Command Line Interface (CLI)
Complete documentation for using the HardenSys CLI tool for automation and scripting.
Note: The CLI tool requires Administrator privileges for full functionality. Some checks may fail without proper permissions.
Overview
The HardenSys CLI tool provides a command-line interface for running security compliance checks, generating reports, and managing Windows security policies. It's perfect for automation, scripting, and integration into CI/CD pipelines.
Key Features
- Run all compliance checks or filter by category
- Generate text or JSON reports
- Administrator privilege detection
- Progress tracking and detailed output
- Export results to files
- Search and filter parameters
Basic Usage
Running All Checks
The simplest way to use the CLI is to run all compliance checks:
Windows Command Prompt
python HardenSys.pyOn Windows, you can also run: py HardenSys.py
Linux Terminal
python3 HardenSys.pyOn Linux, you may need to use: python3 instead of python
Getting Help
View all available options and examples:
Command Line
python HardenSys.py --helpListing Available Categories
See all available security categories and their parameter counts:
Command Line
python HardenSys.py --listFiltering Options
Filter by Heading
Run checks for a specific security category:
Command Line
# Run only Account Policies checks
python HardenSys.py --heading "Account Policies"
# Run only Security Options checks
python HardenSys.py --heading "Security Options"Filter by Subheading
Run checks for a specific subcategory:
Command Line
# Run only Password Policy checks
python HardenSys.py --subheading "Password Policy"
# Run only User Rights Assignment checks
python HardenSys.py --subheading "User Rights Assignment"Filter by Parameter
Run a specific task by its title name:
Command Line
# Run specific password history check
python HardenSys.py --parameter "Enforce password history"
# Run specific password length check
python HardenSys.py --parameter "Minimum password length"Show Parameter Information
Get detailed information about parameters, subheadings, or headings:
Command Line
# Show all password-related tasks
python HardenSys.py --info "password"
# Show all tasks in Account Policies
python HardenSys.py --info "Account Policies"
# Show specific task details
python HardenSys.py --info "Enforce password history"Report Generation
Text Reports
Generate a text report and save it to a file:
Command Line
# Generate text report
python HardenSys.py --output report.txt
# Generate report for specific category
python HardenSys.py --heading "Account Policies" --output account_policies.txtJSON Reports
Generate a JSON report for programmatic processing:
Command Line
# Generate JSON report
python HardenSys.py --format json --output report.json
# Generate JSON report for specific category
python HardenSys.py --heading "Security Options" --format json --output security_options.jsonReport Formats
Both text and JSON formats provide comprehensive compliance information:
Text Report Example
Text Output
Windows Security Compliance Report
========================================
Generated: 2024-01-15 14:30:25
Duration: 45.67 seconds
Total Checks: 121
Successful: 115
Failed: 6
Success Rate: 95.0%
Detailed Results:
========================================
Account Policies
----------------
✓ Enforce password history
Status: success
Message: ✓ Password history set to 24 successfully
Previous: 0 passwords
Current: 24 passwordsJSON Report Example
JSON Output
{
"summary": {
"total_checks": 121,
"successful_checks": 115,
"failed_checks": 6,
"success_rate": "95.0%",
"duration_seconds": 45.67,
"timestamp": "2024-01-15T14:30:25"
},
"results": [
{
"status": "success",
"message": "✓ Password history set to 24 successfully",
"previous": "0 passwords",
"current": "24 passwords",
"heading": "Account Policies",
"subheading": "Password Policy",
"title": "Enforce password history",
"script_key": "enforce_password_history",
"timestamp": "2024-01-15T14:30:25"
}
]
}Usage Examples
Quick Security Check
Command Line
python HardenSys.py --heading "Account Policies" --output quick_check.txtFull Audit with JSON Export
Command Line
python HardenSys.py --format json --output full_audit.jsonPassword Policy Only
Command Line
python HardenSys.py --subheading "Password Policy" --verboseSpecific Task Check
Command Line
python HardenSys.py --parameter "Enforce password history" --output password_history_check.txtFirewall Configuration Check
Command Line
python HardenSys.py --heading "Windows Defender Firewall with Advanced Security"PowerShell Integration
PowerShell
# Run all checks
.\HardenSys.ps1
# Run specific category
.\HardenSys.ps1 -Heading "Account Policies"
# Generate JSON report
.\HardenSys.ps1 -Format json -Output "compliance_report.json"
# List categories
.\HardenSys.ps1 -ListTroubleshooting
Common Issues
1. "Not running as Administrator"
Solution: Some checks require admin privileges. Run the tool as Administrator for full functionality.
To run as Administrator:
- Command Prompt: Right-click Command Prompt → "Run as administrator"
- PowerShell: Right-click PowerShell → "Run as administrator"
- Batch File: Right-click
HardenSys.bat→ "Run as administrator"
2. "Function not found"
Solution: Ensure
windows_tasks.py is in the same directory and contains the required function.
3. "JSON file not found"
Solution: Ensure
windows_tasks.json is in the same directory or use the --json option to specify a custom path.
4. Import errors
Solution: Ensure all required Python modules are installed and check Python version compatibility.
Error Codes
| Exit Code | Description |
|---|---|
| 0 | Success |
| 1 | Error (file not found, import error, etc.) |
Getting Help
If you encounter issues not covered here:
- Check the FAQ section
- Review the Error Codes reference
- Open an issue on GitHub