Giter VIP home page Giter VIP logo

amardeep-audit / audit-test-automation Goto Github PK

View Code? Open in Web Editor NEW

This project forked from fbprogmbh/audit-test-automation

0.0 0.0 0.0 1.75 MB

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

Home Page: https://fb-pro.com/audit-test-automation-package-audit-tap/

License: BSD 3-Clause "New" or "Revised" License

PowerShell 99.91% CSS 0.09%

audit-test-automation's Introduction

Audit Test Automation Package

ATAPHtmlReport:
atashtmlreportphield

ATAPAuditor:
atapauditorshield

Overview

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

Modules

The package consists of the following modules:

  • ATAPHtmlReport
  • ATAPAuditor

Reports

The ATAPAuditor contains the following reports based on the following benchmarks including the version number. How to read the table below:

  • The entries in the DISA column specify the version of the DISA STIG that is used.
  • The entries in the CIS column specify the version of the CIS benchmark that is used.
  • The entries in the MS column specify the version of the Microsoft security baseline that is used.
  • The entries in the BSI column specify the version of the BSI benchmark that is used.
  • The entries in the CyberGovAu column specify the version of the CyverGovAu benchmark that is used.
Report DISA CIS MS BSI CyberGovAu
Google Chrome V1R15 2.0.0 - - -
Mozilla Firefox V4R24 1.0.0 - - -
Microsoft Edge - - 85 - -
Microsoft IE11 V1R16 1.0.0 2004 - -
Microsoft IIS10 - 1.1.0 - - -
Microsoft Office 2016 Excel V1R2 - - - -
Microsoft Office 2016 Outlook V1R2 - - - -
Microsoft Office 2016 PowerPoint V1R1 - - - -
Microsoft Office 2016 SkypeForBusiness V1R1 - - - -
Microsoft Office 2016 Word V1R1 - - - -
Microsoft Office 2016 - 1.1.0 - - -
Microsoft SQL Server 2016 - 1.0.0 - - -
Microsoft Windows 7 - 3.1.0 - - -
Microsoft Windows 10 V1R16 1.9.0 20H2 SiM-08202 06.2020
Microsoft Windows 10 GDPR - - - 16082019 -
Microsoft Windows Server 2012 R2 - 2.4.0 - - -
Microsoft Windows Server 2016 V1R6 1.2.0 FINAL - -
Microsoft Windows Server 2016 DC V1R6 1.2.0 FINAL - -
Microsoft Windows Server 2019 V1R2 1.1.0 FINAL - -
Microsoft Windows Server 2019 DC V1R2 1.1.0 FINAL - -

The report Microsoft Office 2016 aggregates the results of all Microsoft Office 2016 <Product> reports.

Installation

Manual Installation

See the Installing a PowerShell module guide for more specific instructions.

  1. Download the most recent release

  2. Extract the archive, for example by using the following commands in Powershell or by using your favourite unzipping toolset.

Expand-Archive -Path ".\Audit TAP.zip" -DestinationPath "Audit TAP"
  1. Copy the ATAPAuditor and the ATAPHtmlReport modules to any of the paths of $env:PSModulePath.

Installation from PS Gallery

Install-Module -Name ATAPAuditor

Usage

Optionally, import the ATAPAuditor module:

Import-Module -Name ATAPAuditor

By default the module creates a new report in the Documents\ATAPReports folder. You can create a report for any report named in the above table. Just substitute the ReportName with the name of the benchmark. The force parameter creates the folder if it doesn't exist. For using an alternative Path, see customization.

Save-ATAPHtmlReport -ReportName "Microsoft IIS10" -Force
Save-ATAPHtmlReport -ReportName "Mozilla Firefox" -Force

Good to know

  • Make sure your execution policy is set to at least remoteSigned (the scripts are not digitally signed)
Set-ExecutionPolicy RemoteSigned -scope CurrentUser
  • The ATAPAuditor has a dependency on ATAPHtmlReport.
  • Some reports take more than a few seconds because hundreds of individual settings and controls checked. So please be patient, the result will satisfy your needs ๐Ÿ˜‰
  • If you used old versions of Audit TAP you may want to clean up your modules. Be sure you have not integrated Audit TAP functionality in reporting processes. In order to accomplish this task you can use the following script.
# Remove all old Audit TAP Reports if available
$collection = @("ATAPHtmlReport","Excel2016Audit","GoogleChromeAudit","IIS8Audit","IIS10Audit","MicrosoftIE11Audit","MozillaFirefoxAudit","Outlook2016Audit","Powerpoint2016Audit","Skype4Business2016Audit","SQL2016Benchmarks","Windows10Audit","Windows10GDPRAudit","WindowsServer2016Audit","Word2016Audit")
ForEach ($item in $collection)
{
  if (Get-Module -ListAvailable -Name $item)
  {
    # Module found, so remove it
    $installPath = Get-Module -ListAvailable $item | Select-Object -ExpandProperty Path | Split-Path -Parent
    Remove-Item -Path $installPath -Recurse -Force -Confirm:$false
  }
  else
  {
    # Module not installed, so do nothing an take next item
  }
}

Sample reports

You can find several sample reports in the "Samples" folder.

Customization

You can change the default folder for Save-ATAPHtmlReport, which is Documents\ATAPReports, by creating and later editing the environment variable ATAPReportPath. Environment variables can bet set for different scopes - please choose the one that fits your needs. The following samples will set the default path to 'C:\ATAPReports'.

Temporary scope: CurrentSession

$env:ATAPReportPath = 'C:\ATAPReports'

Permanent scope: CurrentUser

[System.Environment]::SetEnvironmentVariable('ATAPReportPath','C:\ATAPReports',[System.EnvironmentVariableTarget]::User)

Permanent scope: Machine

[System.Environment]::SetEnvironmentVariable('ATAPReportPath','C:\ATAPReports',[System.EnvironmentVariableTarget]::Machine)

Related links

Questions, issues or project support

  • For questions or issues regarding Audit TAP please use Github issue tracker.
  • For questions regarding project support please write a short mail to [email protected]

audit-test-automation's People

Contributors

beneboe avatar pathelb avatar devesly avatar flobroeder avatar peteruixiv avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.