When using 'Start in Secure Mode' I would never infect any users with anything. Screenshots : Download : Extreme Injector v3. Di Dez , KakaiKakA I injected my dll and my computer fucking turned off, i tried turning it on again it worked but i had to reinstall windows and repair my pc. Any answers to why? Do Nov , tom Thanks it's amazing not a virus the best Injector ever Sa Nov , On windows 10 no worked!
Jun , V Low Toast notifications to the lock screen must be turned off. Toast notifications that are displayed on the lock screen could display sensitive information to unauthorized personnel. V Low The Windows dialog box title for the legal banner must be configured. V Low Caching of logon credentials must be limited.
The default Windows configuration caches the last logon credentials for users who log on interactively to a system. This feature is provided for system availability reasons, such as the user's V Low The default permissions of global system objects must be increased. Windows systems maintain a global list of shared system resources such as DOS device names, mutexes, and semaphores. Each type of object is created with a default DACL that specifies who can Comments or proposed revisions to this document should be sent via email to the following address: disa.
I - Mission Critical Classified. I - Mission Critical Public. I - Mission Critical Sensitive. II - Mission Support Classified. II - Mission Support Public. II - Mission Support Sensitive. III - Administrative Classified. III - Administrative Public. III - Administrative Sensitive. Local volumes must be formatted using NTFS. Windows 10 systems must be maintained at a supported servicing level.
The Windows 10 system must use an anti-virus program. Anonymous access to Named Pipes and Shares must be restricted. Anonymous enumeration of shares must be restricted. The system must be configured to prevent the storage of the LAN Manager hash of passwords. Solicited Remote Assistance must not be allowed. Only accounts responsible for the administration of a system must have Administrator rights on the system.
The default autorun behavior must be configured to prevent autorun commands. The Windows Installer Always install with elevated privileges must be disabled.
Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.
The Debug programs user right must only be assigned to the Administrators group. The Create a token object user right must not be assigned to any groups or accounts. Autoplay must be turned off for non-volume devices. Reversible password encryption must be disabled. The Act as part of the operating system user right must not be assigned to any groups or accounts.
Credential Guard must be running on Windows 10 domain-joined systems. Anonymous enumeration of SAM accounts must not be allowed. Autoplay must be disabled for all drives. Alternate operating systems must not be permitted on the same system. Enhanced anti-spoofing for facial recognition must be enabled on Window Explorer Data Execution Prevention must be enabled.
Windows Telemetry must not be configured to Full. If Enhanced diagnostic data is enabled it must be limited to the minimum required to support Windows Analytics. Windows 10 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: continuously, where HBSS is used; 30 days, for any additional internal network scans not covered by HBSS; and annually, for external scans by Computer Network Defense Service Provider CNDSP.
Windows 10 information systems must use BitLocker to encrypt all disks to protect the confidentiality and integrity of all information at rest. Windows 10 systems must use a BitLocker PIN with a minimum length of 6 digits for pre-boot authentication. The operating system must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs.
The system must be configured to prevent anonymous users from having the same rights as the Everyone group. PKU2U authentication using online identities must be prevented. NTLM must be prevented from falling back to a Null session. The system must be configured to the required LDAP client signing level. The password history must be configured to 24 passwords remembered.
The Application event log size must be configured to KB or greater. The system must be configured to audit System - System Integrity successes. The system must be configured to audit Account Logon - Credential Validation failures. The system must be configured to audit System - Security State Change successes.
The system must be configured to audit System - Other System Events failures. The system must be configured to audit System - System Integrity failures. The system must be configured to audit System - Security System Extension successes. The system must be configured to audit System - Other System Events successes. Users must be prompted for a password on resume from sleep on battery. Local users on domain-joined computers must not be enumerated.
The user must be prompted for a password on resume from sleep plugged in. Only accounts responsible for the backup operations must be members of the Backup Operators group. Non system-created file shares on a system must limit access to groups that require it. Permissions for system files and directories must conform to minimum requirements.
Only authorized user accounts must be allowed to create or run virtual machines on Windows 10 systems. Exploit Protection mitigations in Windows 10 must be configured for wmplayer.
Exploit Protection mitigations in Windows 10 must be configured for wordpad. The built-in administrator account must be disabled. The built-in guest account must be disabled. The network selection user interface UI must not be displayed on the logon screen. The Restore files and directories user right must only be assigned to the Administrators group.
The Take ownership of files or other objects user right must only be assigned to the Administrators group. The Perform volume maintenance tasks user right must only be assigned to the Administrators group. The Profile single process user right must only be assigned to the Administrators group. The Security event log size must be configured to KB or greater.
The System event log size must be configured to KB or greater. Windows 10 permissions for the Application event log must prevent access by non-privileged accounts. Windows 10 permissions for the Security event log must prevent access by non-privileged accounts.
Windows 10 permissions for the System event log must prevent access by non-privileged accounts. Windows 10 must be configured to audit Detailed File Share Failures.
File Explorer shell protocol must run in protected mode. The system must be configured to require a strong session key. The Windows PowerShell 2. A host-based firewall must be installed and enabled on the system.
Inbound exceptions to the firewall on Windows 10 domain workstations must only allow authorized remote management hosts. Outgoing secure channel traffic must be encrypted when possible. Outgoing secure channel traffic must be encrypted or signed. The Telnet Client must not be installed on the system. Remote Desktop Services must always prompt a client for passwords upon connection. Remote Desktop Services must be configured with the client connection encryption set to the required level.
Attachments must be prevented from being downloaded from RSS feeds. Indexing of encrypted files must be turned off. Users must be prevented from changing installation options. Users must be notified if a web-based program attempts to install software.
Automatically signing in the last interactive user after a system-initiated restart must be disabled. Bluetooth must be turned off unless approved by the organization. Windows 10 must cover or disable the built-in or attached camera when not in use. Camera access from the lock screen must be disabled. The system must be configured to prevent IP source routing. IPv6 source routing must be configured to highest protection. The display of slide shows on the lock screen must be disabled.
Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. Orphaned security identifiers SIDs must be removed from user rights on Windows The Secondary Logon service must be disabled on Windows Bluetooth must be turned off when not in use.
The Deny log on as a batch job user right on domain-joined workstations must be configured to prevent access from highly privileged domain accounts. The system must notify the user when a Bluetooth device attempts to connect. Windows 10 account lockout duration must be configured to 15 minutes or greater.
Windows 10 non-persistent VM sessions should not exceed 24 hours. The Create symbolic links user right must only be assigned to the Administrators group. The Back up files and directories user right must only be assigned to the Administrators group.
The Create a pagefile user right must only be assigned to the Administrators group. The password manager function in the Edge browser must be disabled.
Windows 10 must be configured to prevent certificate error overrides in Microsoft Edge. Users must not be allowed to ignore Windows Defender SmartScreen filter warnings for unverified files in Microsoft Edge. Users must not be allowed to ignore Windows Defender SmartScreen filter warnings for malicious websites in Microsoft Edge.
Windows 10 must be configured to require a minimum pin length of six characters or greater. The use of a hardware security device with Windows Hello for Business must be enabled. Windows 10 must be configured to disable Windows Game Recording and Broadcasting. Local drives must be prevented from sharing with Remote Desktop Session Hosts. Passwords must not be saved in the Remote Desktop Client. Unencrypted passwords must not be sent to third-party SMB Servers. Administrator accounts must not be enumerated during elevation.
The minimum password age must be configured to at least 1 day. Passwords must, at a minimum, be 14 characters. The built-in Microsoft password complexity filter must be enabled. The number of allowed bad logon attempts must be configured to 3 or less. The period of time before the bad logon counter is reset must be configured to 15 minutes. The Modify firmware environment values user right must only be assigned to the Administrators group.
The Manage auditing and security log user right must only be assigned to the Administrators group. The Lock pages in memory user right must not be assigned to any groups or accounts. The Load and unload device drivers user right must only be assigned to the Administrators group. The Impersonate a client after authentication user right must only be assigned to Administrators, Service, Local Service, and Network Service. The Force shutdown from a remote system user right must only be assigned to the Administrators group.
The Enable computer and user accounts to be trusted for delegation user right must not be assigned to any groups or accounts. The system must be configured to audit Account Logon - Credential Validation successes. The Deny log on locally user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems.
The Deny log on as a service user right on Windows 10 domain-joined workstations must be configured to prevent access from highly privileged domain accounts.
Windows 10 Exploit Protection system-level mitigation, Validate heap integrity, must be on. The convenience PIN for Windows 10 must be disabled.
Windows Ink Workspace must be configured to disallow access above the lock. Systems must at least attempt device authentication using certificates. Exploit Protection mitigations in Windows 10 must be configured for Acrobat.
Exploit Protection mitigations in Windows 10 must be configured for AcroRd WDigest Authentication must be disabled. The built-in administrator account must be renamed. Local accounts with blank passwords must be restricted to prevent access from the network. Windows 10 must be configured to enable Remote host allows delegation of non-exportable credentials.
Audit policy using subcategories must be enabled. The Windows Explorer Preview pane must be disabled for Windows Software certificate installation files must be removed from Windows The Deny access to this computer from the network user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems.
Outgoing secure channel traffic must be signed when possible. Zone information must be preserved when saving attachments. The Access this computer from the network user right must only be assigned to the Administrators and Remote Desktop Users groups.
The Access Credential Manager as a trusted caller user right must not be assigned to any groups or accounts. User Account Control must virtualize file and registry write failures to per-user locations. The built-in guest account must be renamed. Passwords for enabled local Administrator accounts must be changed at least every 60 days. Group Policy objects must be reprocessed even if they have not changed. Downloading print driver packages over HTTP must be prevented.
Web publishing and online ordering wizards must be prevented from downloading a list of providers. STIG Style sheet. There is a style sheet package located on DoD Cyber Exchange. If one of those does not satisfy your needs submit a request to the DISA support desk. Your request will be submitted for consideration as an addition style sheet choice.
The most common reason for this lack of DISA support is that the vendor product is outdated, superseded by a newer vendor product, or may be vendor non-support. Since DISA is no longer maintaining a given product, a SME responsible for, and knowledgeable about, the product may not be available, thus customer support questions will most likely not be answerable.
Unified Capabilities Approved Product List. JITC provides the interoperability approval for the product. Open the folder with the extracted files, locate and open the. For requestors who want PDF interactive checkboxes, etc. FAQ Topics. Please use the Microsoft IIS 7. Please use the Microsoft IIS 8. There are Microsoft IIS 8. Mobile Iron Core v9. MobileIron Core v MongoDB Enterprise Advanced 3. Motorola Android 9.
Oracle Oracle MySQL 8. PostgresSQL 9. Samsung Android 11 Knox 3. Samsung Android OS 10 with Knox 3. Samsung Android OS 9 with Knox 3. SCC 5. Splunk Enterprise 7. STIG Viewer 2. Sunset - AIX 6. Sunset - Apple OS X
0コメント