Windows-SysAdmin-ProSuite is an enterprise-grade, research-aligned automation platform for Windows infrastructures, authored and maintained by Luiz Hamilton Silva (@brazilianscriptguy).
The repository consolidates production-tested PowerShell and VBScript toolchains designed for:
- Identity & Access Management (IAM)
- Secure Windows administration
- Cybersecurity and forensic readiness
- ITSM-aligned provisioning and compliance
- Auditability and operational traceability
All tooling is engineered with runtime safety, deterministic logging, and PowerShell 5.1 compatibility as first-class requirements.
This repository targets real-world Windows environments, including:
- 🏛️ Public sector and judicial institutions
- 🏢 Enterprise and hybrid infrastructures
- 🛡️ Blue Team / DFIR operations
- 📋 Governance, risk, and compliance workflows
It is not a collection of demos or isolated scripts, but a cohesive automation suite designed to operate safely across large Windows realms.
Enterprise-grade automation, security, and compliance solutions — designed for real-world IT operations
| Repository | Description | Key Features |
|---|---|---|
 |
Comprehensive PowerShell toolset for Windows Server, Active Directory, network services, and WSUS administration. | - Active Directory & OU lifecycle management - GPO export/import & baseline enforcement - WSUS maintenance, cleanup & SUSDB optimization - DNS, DHCP, CA, RDS & infrastructure automation |
 |
Defensive security and digital forensics PowerShell utilities for investigation and incident response. | - DFIR data collection modules - Event Log & credential audit parsers - Threat hunting & incident response helpers |
 |
Foundational modular PowerShell framework and packaging engine used by all other suites. | - Reusable PowerShell helpers & UI components - Centralized logging & execution patterns - NuGet packaging & release automation |
 |
Standardized Windows 10/11 workstation lifecycle automation aligned with ITSM practices. | - Pre-join & post-join domain automation - User profile, printer & layout standardization - Compliance hardening, logging & CSV reporting |
 |
Server-side counterpart to ITSM-WKS for Windows Server provisioning and compliance. | - Server baseline & hardening templates - DNS, DHCP, time sync & role configuration - GPO reset, drift remediation & audit logs |
 |
Ready-to-import Group Policy Objects for domain and forest environments. | - Security, UX & infrastructure GPOs - Domain-level and forest-wide templates - Export/import automation & versioning |
 |
Cross-platform Active Directory LDAP / SSO integration patterns for applications and services. | - PHP, .NET, Flask, Node.js & Spring Boot examples - Secure bind via environment variables - Modular, documented, and enterprise-ready architecture |
- ✅ PowerShell 5.1 first, PowerShell 7.x compatible where applicable
- ✅ No destructive action without explicit intent (
ShouldProcessenforced in core logic) - ✅ GUI-driven execution for operator safety when appropriate
- ✅ Structured logging (
.log) and exportable reports (.csv) - ✅ No hidden state, no silent failure patterns
The suite is continuously evaluated using PSScriptAnalyzer, SARIF reporting, and CI pipelines configured in report-only mode to ensure visibility without delivery interruption.
- PowerShell linting via PSScriptAnalyzer
- SARIF output integrated with GitHub Code Scanning
- Runtime-safety focused rule profile (low noise, high signal)
- PowerShell 5.1 compatibility validation
- Non-blocking CI: reports inform action, not gatekeeping
Findings are surfaced as artifacts and dashboards, enabling controlled remediation cycles.
This repository is suitable for academic, technical, and policy-oriented citation, particularly in areas involving:
- Cybersecurity engineering
- Digital forensics (DFIR)
- Identity governance
- IT governance and compliance
Luiz Hamilton Silva
Senior IAM Analyst | Identity & Access Management | AD & Azure AD | Windows Server Architect | PowerShell Automation
GitHub: @brazilianscriptguy
This project reflects long-term stewardship, real operational use, and continuous refinement.
- Contributions are welcome via pull requests
- Attribution is required under the MIT License
- Reuse in academic or institutional contexts should cite the repository or DOI
Engineering secure, auditable, and scalable Windows automation for enterprise and public-sector environments.
© 2026 Luiz Hamilton Silva
