Windows Server Security Audit Tool (NIS2 Alignment)

Hi everyone,

I’ve been working on an open-source PowerShell tool that assesses a system’s security posture and runs entirely offline with no call-home capabilities.

It goes through 30+ checks across critical categories (patching, access control, network defences, encryption, etc.) and maps everything to:

• NIS2 (Article 21 – Cybersecurity risk‑management measures)

• MITRE ATT&CK

• CIS Controls v8

It prioritises high‑impact vulnerabilities (Initial Access, Credential Dumping, Lateral Movement, etc.) over general hardening items and has been tested on Windows Server 2016, 2019, 2022, and 2025 (Desktop Experience, en-US Locale).

It requires PowerShell 5.1+ and must be run as an administrator.

If you’ve got a minute, I’d love feedback on new checks or on what breaks in your environment.

🔗 GitHub Repository: https://github.com/cyb3rint3l-labs/ServerSecurityAudit