Mac STIG for pentesting
This STIG comes from http://iasecontent.disa.mil/stigs/zip/U_Apple_OS_X_10-11_V1R4_STIG.zip and is used to lock down Macs. I included a comment for each item to help explain what each item does. The script requires two additional files, PolicyBanner.rtf and banner to create a login and ssh banner.
Modify banner and PolicyBanner.rtf and replace with your organization name.