Freeware

FF-Toolkit — FEDFORTRESS Windows Hardening & STIG Automation

Menu-driven PowerShell toolkit that streamlines DISA STIG workflows: import ADMX/ADML templates, apply GPO rollups (via LGPO), launch STIG Viewer 2.x/3.x, evaluate STIGs, and quickly reset local policy to Windows defaults. Built for labs and programs that need repeatable, offline-friendly hardening.

About FF-Toolkit

FF-Toolkit packages common Windows hardening tasks into a simple, auditable flow. It’s distributed as freeware: free to download and use, closed-source, no warranty, and subject to the license below. Runs locally on Windows PowerShell (Admin).

Import ADMX/ADML templates to C:\Windows\PolicyDefinitions
Apply DISA GPO rollups via LGPO.exe (OS & non-OS STIGs)
Launch STIG Viewer 2.x or 3.x from extracted archives
Run Evaluate-STIG with CKL/CKLB output
Reset local Group Policy & security to Windows defaults
Offline-friendly after first setup (archives extracted once)

Version: v1.0.0

Released: Aug 13, 2025

OS: Windows 10/11 (x64)

Checksum: SHA-256: 306431E71DFE914B5CAE8976AEFD3EE31E947E7E58CBEA29BE0DF0562AC811C6

Quick Start (Windows)

Download and unzip the FF-Toolkit package to a path without spaces (e.g., C:\FF-Toolkit).
Double-click FF-Toolkit.exe. This will automatically start the toolkit in an elevated (Administrator) PowerShell session.
On first run, required tool archives will be extracted under tools\extracted. Follow the on-screen menu to:
- Import ADMX/ADML templates
- Apply OS & non-OS STIG GPOs via LGPO
- Launch STIG Viewer 2.x or 3.x
- Run Evaluate-STIG (CKL/CKLB output)
- Reset local Group Policy & security to Windows defaults
All actions are logged to .\logs\. Close the toolkit window to exit.

Release notes

1.0.0 – Initial public freeware release. Menu to import ADMX, apply OS/non-OS STIG GPOs via LGPO, launch STIG Viewer 2.x/3.x, run Evaluate-STIG (CKL/CKLB), and reset local policy.

Download

I have read and agree to the FF-Toolkit Freeware License. Agree to license to enable download

Direct link: /downloads/FF-Toolkit-1.0.0.zip

Tip: verify the SHA-256 checksum before use.

Requires Admin PowerShell for most actions (ADMX copy, LGPO). Some options need first-time archive extraction.

System requirements

Windows 10 or 11 (64-bit)
PowerShell 5.1 or PowerShell 7+
Administrator permissions (for ADMX copy, LGPO, security resets)
If using Evaluate-STIG, place official archives under tools\archives (Toolkit extracts on demand)
~300 MB free disk space for extracted tools

FF-Toolkit Freeware License & Terms

License Grant. FEDFORTRESS LLC (“Licensor”) grants you (“Licensee”) a non-exclusive, non-transferable, revocable license to download and use the FF-Toolkit software (“Software”) free of charge for internal purposes. The Software is provided in executable/script form only and is not open-source.

Restrictions. You may not: (a) sell, rent, lease, sublicense, or host the Software for third parties; (b) reverse engineer, decompile, or disassemble the Software except to the extent expressly permitted by applicable law; (c) modify, alter, or create derivative works; (d) remove or obscure proprietary notices; (e) use the Software in classified environments without separate written authorization; or (f) use the Software to provide commercial managed services without Licensor’s prior written consent.

Redistribution. You may redistribute the original, unmodified ZIP provided by Licensor without charge, provided you include this license, attribution to FEDFORTRESS LLC, and the original checksum. Charging any fee for the Software requires prior written permission.

Data & Privacy. The Software does not intentionally transmit customer data to Licensor. Logs are generated locally. You are responsible for complying with your organization’s data handling and retention policies.

Updates. Licensor may release updates at its discretion. Updates may change or remove features. Use of updates is subject to this license.

No Warranty. THE SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. YOU ASSUME ALL RISKS ARISING FROM THE USE OF THE SOFTWARE.

Limitation of Liability. TO THE MAXIMUM EXTENT PERMITTED BY LAW, LICENSOR SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF DATA, BUSINESS, REVENUE, OR PROFITS, ARISING OUT OF OR RELATED TO USE OF THE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Security & Export. You are responsible for validating the checksum, scanning the package, and implementing appropriate security controls. You agree to comply with applicable export control laws and regulations.

Government Use. For U.S. Government end users, the Software is a “commercial product” provided with only the rights set forth in this license. No endorsement by any Government entity is implied.

Termination. This license terminates automatically if you breach its terms. Upon termination, you must cease use and destroy copies in your possession.

Governing Law. This license is governed by the laws of the State of Florida, without regard to conflict of laws principles.

Contact. For permissions, commercial use, or security inquiries, contact contact@fedfortress.com.

FAQ

Is FF-Toolkit open-source?

No. FF-Toolkit is distributed as freeware (no cost) but the source code is not provided.

Does FF-Toolkit need internet access?

Only to obtain official tool archives if you don’t already have them. The toolkit extracts archives under tools\extracted and can operate offline afterward.

Where do I place STIG Viewer or GPO rollups?

Put vendor ZIPs under tools\archives. The toolkit finds and extracts them automatically.

Do I need Administrator permissions?

Yes, for ADMX copy, LGPO application, and reset operations. Launch Windows PowerShell as Administrator.

How do I verify the download?

After download, compute the SHA-256 hash and compare it to the published checksum on this page before use.