Windows Server Walkthrough¶

Vagrant VM: windows | Box: gusztavvargadr/windows-server | IP: 192.168.56.20 | Family: Windows

Supported Tools¶

Tool	Status	Notes
HardeningKitty	✅ Supported	PowerShell module downloaded from GitHub
CIS-CAT Lite	✅ Supported	Downloaded ZIP with bundled JRE
SCT	⚠️ Manual setup	Requires manual download from Microsoft

VM Setup¶

cd cis_hardening_tool
vagrant up windows

Note: Windows VMs use WinRM for communication, not SSH. Memory is set to 4096 MB.

Communicating with the VM¶

# PowerShell access
vagrant powershell windows

# Or via WinRM
vagrant winrm windows -c "Get-ComputerInfo | Select-Object WindowsProductName"

Installation (Inside VM)¶

Via Installer¶

The installer is placed in C:\mnt\artifacts\:

# Silent install (via PowerShell)
Start-Process -FilePath "C:\mnt\artifacts\cis-hardening-tool-installer.exe" -ArgumentList "/VERYSILENT", "/SUPPRESSMSGBOXES" -Wait

Via Standalone EXE¶

& "C:\mnt\artifacts\cis-hardening-tool-standalone.exe" --version

Running the Tool¶

cis-hardening-tool --version
cis-hardening-tool doctor
cis-hardening-tool tools install hardeningkitty --yes
cis-hardening-tool tools install ciscat --yes
cis-hardening-tool scan --tools hardeningkitty --non-interactive --export pdf --output C:\tmp\windows_report.pdf

Platform-Specific Notes¶

Communicator: WinRM (not SSH)
Package Managers: winget, choco for Java runtime
HardeningKitty: Downloads HardeningKitty.psm1 from scipag/HardeningKitty GitHub repo
CIS-CAT: Uses bundled JRE (no separate Java install needed on Windows)
Execution Policy: May need Set-ExecutionPolicy Bypass -Scope Process for PowerShell scripts
Memory: 4096 MB, 2 CPUs

Capturing Screenshots¶

# Desktop screenshot from host
VBoxManage controlvm "$(cat .vagrant/machines/windows/virtualbox/id)" screenshotpng walkthroughs/platforms/windows/screenshots/windows_server_desktop.png