WINspect

WINspect is a PowerShell script that will return security-based information.  Examples of returned data would be:

• Checking for installed security products.
• Enumerating world-exposed local filesystem shares.
• Enumerating domain users and groups with local group membership.
• Enumerating registry autoruns.
• Enumerating local services that are configurable by Authenticated Users group members.
• Enumerating local services for which corresponding binary is writable by Authenticated Users group members.
• Enumerating non-system32 Windows Hosted Services and their associated DLLs.
• Enumerating local services with unquoted path vulnerability.
• Enumerating non-system scheduled tasks.
• Checking for DLL hijackability.
• Checking for User Account Control settings.
• Checking for unattended installs leftovers.

https://github.com/A-mIn3/WINspect

https://isc.sans.edu/forums/diary/Windows+Auditing+with+WINspect/22810/