WinSentinel scans your Windows machine across 13 security modules — firewall, updates, accounts, services, network exposure and more — then scores you and tells you exactly what to fix. Open-source CLI, no telemetry, runs locally.
PS> winsentinel --score Scanning 13 modules… ✓ Firewall OK ✓ Updates OK ✓ User Accounts 2 warnings ✓ Services OK ✓ Network Exposure 1 critical ✓ Scheduled Tasks OK ✓ Defender OK Security score: 78 / 100 Run winsentinel fix --interactive to address findings.
Real Windows APIs, not screenshots from a blog post. Every finding maps to a concrete setting, registry key, or service you can inspect yourself.
Profiles enabled, inbound rules, dangerous allow-listings.
Pending patches, missing security updates, reboot status.
Local admins, password policy, guest account, stale users.
Unsigned services, suspicious auto-starts, weak permissions.
Open listening ports, SMB exposure, RDP hardening.
Real-time protection, signature freshness, exclusions audit.
SYSTEM-level tasks, unsigned binaries, suspicious triggers.
UAC, LSA protections, NTLM, AutoRun, telemetry baselines.
Drivers, startup, processes, shares, audit policy.
The CLI and every audit module are free, forever. Pro adds the tools you need to actually run security in production.
WinSentinel ships as a .NET global tool. Requires the .NET 8 runtime — already on most Windows dev machines, otherwise grab it from microsoft.com/dotnet.
# install dotnet tool install --global WinSentinel.Cli # run a full audit winsentinel --score # interactive fix winsentinel fix --interactive # update later dotnet tool update --global WinSentinel.Cli
Pro is launching soon. Drop your email and we'll send a one-time launch invite — no newsletter, no spam, no drip campaigns.
We'll only email you once, when Pro is ready. Backed by a Cloudflare Worker — no third-party trackers.