I had a problem. I wanted a Windows security audit script I could drop on any machine, run as admin, and walk away with a readable report. Just a single .py file. No pip install , no virtualenv, no "wait, do you have Python 3.10 or what." The catch is that "real" Windows auditing tools usually pull in pywin32, wmi, or some chunky vendor SDK. None of that flies on a locked down workstation. So I tried writing the whole thing on the standard library. That is what WinRecon turned into. 20 checks, single Python module, no dependencies past stdlib. Here's how the dependency-free constraint shaped the architecture. For registry reads I went straight to winreg . Anything that needs Windows tooling goes through subprocess with the actual built-in binaries ( netstat , net , sc query , wmic , and PowerShell for Defender and audit policy queries). It is not elegant. You end up parsing CLI text output a lot. But it works on a fresh Windows 11 box with nothing installed. Example. Getting Defender status without pywin32 .…