emily/atap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Emily
2026-05-11 09:15:08 +02:00
parent 9bec2b9e42
commit 404ee3fec4
641 changed files with 416825 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ATAPHtmlReport/ATAPHtmlReport.Tests.ps1
+91
View File
@@ -0,0 +1,91 @@
<#
BSD 3-Clause License
Copyright (c) 2023, FB Pro GmbH
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#>
Import-Module "./ATAPHtmlReport" -Force
class MyAudit {
[string] $Id
[string] $Task
[string] $Status
[string] $Message
}
Describe "ATAPHtmlReport" {
InModuleScope ATAPHtmlReport {
$testPath = "$PSScriptRoot\testreport.html"
$args = @{
Path = $testPath
Title = "My Benchmark Report"
ModuleName = "MyAudit"
BasedOn = @(
"My Benchmark v1.0.0 - 10-05-2017"
"My Benchmark 2 v1.0.0 - 10-05-2017"
"My Benchmark 3 v1.0.0 - 10-05-2017"
)
}
Get-ATAPHtmlReport @args -Sections @(
[PSCustomObject]@{
Title = "Section 1"
AuditInfos = @(
[MyAudit]@{ Id = "1.1"; Task = "Ensure something"; Message = "All Good"; Status = 'True' }
[MyAudit]@{ Id = "1.2"; Task = "Ensure something"; Message = "All Good"; Status = 'True' }
[MyAudit]@{ Id = "1.3"; Task = "Ensure something"; Message = "All Good"; Status = 'True' }
[MyAudit]@{ Id = "1.4"; Task = "Ensure something"; Message = "Not run"; Status = 'None' }
)
},
[PSCustomObject]@{
Title = "Section 2"
SubSections = @(
[PSCustomObject]@{
Title = " Section 2.1"
AuditInfos = @(
[MyAudit]@{ Id = "2.1.1"; Task = "Ensure something else"; Message = "All Good"; Status = 'Warning' }
[MyAudit]@{ Id = "2.1.2"; Task = "Ensure something entirely different"; Message = "All good"; Status = 'True' }
)
},
[PSCustomObject]@{
Title = "Section 2.2"
AuditInfos = @(
[MyAudit]@{ Id = "2.2.1"; Task = "Ensure something entirely different"; Message = "Something went wrong"; Status = 'False' }
[MyAudit]@{ Id = "2.2.2"; Task = "Text overflow can only happen on block or inline-block level elements, because the element needs to have a width in order to be overflow-ed. The overflow happens in the direction as determined by the direction property or related attributes."; Message = "All Good"; Status = 'True' }
[MyAudit]@{ Id = "2.1.2"; Task = "Ensure something entirely different"; Message = "Not quite good"; Status = 'Warning' }
)
}
)
}
)
It "Get-ATAPHtmlReport" {
Test-Path $testPath | Should Be $true
}
}
}
ATAPHtmlReport/ATAPHtmlReport.psd1
+146
View File
@@ -0,0 +1,146 @@
<#
BSD 3-Clause License
Copyright (c) 2023, FB Pro GmbH
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#>
@{
# Script module or binary module file associated with this manifest.
RootModule = 'ATAPHtmlReport.psm1'
# Version number of this module.
ModuleVersion = '1.13.5'
# Supported PSEditions
# CompatiblePSEditions = @()
# ID used to uniquely identify this module
GUID = 'b732e8cd-6500-4da8-ac96-ab60087c739b'
# Author of this module
Author = 'Benedikt Böhme, Patrick Helbach, Steffen Winternheimer, Robin Wernz'
# Company or vendor of this module
CompanyName = 'FB Pro GmbH'
# Copyright statement for this module
Copyright = '(c) 2023 FB Pro GmbH. All rights reserved.'
# Description of the functionality provided by this module
Description = 'ATAPHtmlReport serves as the basis for HTML reports generated via ATAPAuditor.'
# Minimum version of the Windows PowerShell engine required by this module
PowerShellVersion = '5.0'
# Name of the Windows PowerShell host required by this module
# PowerShellHostName = ''
# Minimum version of the Windows PowerShell host required by this module
# PowerShellHostVersion = ''
# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
# DotNetFrameworkVersion = ''
# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only.
# CLRVersion = ''
# Processor architecture (None, X86, Amd64) required by this module
# ProcessorArchitecture = ''
# Modules that must be imported into the global environment prior to importing this module
# RequiredModules = @()
# Assemblies that must be loaded prior to importing this module
# RequiredAssemblies = @()
# Script files (.ps1) that are run in the caller's environment prior to importing this module.
# ScriptsToProcess = @()
# Type files (.ps1xml) to be loaded when importing this module
# TypesToProcess = @()
# Format files (.ps1xml) to be loaded when importing this module
# FormatsToProcess = @()
# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess
# NestedModules = @()
# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.
FunctionsToExport = @('Get-ATAPHtmlReport', 'Get-ATAPHostInformation')
# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
CmdletsToExport = @()
# Variables to export from this module
VariablesToExport = ''
# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.
AliasesToExport = @()
# DSC resources to export from this module
# DscResourcesToExport = @()
# List of all modules packaged with this module
# ModuleList = @()
# List of all files packaged with this module
# FileList = @()
# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.
PrivateData = @{
PSData = @{
# Tags applied to this module. These help with module discovery in online galleries.
Tags = @('reporting', 'auditing', 'benchmarks', 'fb-pro', 'html')
# A URL to the license for this module.
LicenseUri = 'https://github.com/fbprogmbh/Audit-Test-Automation/blob/master/LICENSE'
# A URL to the main website for this project.
ProjectUri = 'https://github.com/fbprogmbh/Audit-Test-Automation'
# A URL to an icon representing this module.
# IconUri = ''
# ReleaseNotes of this module
# ReleaseNotes = ''
} # End of PSData hashtable
} # End of PrivateData hashtable
# HelpInfo URI of this module
# HelpInfoURI = ''
# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.
# DefaultCommandPrefix = ''
}
ATAPHtmlReport/ATAPHtmlReport.psm1
+2125
View File
File diff suppressed because it is too large Load Diff
ATAPHtmlReport/README.md
+105
View File
@@ -0,0 +1,105 @@
# ATAP Html Report
## Overview
A module part of the *Audit Test Automation Package* that creates html reports with tables and sections for audit reporting.
## Requirements
Please make sure, that following requirements are fulfilled:
* **PowerShell 5.1:** To find out the current version use `$PSVersionTable.PSVersion`.
## Installation
It is recommended that you install the module on your system.
1. Findout out where PowerShell stores modules with `$env:PSModulePath`. For example, this folder might be C:\Users\Administrator\Documents\WindowsPowerShell\Modules.
2. Copy this folder into the modules folder
3. Check with `Get-Module ATAPHtmlReport -ListAvailable` if PowerShell detects the module.
## Usage
To generate a report, use `Get-ATAPHtmlReport`. However, you will need to provide the *path* where the report will be stored, the report *title*, the audit *module name*, and what hardening standard it is *based on*. To give the report a little bit more context, about the computer the report was generated on, you can provide your own *host information* (a table at the beginning of the report).
The main content of the report is structured into *sections*. A section must have a *title*, but can also include a *description*, a table of *AuditInfos*, and *SubSections*. AuditInfos represent a single audit test with an *Id*, *Task*, *Message*, and *Audit* that states whether the the system completed the test with True, False, Warning, or None.
**Important**: To use the AuditInfos class defined in the modul, you need to add `using module ATAPHtmlReport` to the top of the file. This might not work if the module is not in a PSModulePath location.
For example, a simple section could look like this:
```powershell
[hashtable[]]$reportSections = @()
$reportSections += @{
Title = "Section 1"
Description = "All tests from section 1 of the my audit benchmark are here"
AuditInfos = @(
(New-Object -TypeName AuditInfo -Property @{
Id = "1.1"
Task = "Ensure something is set"
Message = "All Good"
Audit = [AuditStatus]::True
}),
(New-Object -TypeName AuditInfo -Property @{
Id = "1.2"
Task = "Ensure something else is set"
Message = "Result could be better"
Audit = [AuditStatus]::Warning
})
)
}
```
A more complicated section could look like this.
```powershell
$reportSections += @{
Title = "Section 2"
SubSections = @(
@{
Title = "First subsection of section 2"
AuditInfos = @(
(New-Object -TypeName AuditInfo -Property @{
Id = "2.1.1"
Task = "Ensure something"
Message = "Not entirely false"
Audit = [AuditStatus]::Warning
}),
(New-Object -TypeName AuditInfo -Property @{
Id = "2.1.2"
Task = "Ensure something entirely different"
Message = "All good"
Audit = [AuditStatus]::True
})
)
},
@{
Title = "Second subsection of section 2"
AuditInfos = @(
(New-Object -TypeName AuditInfo -Property @{
Id = "2.2.1"
Task = "Ensure something way different"
Message = "Oops, something went wrong!"
Audit = [AuditStatus]::False
})
)
}
)
}
```
Tied up, the full usage of the `Get-ATAPHtmlReport` function could look like this:
```powershell
Get-ATAPHtmlReport `
-Path $Path `
-Title "My Audit Benchmark" `
-ModuleName "MyAuditBenchmark" `
-BasedOn "My Audit Benchmarks Benchmark vX.X.X.X" `
-HostInformation (Get-MyHostInformation) `
-Sections $reportSections
```
## Troubleshooting
Using `Import-Module` instead of installing might not work. Please follow the outlined steps above.
ATAPHtmlReport/Settings.psd1
+57
View File
File diff suppressed because one or more lines are too long
ATAPHtmlReport/Tests/Compare-EqualCISVersions.Tests.ps1
+224
View File
@@ -0,0 +1,224 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Compare-EqualCISVersions' {
It 'Test Windows 7' {
$BasedOn = @(
"CIS Microsoft Windows 7 Workstation Benchmark, Version: 3.1.0, Date: 2018-03-02"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $false
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows 10' {
$BasedOn = @(
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15"
"DISA Windows 10 Security Technical Implementation Guide, Version: V1R16, Date: 2019-10-25"
"Microsoft Security baseline (FINAL) for Windows 10, Version: 21H1, Date: 2021-05-18"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.2, Date: 2020-04-27"
"ACSC Hardening Microsoft Windows 10 version 21H1 Workstations, Version: 10.2021, Date 2021-10-01"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows 10 stand-alone' {
$BasedOn = @(
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.1, Date: 2019-07-31"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows 11' {
$BasedOn = @(
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14"
"Security baseline for Microsoft Windows 11, Version: 20H2, Date: 2020-12-17"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.1, Date: 2019-07-31"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows 11 stand-alone' {
$BasedOn = @(
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.1, Date: 2019-07-31"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows Server 2019' {
$BasedOn = @(
"Windows Server 2019 Security Technical Implementation Guide, Version: 1.5, Date: 2020-06-17"
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18"
"Microsoft Security baseline for Windows Server 2019, Version: FINAL, Date 2019-06-18"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2019 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test Windows Server 2022' {
$BasedOn = @(
"Security baseline for Microsoft Windows Server 2022, Version: FINAL, Date 2021-09-27"
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14"
"DISA Windows Server 2022, Version: V1R1, Date 2022-09-28"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08"
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15"
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15"
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14"
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18"
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
try {
Compare-EqualCISVersions -Title "Windows Server 2022 Audit Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
catch {
$false | Should -Be $true
}
}
It 'Test for unmatching versions of CIS and MITRE mapping' {
$BasedOn = @(
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.15.0, Date: 2023-02-15"
"DISA Windows 10 Security Technical Implementation Guide, Version: V1R16, Date: 2019-10-25"
"Microsoft Security baseline (FINAL) for Windows 10, Version: 21H1, Date: 2021-05-18"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.2, Date: 2020-04-27"
"ACSC Hardening Microsoft Windows 10 version 21H1 Workstations, Version: 10.2021, Date 2021-10-01"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
Compare-EqualCISVersions -Title "Windows 10 Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $false
}
It 'Test for matching versions of CIS and MITRE mapping' {
$BasedOn = @(
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15"
"DISA Windows 10 Security Technical Implementation Guide, Version: V1R16, Date: 2019-10-25"
"Microsoft Security baseline (FINAL) for Windows 10, Version: 21H1, Date: 2021-05-18"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.2, Date: 2020-04-27"
"ACSC Hardening Microsoft Windows 10 version 21H1 Workstations, Version: 10.2021, Date 2021-10-01"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
Compare-EqualCISVersions -Title "Windows 10 Report" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $true
}
It 'Test for matching versions of CIS and MITRE mapping but wrong OS' {
$BasedOn = @(
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15"
"DISA Windows 10 Security Technical Implementation Guide, Version: V1R16, Date: 2019-10-25"
"Microsoft Security baseline (FINAL) for Windows 10, Version: 21H1, Date: 2021-05-18"
"Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities: Version 1.3, Date: 2021-05-03"
"SiSyPHuS Recommendations for Telemetry Components: Version 1.2, Date: 2020-04-27"
"ACSC Hardening Microsoft Windows 10 version 21H1 Workstations, Version: 10.2021, Date 2021-10-01"
"FB Pro recommendations 'Ciphers Protocols and Hashes Benchmark', Version 1.1.0, Date: 2021-04-15"
"FB Pro recommendations 'Enhanced settings', Version 1.1.0, Date: 2023-02-24"
)
$MitreMappingCompatible = @("CIS Microsoft Windows 10 Stand-alone Benchmark, Version: 1.0.1, Date: 2022-02-08",
"CIS Microsoft Windows 11 Stand-alone Benchmark, Version: 1.0.0, Date: 2022-11-15",
"CIS Microsoft Windows 10 Enterprise Release 21H1 Benchmark, Version: 1.12.0, Date: 2022-02-15",
"CIS Microsoft Windows 11 Enterprise Release 21H2 Benchmark, Version: 21H2, Date: 2022-02-14",
"CIS Microsoft Windows Server 2019 Benchmark, Version: 1.3.0, Date: 2022-03-18",
"CIS Microsoft Windows Server 2022, Version: 1.0.0, Date 2022-02-14")
Compare-EqualCISVersions -Title "Debian 10" -ReportBasedOn:$BasedOn -MitreMappingCompatible:$MitreMappingCompatible | Should -Be $false
}
}
}
ATAPHtmlReport/Tests/ConvertTo-HtmlTable.Tests.ps1
+50
View File
@@ -0,0 +1,50 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing ConvertTo-HtmlTable' {
It 'tests with an example Report' {
$AuditInfos = @{Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.4"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.6"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$Section2 = @{Title = "DISA"
$Subsection = $null
}
$Sections = $Section1, $Section2
$Mappings = $Sections | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
# call the function under test and split by opening and closing brackets. Result should be an array of tags.
$tags = (ConvertTo-HtmlTable $Mappings.map).Split("<").Split(">")
$tags | Should -Contain 'table id="MITRETable"'
$tags | Should -Contain 'a href="https://attack.mitre.org/tactics/TA0007/"'
$tags | Should -Contain 'Discovery'
}
}
}
ATAPHtmlReport/Tests/Get-ColorValue.Tests.ps1
+55
View File
@@ -0,0 +1,55 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe "Testing Get-ColorValue" {
It "Should return hundred" {
$result = Get-ColorValue -FirstValue 10 -SecondValue 10
$result | Should -Be "#33cca6"
}
It "Should return ninety" {
$result = Get-ColorValue -FirstValue 9 -SecondValue 10
$result | Should -Be "#52CC8F"
}
It "Should return eighty" {
$result = Get-ColorValue -FirstValue 8 -SecondValue 10
$result | Should -Be "#70CC78"
}
It "Should return seventy" {
$result = Get-ColorValue -FirstValue 7 -SecondValue 10
$result | Should -Be "#8FCC61"
}
It "Should return sixty" {
$result = Get-ColorValue -FirstValue 6 -SecondValue 10
$result | Should -Be "#ADCC4A"
}
It "Should return fifty" {
$result = Get-ColorValue -FirstValue 5 -SecondValue 10
$result | Should -Be "#CCCC33"
}
It "Should return fourty" {
$result = Get-ColorValue -FirstValue 4 -SecondValue 10
$result | Should -Be "#CCA329"
}
It "Should return thirty" {
$result = Get-ColorValue -FirstValue 3 -SecondValue 10
$result | Should -Be "#CC7A1F"
}
It "Should return twenty" {
$result = Get-ColorValue -FirstValue 2 -SecondValue 10
$result | Should -Be "#CC5214"
}
It "Should return ten" {
$result = Get-ColorValue -FirstValue 1 -SecondValue 10
$result | Should -Be "#CC290A"
}
It "Should return zero" {
$result = Get-ColorValue -FirstValue 0 -SecondValue 10
$result | Should -Be "#cc0000"
}
It "Should return empty" {
$result = Get-ColorValue -FirstValue 0 -SecondValue 0
$result | Should -Be "#a7a7a7"
}
}
}
ATAPHtmlReport/Tests/Get-MitigationsFromFailedTests.Tests.ps1
+419
View File
@@ -0,0 +1,419 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
$global:CISToAttackMappingData = Get-Content -Raw "$PSScriptRoot\..\resources\CISToAttackMappingData.json" | ConvertFrom-Json
InModuleScope ATAPHtmlReport {
function global:Add-ToAuditInfos{
param(
[Parameter(Mandatory = $true)]
[string]
$Mitigation,
[Parameter(Mandatory = $true)]
[bool]
$AllIDsFalse
)
$json = $CISToAttackMappingData.'CISAttackMapping'
$json.psobject.properties.name | Where-Object {$json.$_.'Mitigation1' -eq $Mitigation -or $json.$_.'Mitigation2' -eq $Mitigation} | ForEach-Object {return $json.$_.'Recommendation'} | ForEach-Object {
if($AllIDsFalse) {
$global:AuditInfos += @{
Id = $_
Status = [AuditInfoStatus]::False
}
}
else {
$global:AuditInfos += @{
Id = $_
Status = [AuditInfoStatus]::True
}
}
}
}
Describe 'testing function Get-MitigationsFromFailedTests' {
It 'tests the amount of techniques in report' {
$global:AuditInfos = @()
$global:AuditInfos += @{
#T1489
Id = "18.8.5.3"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1555
Id = "18.9.65.2.2"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1569 #T1011
Id = "5.1"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1115
Id = "2.2.1"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1048
Id = "5.12"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1059
Id = "18.9.31.4"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1003
Id = "1.1.7"
Status = [AuditInfoStatus]::False
}
$global:AuditInfos += @{
#T1016
Id = "18.5.19.2.1"
Status = [AuditInfoStatus]::False
}
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$json = $CISToAttackMappingData.'CISAttackMapping'
foreach($Mitigation in $CISAMitigations.Keys) {
$Techniques = @()
$global:AuditInfos | Where-Object {$_.Status -eq [AuditInfoStatus]::False} |
Where-Object {$json.($_.Id).'Mitigation1' -eq $Mitigation -or $json.($_.Id).'Mitigation2' -eq $Mitigation} |
ForEach-Object {
if($null -ne $json.($_.Id).'Technique1' -and $Techniques -notcontains $json.($_.Id).'Technique1'){
$Techniques += $json.($_.Id).'Technique1'
}
if($null -ne $json.($_.Id).'Technique2' -and $Techniques -notcontains $json.($_.Id).'Technique2'){
$Techniques += $json.($_.Id).'Technique2'
}
}
$Techniques = $Techniques | Sort-Object
$CISAMitigations[$Mitigation]['MitreTechniqueIDs'] = $CISAMitigations[$Mitigation]['MitreTechniqueIDs'] | Sort-Object
for($i = 0; $i -lt $CISAMitigations[$Mitigation]['MitreTechniqueIDs'].length; $i++) {
$CISAMitigations[$Mitigation]['MitreTechniqueIDs'][$i] | Should -Be $Techniques[$i]
}
}
}
It 'tests with an example report where every status is [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $true
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Be @('M1017', 'M1018', 'M1021', 'M1027', 'M1028', 'M1030', 'M1031', 'M1038', 'M1041', 'M1042')
}
It 'tests with an example report where every status is [AuditInfoStatus]::True' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Be @()
}
It 'tests with an example report where just M1017 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1017')
}
It 'tests with an example report where just M1018 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1018')
}
It 'tests with an example report where just M1021 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1021')
}
It 'tests with an example report where just M1027 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1027')
}
It 'tests with an example report where just M1028 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1028')
}
It 'tests with an example report where just M1030 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1030')
}
It 'tests with an example report where just M1031 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1031')
}
It 'tests with an example report where just M1038 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1038')
}
It 'tests with an example report where just M1041 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $true
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $false
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1041')
}
It 'tests with an example report where just M1042 ids are [AuditInfoStatus]::False' {
$global:AuditInfos = @()
Add-ToAuditInfos -Mitigation 'M1017' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1018' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1021' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1027' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1028' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1030' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1031' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1038' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1041' -AllIDsFalse $false
Add-ToAuditInfos -Mitigation 'M1042' -AllIDsFalse $true
$Subsection = @{AuditInfos = $global:AuditInfos }
$Section1 = @{
Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#Tests
$CISAMitigations = $mitreMap.Map | Get-MitigationsFromFailedTests
$CISAMitigations.Keys | Should -Contain @('M1042')
}
}
}
ATAPHtmlReport/Tests/Get-MitreTacticName.Tests.ps1
+12
View File
@@ -0,0 +1,12 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Get-MitreTacticName' {
It 'tests with example Values' {
Get-MitreTacticName -TacticId 'TA0042' | Should -Be "Resource Development"
Get-MitreTacticName -TacticId 'TA0004' | Should -Be "Privilege Escalation"
Get-MitreTacticName -TacticId 'TA0008' | Should -Be "Lateral Movement"
}
}
}
ATAPHtmlReport/Tests/Get-MitreTactics.Tests.ps1
+13
View File
@@ -0,0 +1,13 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Get-MitreTactics' {
It 'tests with example Values' {
Get-MitreTactics -TechniqueID "T1591" | Should -Be 'TA0043'
Get-MitreTactics -TechniqueID "T1056" | Should -Be 'TA0009', 'TA0006'
}
}
}
ATAPHtmlReport/Tests/Get-MitreTechniqueName.Tests.ps1
+17
View File
@@ -0,0 +1,17 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Get-MitreTechniqueName' {
It 'tests with example values' {
Get-MitreTechniqueName -TechniqueID "T1591" | Should -Be 'Gather Victim Org Information'
Get-MitreTechniqueName -TechniqueID "T1056" | Should -Be 'Input Capture'
Get-MitreTechniqueName -TechniqueID "T1056" | Should -BeOfType String
}
It 'tests with wrong values' {
Get-MitreTechniqueName -TechniqueID "TXXXX" | Should -Be $null
Get-MitreTechniqueName -TechniqueID "TXXXX" | Should -Not -Be 'Input Capture'
}
}
}
ATAPHtmlReport/Tests/Get-TacticCounter.Tests.ps1
+71
View File
@@ -0,0 +1,71 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe "Testing Get-TacticCounter" {
Context "When counting for a tactic without mapped tests" {
It "Should return 0" {
$AuditInfos = @{Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.4"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.6"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$Sections = $Section1
$Mappings = $Sections | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
$result = Get-TacticCounter -tactic $Mappings.Map["TA0042"] $Mappings.Map
$result | Should -Be 0
}
}
Context "Counter should be 1 if a technique is a 100% fullfilled" {
It "Should be 1" {
$AuditInfos = @{Id = "18.9.48.13"
Status = [AuditInfoStatus]::True
},
@{Id = "18.9.87.1"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$Sections = $Section1
$Mappings = $Sections | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
$Mappings.Map["TA0043"]["T1592"]["18.9.87.1"] | Should -Be True
$Mappings.Map["TA0043"]["T1592"]["18.9.48.13"] | Should -Be True
$Mappings.Map["TA0043"]["T1592"].count | Should -Be 2
Get-TacticCounter "TA0043" $Mappings.Map | Should -Be 1
}
}
}
}
ATAPHtmlReport/Tests/Merge-CisAuditsToMitreMap.Tests.ps1
+50
View File
@@ -0,0 +1,50 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Merge-CisAuditsToMitreMap' {
It 'tests with an example Report' {
$AuditInfos = @{Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$Section2 = @{Title = "DISA"
$Subsection = $null
}
$Sections = $Section1, $Section2
$mapping = $Sections | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
foreach ($tactic in $mapping.Keys) {
Write-Host "$tactic = "
foreach ($technique in $($mapping[$tactic]).Keys) {
Write-Host " $technique = "
foreach ($id in $($($mapping[$tactic])[$technique]).Keys) {
Write-Host " $id = $($($($mapping[$tactic])[$technique])[$id])"
}
}
}
$mapping.GetType() | Should -Be "MitreMap"
$mapping.Map["TA0001"]["T1078"]["1.1.4"] | Should -Be False
$mapping.Map["TA0006"]["T1110"]["1.2.3"] | Should -Be True
}
}
}
ATAPHtmlReport/Tests/MitreMap.Tests.ps1
+101
View File
@@ -0,0 +1,101 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing MitreMap' {
It 'tests correct amount of techniques per tacitc' {
$mitreMap = [MitreMap]::new()
#$mitreMap.Print()
$mitreMap.map['TA0043'].count | Should -Be 10
$mitreMap.map['TA0042'].count | Should -Be 8
$mitreMap.map['TA0001'].count | Should -Be 9
$mitreMap.map['TA0002'].count | Should -Be 14
$mitreMap.map['TA0003'].count | Should -Be 19
$mitreMap.map['TA0004'].count | Should -Be 13
$mitreMap.map['TA0005'].count | Should -Be 42
$mitreMap.map['TA0006'].count | Should -Be 17
$mitreMap.map['TA0007'].count | Should -Be 31
$mitreMap.map['TA0008'].count | Should -Be 9
$mitreMap.map['TA0009'].count | Should -Be 17
$mitreMap.map['TA0011'].count | Should -Be 16
$mitreMap.map['TA0010'].count | Should -Be 9
$mitreMap.map['TA0040'].count | Should -Be 13
}
It 'tests some values' {
$mitreMap = [MitreMap]::new()
$mitreMap.map['TA0043'].ContainsKey('T1597') | Should -Be $true
$mitreMap.map['TA0001'].ContainsKey('T1200') | Should -Be $true
$mitreMap.map['TA0043'].ContainsKey('T1037') | Should -Be $false
$mitreMap.map['TA0006'].ContainsKey('T1612') | Should -Be $false
}
}
}
InModuleScope ATAPHtmlReport {
Describe 'testing functions of the class MitreMap' {
It 'tests with an example report' {
#Dummy-Data
$AuditInfos =
@{
Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{
Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
#$mitreMap.Print()
#Tests
$mitreMap.GetType() | Should -Be "MitreMap"
$mitreMap.Map["TA0001"]["T1078"]["1.1.4"].GetType() | Should -Be 'AuditInfoStatus'
$mitreMap.Map["TA0001"]["T1078"]["1.1.4"] | Should -Be False
$mitreMap.Map["TA0006"]["T1110"]["1.2.3"] | Should -Be True
$failedIDs = @()
foreach ($tactic in $mitreMap.Map.Keys) {
foreach ($technique in $mitreMap.Map[$tactic].Keys) {
$mitreMap.Map[$tactic][$technique].Keys |
Where-Object {$mitreMap.Map[$tactic][$technique][$_] -eq [AuditInfoStatus]::False} |
ForEach-Object {
if($failedIDs -notcontains $_){
$failedIDs += $_
}
}
}
}
$CISAMedigations = @()
$json = Get-Content -Raw "$PSScriptRoot\..\resources\CISToAttackMappingData.json" | ConvertFrom-Json
foreach($i in $failedIDs) {
if($null -ne $json.'CISAttackMapping'.$i.'Mitigation1' -and $CISAMedigations -notcontains $json.'CISAttackMapping'.$i.'Mitigation1'){
$CISAMedigations += $json.'CISAttackMapping'.$i.'Mitigation1'
}
if($null -ne $json.'CISAttackMapping'.$i.'Mitigation2' -and $CISAMedigations -notcontains $json.'CISAttackMapping'.$i.'Mitigation2'){
$CISAMedigations += $json.'CISAttackMapping'.$i.'Mitigation2'
}
}
foreach($i in $CISAMedigations) {
Write-Host $i
}
}
}
}
ATAPHtmlReport/Tests/OrderTactics.Test.ps1
+43
View File
@@ -0,0 +1,43 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'testing tactic order in MitreMap' {
It 'tests with an example report' {
#Dummy-Data
$AuditInfos =
@{
Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{
Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
$mitreMap.Print()
$tactics = (Get-Content -Raw "$PSScriptRoot\..\resources\MitreTactics.json" | ConvertFrom-Json).psobject.properties.name
#check order
$i = 0
foreach ($tactic in $mitreMap.Map.Keys) {
$tactic | Should -Be $tactics[$i]
$i++
}
}
}
}
ATAPHtmlReport/Tests/Test-CompatibleMitreReport.Tests.ps1
+24
View File
@@ -0,0 +1,24 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing Check-CompatibleMitreReport' {
It 'Testing with diffrent Reports' {
$Title = "Windows 10 Report"
$os = [System.Environment]::OSVersion.Platform
Test-CompatibleMitreReport -Title $Title -os $os | Should -Be $true
$Title = "Windows 11 Report"
Test-CompatibleMitreReport -Title $Title -os $os | Should -Be $true
$Title = "Windows Server 2019 Audit Report"
Test-CompatibleMitreReport -Title $Title -os $os | Should -Be $true
$Title = "Windows Server 2022 Audit Report"
Test-CompatibleMitreReport -Title $Title -os $os | Should -Be $true
$Title = "Windows 7 Report"
Test-CompatibleMitreReport -Title $Title -os $os | Should -Be $false
}
}
}
ATAPHtmlReport/Tests/get-MitreLink.Tests.ps1
+20
View File
@@ -0,0 +1,20 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing get-MitreLink' {
It 'tests for tactics' {
get-MitreLink -type tactics -id 'TA0001' | Should -Be 'https://attack.mitre.org/tactics/TA0001/'
get-MitreLink -type tactics -id 'TA0008' | Should -Be 'https://attack.mitre.org/tactics/TA0008/'
}
It 'tests for techniques' {
get-MitreLink -type techniques -id 'T1548' | Should -Be 'https://attack.mitre.org/techniques/T1548/'
get-MitreLink -type techniques -id 'T1119' | Should -Be 'https://attack.mitre.org/techniques/T1119/'
}
It 'tests for techniques' {
get-MitreLink -type mitigations -id 'M1047' | Should -Be 'https://attack.mitre.org/mitigations/M1047/'
}
}
}
ATAPHtmlReport/Tests/readFromJson.Tests.ps1
+73
View File
@@ -0,0 +1,73 @@
#Import-Module
& "$PSScriptRoot\updateATAP.ps1"
InModuleScope ATAPHtmlReport {
Describe 'Testing MitreMap' {
It 'tests correct amount of techniques per tacitc' {
$mitreMap = [MitreMap]::new()
$mitreMap.Print()
$mitreMap.map['TA0043'].count | Should -Be 10
$mitreMap.map['TA0042'].count | Should -Be 8
$mitreMap.map['TA0001'].count | Should -Be 9
$mitreMap.map['TA0002'].count | Should -Be 14
$mitreMap.map['TA0003'].count | Should -Be 19
$mitreMap.map['TA0004'].count | Should -Be 13
$mitreMap.map['TA0005'].count | Should -Be 42
$mitreMap.map['TA0006'].count | Should -Be 17
$mitreMap.map['TA0007'].count | Should -Be 31
$mitreMap.map['TA0008'].count | Should -Be 9
$mitreMap.map['TA0009'].count | Should -Be 17
$mitreMap.map['TA0011'].count | Should -Be 16
$mitreMap.map['TA0010'].count | Should -Be 9
$mitreMap.map['TA0040'].count | Should -Be 13
}
It 'tests some values' {
$mitreMap = [MitreMap]::new()
$mitreMap.map['TA0043'].ContainsKey('T1597') | Should -Be $true
$mitreMap.map['TA0001'].ContainsKey('T1200') | Should -Be $true
$mitreMap.map['TA0043'].ContainsKey('T1037') | Should -Be $false
$mitreMap.map['TA0006'].ContainsKey('T1612') | Should -Be $false
}
}
}
InModuleScope ATAPHtmlReport {
Describe 'testing read from json' {
It 'tests if json file is read in correctly' {
$AuditInfos =
@{
Id = "1.1.4"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.2.3"
Status = [AuditInfoStatus]::True
},
@{
Id = "1.2.5"
Status = [AuditInfoStatus]::False
},
@{
Id = "1.4.5"
Status = [AuditInfoStatus]::True
}
$Subsection = @{AuditInfos = $AuditInfos }
$Section1 = @{Title = "Cis Benchmarks"
SubSections = $Subsection
}
$mitreMap = $Section1 | Where-Object { $_.Title -eq "CIS Benchmarks" } | ForEach-Object { return $_.SubSections } | ForEach-Object { return $_.AuditInfos } | Merge-CisAuditsToMitreMap
$mitreMap.Print()
#Tests
$mitreMap.GetType() | Should -Be "MitreMap"
$mitreMap.Map["TA0001"]["T1078"]["1.1.4"].GetType() | Should -Be 'AuditInfoStatus'
$mitreMap.Map["TA0001"]["T1078"]["1.1.4"] | Should -Be False
$mitreMap.Map["TA0006"]["T1110"]["1.2.3"] | Should -Be True
}
}
}
ATAPHtmlReport/Tests/updateATAP.ps1
+16
View File
@@ -0,0 +1,16 @@
#set the directory where you are programming
$dev_directory = "$PSScriptRoot\..\.."
#deletes the old modules, if they exist
if(Test-Path "C:\Program Files\WindowsPowerShell\Modules\ATAPAuditor") {
Remove-Item -Path "C:\Program Files\WindowsPowerShell\Modules\ATAPAuditor" -recurse
}
if(Test-Path "C:\Program Files\WindowsPowerShell\Modules\ATAPHtmlReport") {
Remove-Item -Path "C:\Program Files\WindowsPowerShell\Modules\ATAPHtmlReport" -recurse
}
#copys the new modules to the module path of powershell
Copy-Item ($dev_directory + "\ATAPAuditor") -Destination "C:\Program Files\WindowsPowerShell\Modules" -recurse
Copy-Item ($dev_directory + "\ATAPHtmlReport") -Destination "C:\Program Files\WindowsPowerShell\Modules" -recurse
#imports ATAPAuditor and ATAPHtmlReport
Import-Module ATAPAuditor -Force
Import-Module ATAPHtmlReport -Force
ATAPHtmlReport/report.css
+1203
View File
File diff suppressed because it is too large Load Diff
ATAPHtmlReport/report.js
+278
View File
@@ -0,0 +1,278 @@
"use strict";
let AmountOfNonCompliantRules;
let AmountOfCompliantRules;
let TotalAmountOfRules;
let QuantityCompliance;
let TotalAmountOfSeverityRules;
let AmountOfFailedSeverityRules;
let SeverityCompliance;
const cssVars = getComputedStyle(document.documentElement);
const COLORS = {
green: cssVars.getPropertyValue('--color-green').trim(),
red: cssVars.getPropertyValue('--company-red').trim(),
orange: cssVars.getPropertyValue('--color-orange').trim(),
purple: cssVars.getPropertyValue('--color-purple').trim(),
white: cssVars.getPropertyValue('--color-white').trim(),
blue: cssVars.getPropertyValue('--color-blue').trim(),
dark_gray: cssVars.getPropertyValue('--color-dark-gray').trim(),
light_gray: cssVars.getPropertyValue('--color-light-gray').trim()
};
function startConditions() {
let isRiskScoreValue = document.getElementById("riskScore");
let isMITREValue = document.getElementById("MITRE");
/* Default-Value: Display summary always at the beginning */
document.getElementById("summary").style.display = "block";
/* Default-Value: Disable all other tabs at the beginning */
document.getElementById("foundationData").style.display = "none";
document.getElementById("references").style.display = "none";
document.getElementById("settingsOverview").style.display = "none";
/* document.getElementById("summaryBtn").style.backgroundColor = COLORS.orange;
document.getElementById("foundationDataBtn").style.backgroundColor = 'transparent';
document.getElementById("referenceBtn").style.backgroundColor = 'transparent';
document.getElementById("settingsOverviewBtn").style.backgroundColor = 'transparent'; */
if (isRiskScoreValue != null) {
document.getElementById("riskScore").style.display = "none";
/* document.getElementById("riskScoreBtn").style.backgroundColor = 'transparent'; */
/* Initialize necessary variables */
AmountOfNonCompliantRules = document.getElementById("AmountOfNonCompliantRules").textContent;
AmountOfCompliantRules = document.getElementById("AmountOfCompliantRules").textContent;
TotalAmountOfRules = document.getElementById("TotalAmountOfRules").textContent;
QuantityCompliance = document.getElementById("QuantityCompliance").textContent;
TotalAmountOfSeverityRules = document.getElementById("TotalAmountOfSeverityRules").textContent;
AmountOfFailedSeverityRules = document.getElementById("AmountOfFailedSeverityRules").textContent;
calcDotPosition();
let severityComplianceCollapseBtn = document.getElementById("severityComplianceCollapse");
severityComplianceCollapseBtn.addEventListener("click", () => {
if (document.getElementById("severityDetails").style.display == "none") {
document.getElementById("severityDetails").style.display = "block";
}
else {
document.getElementById("severityDetails").style.display = "none";
}
})
}
if (isMITREValue != null) {
document.getElementById("MITRE").style.display = "none";
document.getElementById("MITREBtn").style.backgroundColor = 'transparent';
document.getElementById("CISA").style.display = "none";
document.getElementById("CISABtn").style.backgroundColor = 'transparent';
}
}
let buttonNumber;
function clickButton(value) {
buttonNumber = parseInt(value);
/* Disable all content */
let tabContents = document.getElementsByClassName('tabContent');
for (let i = 0; i < tabContents.length; i++) {
tabContents.item(i).style.display = "none";
}
/* Disable all buttons */
let buttons = document.getElementsByClassName('navButton');
for (let i = 0; i < buttons.length; i++) {
/* buttons.item(i).style.backgroundColor = 'transparent'; */
buttons.item(i).classList.remove("selectedNavButton");
}
/* Re-Enable fitting content / button */
switch (buttonNumber) {
case 1:
document.getElementById("summary").style.display = "block";
/* document.getElementById("summaryBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("summaryBtn").classList.add("selectedNavButton");
break;
case 2:
document.getElementById("riskScore").style.display = "block";
/* document.getElementById("riskScoreBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("riskScoreBtn").classList.add("selectedNavButton");
calcDotPosition();
break;
case 3:
document.getElementById("references").style.display = "block";
/* document.getElementById("referenceBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("referenceBtn").classList.add("selectedNavButton");
break;
case 4:
document.getElementById("settingsOverview").style.display = "block";
/* document.getElementById("settingsOverviewBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("settingsOverviewBtn").classList.add("selectedNavButton");
break;
case 5:
document.getElementById("foundationData").style.display = "block";
/* document.getElementById("foundationDataBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("foundationDataBtn").classList.add("selectedNavButton");
break;
case 6:
document.getElementById("MITRE").style.display = "block";
/* document.getElementById("MITREBtn").style.backgroundColor = COLORS.orange; */
document.getElementById("MITREBtn").classList.add("selectedNavButton");
break;
case 7:
document.getElementById("CISA").style.display = "block";
/* document.getElementById("CISABtn").style.backgroundColor = COLORS.orange; */
document.getElementById("CISABtn").classList.add("selectedNavButton");
break;
}
}
/*
Calculate the position of the dot inside the risk matrix;
Will be calleed, after the user has clicked on Risk Score Button
*/
function calcDotPosition() {
let dotRiskScoreTab = document.getElementById("dotRiskScoreTab");
let dotSummaryTab = document.getElementById("dotSummaryTab");
QuantityCompliance = parseFloat(QuantityCompliance);
let complianceValueQuantity = 0;
let complianceValueSeverity = 0;
/*low quantity compliance*/
if (80 < QuantityCompliance) {
dotRiskScoreTab.style.gridColumnStart = 3;
dotSummaryTab.style.gridColumnStart = 3;
complianceValueQuantity = 1;
}
/*medium quantity compliance*/
else if (65 < QuantityCompliance && QuantityCompliance < 80) {
dotRiskScoreTab.style.gridColumnStart = 4;
dotSummaryTab.style.gridColumnStart = 4;
complianceValueQuantity = 2;
}
/*high quantity compliance*/
else if (50 < QuantityCompliance && QuantityCompliance < 65) {
dotRiskScoreTab.style.gridColumnStart = 5;
dotSummaryTab.style.gridColumnStart = 5;
complianceValueQuantity = 3;
}
/*critical quantity compliance*/
else {
dotRiskScoreTab.style.gridColumnStart = 6;
dotSummaryTab.style.gridColumnStart = 6;
complianceValueQuantity = 4;
}
SeverityCompliance = parseInt(AmountOfFailedSeverityRules);
/*low severity compliance*/
if (SeverityCompliance == 0) {
dotRiskScoreTab.style.gridRowStart = 4;
dotSummaryTab.style.gridRowStart = 4;
complianceValueSeverity = 1;
document.getElementById("complianceStatus").style.backgroundColor = COLORS.green;
}
/*critical severity compliance*/
else {
dotRiskScoreTab.style.gridRowStart = 1;
dotSummaryTab.style.gridRowStart = 1;
complianceValueSeverity = 4;
document.getElementById("complianceStatus").style.backgroundColor = COLORS.red;
}
/* Unhide the dot now that it has been positioned */
document.getElementById("dotSummaryTab").style.display = "inline-block";
let totalComplianceValue = Math.max(complianceValueQuantity, complianceValueSeverity);
let summary = "Current Risk Score on tested System: ";
let riskResult = document.createElement("p");
riskResult.style.display = "contents";
if (totalComplianceValue == 1) {
riskResult.innerText = "Low";
riskResult.style.backgroundColor = "#548dd6";
}
else if (totalComplianceValue == 2) {
riskResult.innerText = "Medium";
riskResult.style.backgroundColor = "#ffc000";
}
else if (totalComplianceValue == 3) {
riskResult.innerText = "High";
riskResult.style.color = "white";
riskResult.style.backgroundColor = "#cc0000";
}
else {
riskResult.innerText = "Critical";
riskResult.style.color = "white";
riskResult.style.backgroundColor = "purple";
}
riskResult.style.display = "inline";
riskResult.style.padding = "5px 10px";
riskResult.style.borderRadius = "8px";
riskResult.style.fontWeight = "bold";
riskResult.style.margin = "auto";
let copyRiskResult = riskResult.cloneNode();
copyRiskResult.innerText = riskResult.innerText;
document.getElementById("CurrentRiskScore").textContent = summary;
document.getElementById("CurrentRiskScore").appendChild(riskResult);
document.getElementById("CurrentRiskScoreRS").textContent = summary;
document.getElementById("CurrentRiskScoreRS").appendChild(copyRiskResult);
}
/*
techniques are hidden or shown based on the status of the provided checkboxes and classes
classes must be in a compatible format for document.querySelectorAll()
examples with first all nodes in the 'orgMeasure' class and second all nodes that are in the 'MITRETechnique' but not in the 'mailVector' class:
hideMitreTechniques(this, '.orgMeasure')
hideMitreTechniques(this, '.MITRETechnique:not(.mailVector)')
*/
let activeFilter = new Array();
function hideMitreTechniques(checkbox, classes) {
let classElements = document.querySelectorAll(classes);
if (checkbox.checked) {
/* push the current classes into the activeFilter array to determine which filters are currently active. */
activeFilter.push(classes);
for (let i = 0; i < classElements.length; i++) {
classElements[i].style.padding = '0.1em';
const children = classElements[i].querySelectorAll('*');
for (let j = 0; j < children.length; j++) {
children[j].style.display = 'none';
}
}
}
else {
activeFilter.splice(activeFilter.indexOf(classes), 1);
/* create an array from the classElements since it makes filtering easier. */
let elementsToHide = Array.from(classElements);
/* create an array that includes all elements from the remaining active filters */
let elementsNotToHide = (activeFilter.length === 0) ? new Array() : Array.from(document.querySelectorAll(activeFilter));
/* filter the elementsToHide array to retrieve and display only the elements that are not hidden by other filters */
elementsToHide = elementsToHide.filter(element => !elementsNotToHide.includes(element));
for (let i = 0; i < elementsToHide.length; i++) {
elementsToHide[i].style.removeProperty('padding');
const children = elementsToHide[i].querySelectorAll('*');
for (let j = 0; j < children.length; j++) {
children[j].style.removeProperty('display');
}
}
}
}
ATAPHtmlReport/resources/CISToAttackMappingData.json
BIN
View File
Binary file not shown.
ATAPHtmlReport/runATAP.ps1
+42
View File
@@ -0,0 +1,42 @@
#set the directory where you want to save the reports
$report_directory = "~\Documents\ATAPReports"
#enter which report you want to execute
$report_name = "Microsoft Windows 10"
#saves old working directory
$old_pwd = $pwd
#to access the report file later, "Microsoft" has to be cut out of the String
if($report_name.Contains("Microsoft")) {
$report = $report_name.Substring(10, ($report_name.Length-10))
}
else {
$report = $report_name
}
#starts generating the HTML report
Save-ATAPHtmlReport $report_name -Path $report_directory -MITRE
#enters the report_directory and searchs for the newest report of the kind set above
Set-Location $report_directory
if ($null -eq (Get-ChildItem -Name)) {
Write-Output 'Error no report could be generated.'
}
elseif((Get-ChildItem -Name).GetType().Name -eq 'String') {
$file = Get-ChildItem -Name
#opens the report with the standard appplication set in windows
Start-Process -FilePath $file
#goes back to the old working directory
Set-Location $old_pwd
}
elseif((Get-ChildItem -Name).GetType().Name -eq 'Object[]') {
$i = ((Get-ChildItem -Name).Length)-1
$file = $report_directory + "\" + (Get-ChildItem -Name)[$i]
while(!$file.Contains($report)) {
$i = $i - 1
$file = $report_directory + "\" + (Get-ChildItem -Name)[$i]
}
#opens the report with the standard appplication set in windows
Start-Process -FilePath $file
#goes back to the old working directory
Set-Location $old_pwd
}