_config.json file:
{
"mcpServers": {
"windows_hardening_agent": {
"command": "python",
"args": [
"C:\\Path\\to\\hardening_server.py"
]
}
}
}
Features
Information Gathering
- Get system status and privilege level
- Check RDP, firewall, UAC, and guest account status
- Review password policies and account lockout settings
- Scan for potentially insecure services
Security Hardening
- Enable/disable RDP
- Configure Windows Firewall
- Manage UAC settings
- Set password and account lockout policies
- Disable unnecessary services
- Manage user accounts and group memberships
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Disclaimer
This tool modifies system settings that can impact system functionality. Always test in a controlled environment before using in production. The authors are not responsible for any damages or issues resulting from the use of this tool.