Happy slice of mcp pizzaMCP.pizza

winsecMCP

MCP.Pizza Chef: GH05TCREW

winsecMCP is a Python-based MCP server designed to automate and enforce Windows security configurations. It enables administrators to manage firewall settings, RDP, UAC, account policies, service hardening, and user accounts through structured MCP interactions. Requiring Windows OS and admin privileges, it integrates with clients like Claude to provide real-time security status and configuration management, streamlining Windows hardening workflows.

Use This MCP server To

Automate firewall configuration and monitoring Manage Remote Desktop Protocol (RDP) security settings Enforce User Account Control (UAC) policies Configure password and account lockout policies Harden and manage Windows services Automate user account creation and management Gather system security status reports Integrate Windows security checks into MCP workflows

README

Overview

winsecMCP is a Python-based MCP server with Claude for client that helps administrators automate Windows security configuration. It provides a set of tools to check and modify security settings including:

  • Firewall configuration
  • Remote Desktop Protocol (RDP) settings
  • User Account Control (UAC) settings
  • Account policies (password requirements, lockout policies)
  • Service management and hardening
  • User account management

Requirements

  • Windows OS
  • Python 3.10+
  • Administrator privileges (for most operations)
  • Required Python packages:
    • mcp

Usage

Run the script with administrator privileges and start Claude client:

python winsecMCP.py

Make sure to add this to your claude_desktop_config.json file:

{
  "mcpServers": {
    "windows_hardening_agent": {
      "command": "python",
      "args": [
        "C:\\Path\\to\\hardening_server.py"
      ]
    }
  }
}

Features

Information Gathering

  • Get system status and privilege level
  • Check RDP, firewall, UAC, and guest account status
  • Review password policies and account lockout settings
  • Scan for potentially insecure services

Security Hardening

  • Enable/disable RDP
  • Configure Windows Firewall
  • Manage UAC settings
  • Set password and account lockout policies
  • Disable unnecessary services
  • Manage user accounts and group memberships

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.

Disclaimer

This tool modifies system settings that can impact system functionality. Always test in a controlled environment before using in production. The authors are not responsible for any damages or issues resulting from the use of this tool.

winsecMCP FAQ

What permissions are required to run winsecMCP?
Administrator privileges are required for most operations to modify Windows security settings.
Which operating systems does winsecMCP support?
winsecMCP supports Windows OS only, as it manages Windows-specific security configurations.
How do I integrate winsecMCP with an MCP client like Claude?
Add the winsecMCP server command and arguments to your client's configuration file, such as claude_desktop_config.json, and run the server script with admin rights.
What Python version is required to run winsecMCP?
Python 3.10 or higher is required to run the winsecMCP server.
Can winsecMCP modify firewall and RDP settings?
Yes, it provides tools to check and modify firewall and Remote Desktop Protocol settings securely.
Does winsecMCP provide system status information?
Yes, it can gather and report system security status and configuration details.
Is winsecMCP limited to security configuration or can it manage user accounts?
It can manage user accounts, including creation, modification, and policy enforcement.
What Python packages are needed to run winsecMCP?
The main required package is 'mcp', along with Python 3.10+ and Windows OS.