🛡️ Hardening

🔒 Windows Settings

# Enable LSA Protection
reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v RunAsPPL /t REG_DWORD /d 1 /f

# Disable WDigest
reg add HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest /v UseLogonCredential /t REG_DWORD /d 0 /f

# Disable NTLM
reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v LmCompatibilityLevel /t REG_DWORD /d 5 /f

📋 Group Policy Settings

Enable "Restrict delegation of credentials"
Configure Protected Users group
Enable "Audit Process Creation"
Deny network access for privileged accounts