diff --git a/GroupPolicy/LGPO.exe b/GroupPolicy/LGPO.exe
new file mode 100644
index 0000000..3d366e1
Binary files /dev/null and b/GroupPolicy/LGPO.exe differ
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Backup.xml b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Backup.xml
new file mode 100644
index 0000000..671d235
--- /dev/null
+++ b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Backup.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?><!-- Copyright (c) Microsoft Corporation.  All rights reserved. --><GroupPolicyBackupScheme bkp:version="2.0" bkp:type="GroupPolicyBackupTemplate" xmlns:bkp="http://www.microsoft.com/GroupPolicy/GPOOperations" xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations">
+<GroupPolicyObject><SecurityGroups><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-313387930-2272000091-2532780421-519]]></Sid><SamAccountName><![CDATA[Enterprise Admins]]></SamAccountName><Type><![CDATA[UniversalGroup]]></Type><NetBIOSDomainName><![CDATA[CONTOSO]]></NetBIOSDomainName><DnsDomainName><![CDATA[contoso.test]]></DnsDomainName><UPN><![CDATA[Enterprise Admins@contoso.test]]></UPN></Group><Group bkp:Source="FromDACL"><Sid><![CDATA[S-1-5-21-313387930-2272000091-2532780421-512]]></Sid><SamAccountName><![CDATA[Domain Admins]]></SamAccountName><Type><![CDATA[GlobalGroup]]></Type><NetBIOSDomainName><![CDATA[CONTOSO]]></NetBIOSDomainName><DnsDomainName><![CDATA[contoso.test]]></DnsDomainName><UPN><![CDATA[Domain Admins@contoso.test]]></UPN></Group></SecurityGroups><FilePaths/><GroupPolicyCoreSettings><ID><![CDATA[{FACCA114-6E57-4027-AB08-D891F66A4A24}]]></ID><Domain><![CDATA[contoso.test]]></Domain><SecurityDescriptor>01 00 04 9c 00 00 00 00 00 00 00 00 00 00 00 00 14 00 00 00 04 00 ec 00 08 00 00 00 05 02 28 00 00 01 00 00 01 00 00 00 8f fd ac ed b3 ff d1 11 b4 1d 00 a0 c9 68 f9 39 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 9a eb ad 12 5b f8 6b 87 85 29 f7 96 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 9a eb ad 12 5b f8 6b 87 85 29 f7 96 00 02 00 00 00 02 24 00 ff 00 0f 00 01 05 00 00 00 00 00 05 15 00 00 00 9a eb ad 12 5b f8 6b 87 85 29 f7 96 07 02 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 09 00 00 00 00 02 14 00 94 00 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 02 14 00 ff 00 0f 00 01 01 00 00 00 00 00 05 12 00 00 00 00 0a 14 00 ff 00 0f 00 01 01 00 00 00 00 00 03 00 00 00 00</SecurityDescriptor><DisplayName><![CDATA[Win11_GPO]]></DisplayName><Options><![CDATA[0]]></Options><UserVersionNumber><![CDATA[65537]]></UserVersionNumber><MachineVersionNumber><![CDATA[393222]]></MachineVersionNumber><MachineExtensionGuids><![CDATA[[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F72-3407-48AE-BA88-E8213C6761F1}]]]></MachineExtensionGuids><UserExtensionGuids><![CDATA[[{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F73-3407-48AE-BA88-E8213C6761F1}]]]></UserExtensionGuids><WMIFilter/></GroupPolicyCoreSettings> 
+<GroupPolicyExtension bkp:ID="{35378EAC-683F-11D2-A89A-00C04FBBCFA2}" bkp:DescName="Registry">
+<FSObjectFile bkp:Path="%GPO_MACH_FSPATH%\registry.pol" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\registry.pol" bkp:Location="DomainSysvol\GPO\Machine\registry.pol"/>
+<FSObjectFile bkp:Path="%GPO_USER_FSPATH%\registry.pol" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\User\registry.pol" bkp:Location="DomainSysvol\GPO\User\registry.pol"/>
+<FSObjectFile bkp:Path="%GPO_FSPATH%\Adm\*.*" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Adm\*.*"/>
+</GroupPolicyExtension>
+<GroupPolicyExtension bkp:ID="{827D319E-6EAC-11D2-A4EA-00C04F79F83A}" bkp:DescName="Security">
+<FSObjectFile bkp:Path="%GPO_MACH_FSPATH%\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf" bkp:ReEvaluateFunction="SecurityValidateSettings" bkp:Location="DomainSysvol\GPO\Machine\microsoft\windows nt\SecEdit\GptTmpl.inf"/>
+</GroupPolicyExtension>
+<GroupPolicyExtension bkp:ID="{F15C46CD-82A0-4C2D-A210-5D0D3182A418}" bkp:DescName="Unknown Extension"><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Microsoft" bkp:Location="DomainSysvol\GPO\Machine\Microsoft"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Microsoft\Windows NT" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT\Audit" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Microsoft\Windows NT\Audit" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT\Audit"/><FSObjectFile bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT\Audit\audit.csv" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Microsoft\Windows NT\Audit\audit.csv" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT\Audit\audit.csv"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Microsoft\Windows NT\SecEdit" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Microsoft\Windows NT\SecEdit" bkp:Location="DomainSysvol\GPO\Machine\Microsoft\Windows NT\SecEdit"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Scripts" bkp:Location="DomainSysvol\GPO\Machine\Scripts"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Shutdown" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Scripts\Shutdown" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Shutdown"/><FSObjectDir bkp:Path="%GPO_MACH_FSPATH%\Scripts\Startup" bkp:SourceExpandedPath="\\DC01.contoso.test\sysvol\contoso.test\Policies\{FACCA114-6E57-4027-AB08-D891F66A4A24}\Machine\Scripts\Startup" bkp:Location="DomainSysvol\GPO\Machine\Scripts\Startup"/></GroupPolicyExtension></GroupPolicyObject>
+</GroupPolicyBackupScheme>
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Bkupinfo.xml b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Bkupinfo.xml
new file mode 100644
index 0000000..fd9a27e
--- /dev/null
+++ b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/Bkupinfo.xml
@@ -0,0 +1 @@
+<BackupInst xmlns="http://www.microsoft.com/GroupPolicy/GPOOperations/Manifest"><GPOGuid><![CDATA[{FACCA114-6E57-4027-AB08-D891F66A4A24}]]></GPOGuid><GPODomain><![CDATA[contoso.test]]></GPODomain><GPODomainGuid><![CDATA[{8d345ac4-636f-4d69-8650-335cb5d903a9}]]></GPODomainGuid><GPODomainController><![CDATA[DC01.contoso.test]]></GPODomainController><BackupTime><![CDATA[2024-12-10T19:40:51]]></BackupTime><ID><![CDATA[{07BDCD6A-3F72-473C-82B9-67BB69DBE54D}]]></ID><Comment><![CDATA[Backup GPO created by LGPO.exe]]></Comment><GPODisplayName><![CDATA[Win11_GPO]]></GPODisplayName></BackupInst>
\ No newline at end of file
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv
new file mode 100644
index 0000000..b31e0dc
--- /dev/null
+++ b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv	
@@ -0,0 +1,64 @@
+Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting,Setting Value
+DESKTOP-M3CMQU3,System,IPsec Driver,{0CCE9213-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,System Integrity,{0CCE9212-69AE-11D9-BED3-505054503030},Success and Failure,,3
+DESKTOP-M3CMQU3,System,Security System Extension,{0CCE9211-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Security State Change,{0CCE9210-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Other System Events,{0CCE9214-69AE-11D9-BED3-505054503030},Success and Failure,,3
+DESKTOP-M3CMQU3,System,Group Membership,{0CCE9249-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,User / Device Claims,{0CCE9247-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Network Policy Server,{0CCE9243-69AE-11D9-BED3-505054503030},Success and Failure,,3
+DESKTOP-M3CMQU3,System,Other Logon/Logoff Events,{0CCE921C-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Special Logon,{0CCE921B-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,IPsec Extended Mode,{0CCE921A-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,IPsec Quick Mode,{0CCE9219-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,IPsec Main Mode,{0CCE9218-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Account Lockout,{0CCE9217-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Logoff,{0CCE9216-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Logon,{0CCE9215-69AE-11D9-BED3-505054503030},Success and Failure,,3
+DESKTOP-M3CMQU3,System,Handle Manipulation,{0CCE9223-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Central Policy Staging,{0CCE9246-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Removable Storage,{0CCE9245-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Detailed File Share,{0CCE9244-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Other Object Access Events,{0CCE9227-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Filtering Platform Connection,{0CCE9226-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Filtering Platform Packet Drop,{0CCE9225-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,File Share,{0CCE9224-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Application Generated,{0CCE9222-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Certification Services,{0CCE9221-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,SAM,{0CCE9220-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Kernel Object,{0CCE921F-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Registry,{0CCE921E-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,File System,{0CCE921D-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Other Privilege Use Events,{0CCE922A-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Non Sensitive Privilege Use,{0CCE9229-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Sensitive Privilege Use,{0CCE9228-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,RPC Events,{0CCE922E-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Token Right Adjusted Events,{0CCE924A-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Process Creation,{0CCE922B-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Process Termination,{0CCE922C-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Plug and Play Events,{0CCE9248-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,DPAPI Activity,{0CCE922D-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Other Policy Change Events,{0CCE9234-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Authentication Policy Change,{0CCE9230-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Audit Policy Change,{0CCE922F-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Filtering Platform Policy Change,{0CCE9233-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Authorization Policy Change,{0CCE9231-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,MPSSVC Rule-Level Policy Change,{0CCE9232-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Other Account Management Events,{0CCE923A-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Application Group Management,{0CCE9239-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Distribution Group Management,{0CCE9238-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Security Group Management,{0CCE9237-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Computer Account Management,{0CCE9236-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,User Account Management,{0CCE9235-69AE-11D9-BED3-505054503030},Success,,1
+DESKTOP-M3CMQU3,System,Directory Service Replication,{0CCE923D-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Directory Service Access,{0CCE923B-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Detailed Directory Service Replication,{0CCE923E-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Directory Service Changes,{0CCE923C-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Other Account Logon Events,{0CCE9241-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Kerberos Service Ticket Operations,{0CCE9240-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Credential Validation,{0CCE923F-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,System,Kerberos Authentication Service,{0CCE9242-69AE-11D9-BED3-505054503030},No Auditing,,0
+DESKTOP-M3CMQU3,,Option:CrashOnAuditFail,,Disabled,,0
+DESKTOP-M3CMQU3,,Option:FullPrivilegeAuditing,,Disabled,,0
+DESKTOP-M3CMQU3,,Option:AuditBaseObjects,,Disabled,,0
+DESKTOP-M3CMQU3,,Option:AuditBaseDirectories,,Disabled,,0
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
new file mode 100644
index 0000000..9df0c2a
Binary files /dev/null and b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf differ
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/registry.pol b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/registry.pol
new file mode 100644
index 0000000..aea2457
Binary files /dev/null and b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/Machine/registry.pol differ
diff --git a/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/User/registry.pol b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/User/registry.pol
new file mode 100644
index 0000000..75e2a09
Binary files /dev/null and b/GroupPolicy/{33C2D9E4-D084-4EE4-99D0-BC6DF203B32D}/DomainSysvol/GPO/User/registry.pol differ