74 lines
5.2 KiB
JSON
74 lines
5.2 KiB
JSON
[
|
|
{
|
|
"id": "AH-IE11-Feature-Disabled",
|
|
"title": "Internet Explorer 11 feature is disabled/removed (skip on Win11)",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$f=Get-WindowsOptionalFeature -Online -FeatureName Internet-Explorer-Optional-amd64 -ErrorAction SilentlyContinue; if($null -eq $f){ return $null }; $f.State -in @('Disabled','Removed')",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Java-Plugin-Absent",
|
|
"title": "Legacy Java browser plugin not present",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "if( (Test-Path 'HKLM:\\SOFTWARE\\JavaSoft\\Java Plug-in') -or (Test-Path 'HKLM:\\SOFTWARE\\Oracle\\JavaDeploy\\WebDeployJava') ){ return $false } else { return $true }",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Edge-SmartScreen",
|
|
"title": "Microsoft Edge SmartScreen enabled via policy",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$edge=@('C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe','C:\\Program Files\\Microsoft\\Edge\\Application\\msedge.exe') | Where-Object {Test-Path $_}; if(-not $edge){ return $null }; $keys=@('HKLM:\\SOFTWARE\\Policies\\Microsoft\\Edge','HKCU:\\SOFTWARE\\Policies\\Microsoft\\Edge','HKLM:\\SOFTWARE\\Microsoft\\PolicyManager\\current\\device\\Browser'); foreach($k in $keys){ if(Test-Path $k){ try{ $val=(Get-ItemProperty -Path $k -ErrorAction Stop).SmartScreenEnabled; if($null -ne $val -and [int]$val -ge 1){ return $true } } catch{} } } $false",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Edge-DownloadRestrictions",
|
|
"title": "Edge download restrictions present",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$edge=@('C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe','C:\\Program Files\\Microsoft\\Edge\\Application\\msedge.exe') | Where-Object {Test-Path $_}; if(-not $edge){ return $null }; foreach($k in @('HKLM:\\SOFTWARE\\Policies\\Microsoft\\Edge','HKCU:\\SOFTWARE\\Policies\\Microsoft\\Edge')){ if(Test-Path $k){ $v=(Get-ItemProperty -Path $k -ErrorAction SilentlyContinue).DownloadRestrictions; if($null -ne $v -and [int]$v -ge 1){ return $true } } } $false",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Chrome-SafeBrowsing",
|
|
"title": "Chrome SafeBrowsing policy configured",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$chrome=@('C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe','C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe') | Where-Object {Test-Path $_}; if(-not $chrome){ return $null }; foreach($k in @('HKLM:\\SOFTWARE\\Policies\\Google\\Chrome','HKCU:\\SOFTWARE\\Policies\\Google\\Chrome')){ if(Test-Path $k){ $v=(Get-ItemProperty -Path $k -ErrorAction SilentlyContinue).SafeBrowsingProtectionLevel; if($null -ne $v -and [int]$v -ge 1){ return $true } } } $false",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Chrome-DownloadRestrictions",
|
|
"title": "Chrome download restrictions present",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$chrome=@('C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe','C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe') | Where-Object {Test-Path $_}; if(-not $chrome){ return $null }; foreach($k in @('HKLM:\\SOFTWARE\\Policies\\Google\\Chrome','HKCU:\\SOFTWARE\\Policies\\Google\\Chrome')){ if(Test-Path $k){ $v=(Get-ItemProperty -Path $k -ErrorAction SilentlyContinue).DownloadRestrictions; if($null -ne $v -and [int]$v -ge 1){ return $true } } } $false",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Chrome-Ext-Blocklist",
|
|
"title": "Chrome extension install blocklist configured",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "if(-not (Test-Path 'HKLM:\\SOFTWARE\\Policies\\Google\\Chrome') -and -not (Test-Path 'HKCU:\\SOFTWARE\\Policies\\Google\\Chrome')){ return $null } $k='HKLM:\\SOFTWARE\\Policies\\Google\\Chrome\\ExtensionInstallBlocklist'; $k2='HKCU:\\SOFTWARE\\Policies\\Google\\Chrome\\ExtensionInstallBlocklist'; if(Test-Path $k -or Test-Path $k2){ return $true } $false",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Firefox-PolicyKey",
|
|
"title": "Firefox enterprise policies present",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$ff=@('C:\\Program Files\\Mozilla Firefox\\firefox.exe','C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe') | Where-Object {Test-Path $_}; if(-not $ff){ return $null }; if( (Test-Path 'HKLM:\\SOFTWARE\\Policies\\Mozilla\\Firefox') -or (Test-Path 'HKCU:\\SOFTWARE\\Policies\\Mozilla\\Firefox') ){ return $true } else { return $false }",
|
|
"minLevel": "ML1"
|
|
},
|
|
{
|
|
"id": "AH-Windows-SmartScreen",
|
|
"title": "Windows SmartScreen enabled by policy",
|
|
"strategy": "AH",
|
|
"type": "scriptblock",
|
|
"script": "$paths=@('HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\System','HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\System','HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Explorer','HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Explorer'); foreach($p in $paths){ if(Test-Path $p){ $prop=Get-ItemProperty -Path $p -ErrorAction SilentlyContinue; if($null -ne $prop.EnableSmartScreen -and [int]$prop.EnableSmartScreen -eq 1){ return $true }; if($null -ne $prop.SmartScreenEnabled -and [int]$prop.SmartScreenEnabled -ge 1){ return $true } } } $false",
|
|
"minLevel": "ML1"
|
|
}
|
|
] |