Skip to content

Commit cf222b7

Browse files
committed
Merge branch 'develop'
Add CIS benchmark 4.0 for M365
2 parents ee20c45 + cbfd79a commit cf222b7

File tree

16 files changed

+1753
-64
lines changed

16 files changed

+1753
-64
lines changed

Invoke-Monkey365.ps1

Lines changed: 1 addition & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -456,48 +456,6 @@ Function Invoke-Monkey365{
456456
}
457457
return
458458
}
459-
#Check if list collectors
460-
If($PSBoundParameters.ContainsKey('ListRule') -and $PSBoundParameters['ListRule'].IsPresent){
461-
#Get command Metadata
462-
$MetaData = New-Object -TypeName "System.Management.Automation.CommandMetaData" (Get-Command -Name "Get-Rule")
463-
$newPsboundParams = [ordered]@{}
464-
if($null -ne $MetaData){
465-
$param = $MetaData.Parameters.Keys
466-
foreach($p in $param.GetEnumerator()){
467-
if($PSBoundParameters.ContainsKey($p)){
468-
$newPsboundParams.Add($p,$PSBoundParameters[$p])
469-
}
470-
}
471-
#Add verbose, debug
472-
$newPsboundParams.Add('Verbose',$O365Object.verbose)
473-
$newPsboundParams.Add('Debug',$O365Object.debug)
474-
$newPsboundParams.Add('InformationAction',$O365Object.InformationAction)
475-
#Add pretty print
476-
[void]$newPsboundParams.Add('Pretty',$true);
477-
#Add RulesPath
478-
If($newPsboundParams.Contains('RulesPath')){
479-
$newPsboundParams.RulesPath = $O365Object.rulesPath;
480-
}
481-
Else{
482-
[void]$newPsboundParams.Add('RulesPath',$O365Object.rulesPath);
483-
}
484-
#Remove RuleSet if null
485-
If($newPsboundParams.Contains('RuleSet') -and $null -eq $newPsboundParams['RuleSet']){
486-
[void]$newPsboundParams.Remove('RuleSet');
487-
}
488-
#Remove instance if EntraID is selected
489-
If($newPsboundParams.Contains('Instance') -and $newPsboundParams['Instance'] -eq 'EntraID'){
490-
[void]$newPsboundParams.Remove('Instance');
491-
}
492-
#Remove Instance if null
493-
If($newPsboundParams.Contains('Instance') -and $null -eq $newPsboundParams['Instance']){
494-
[void]$newPsboundParams.Remove('Instance');
495-
}
496-
#Execute command
497-
Get-Rule @newPsboundParams
498-
}
499-
return
500-
}
501459
#Check for mandatory params
502460
Test-MandatoryParameter
503461
#Import MSAL module
@@ -577,3 +535,4 @@ Function Invoke-Monkey365{
577535
}
578536
}
579537

538+

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,7 @@ By default, the HTML report shows you the CIS (Center for Internet Security) Ben
9494
The following standards are supported by Monkey365:
9595

9696
* CIS Microsoft Azure Foundations Benchmark v3.0.0
97-
* CIS Microsoft 365 Foundations Benchmark v3.0.0
97+
* CIS Microsoft 365 Foundations Benchmark v3.0.0 and v4.0.0
9898

9999
More standards will be added in next releases (NIST, HIPAA, GDPR, PCI-DSS, etc..) as they are available.
100100

config/monkey365.config

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@
2222
"ruleSettings": {
2323
"rules": "rules/",
2424
"azureDefaultRuleset": "rules/rulesets/cis_azure_3.0.json",
25-
"m365DefaultRuleset": "rules/rulesets/cis_m365_3.0.json"
25+
"m365DefaultRuleset": "rules/rulesets/cis_m365_4.0.json"
2626
},
2727
"logging": {
2828
"default":[

core/modules/monkeyruleset/Localized/en-US/monkeyruleset.psd1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,12 @@ ConvertFrom-StringData @'
33
InitDataset = Dataset was created
44
DatasetNotCreated = Dataset was not created
55
InvalidObject = Unable to query dataset. Invalid Object.
6+
InvalidRuleset = Unable to import ruleset. {0} is not valid
67
UnableToCloneObject = Unable to clone object
78
DirectoryFoundMessage = {0} directory was found in {1}
89
AdditionalRulesMessage = Importing additional rules from {0}
910
UnableToSetRuleset = Unable to set ruleset
11+
UnableToImportRuleset = Unable to import ruleset. {0} was not found
1012
RulesetNotLoaded = The ruleset was not loaded
1113
UnableToGetRulesetInfo = Unable to get information from ruleset
1214
UnableToGetMetadataInfo = Unable to get metadata info from '{0}'

core/modules/monkeyruleset/Localized/monkeyruleset.psd1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,12 @@ ConvertFrom-StringData @'
33
InitDataset = Dataset was created
44
DatasetNotCreated = Dataset was not created
55
InvalidObject = Unable to query dataset. Invalid Object.
6+
InvalidRuleset = Unable to import ruleset. {0} is not valid
67
UnableToCloneObject = Unable to clone object
78
DirectoryFoundMessage = {0} directory was found in {1}
89
AdditionalRulesMessage = Importing additional rules from {0}
910
UnableToSetRuleset = Unable to set ruleset
11+
UnableToImportRuleset = Unable to import ruleset. {0} was not found
1012
RulesetNotLoaded = The ruleset was not loaded
1113
UnableToGetRulesetInfo = Unable to get information from ruleset
1214
UnableToGetMetadataInfo = Unable to get metadata info from '{0}'

core/modules/monkeyruleset/monkeyruleset.psd1

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -77,8 +77,7 @@
7777
'Invoke-Rule',
7878
'New-Dataset',
7979
'Get-Framework',
80-
'Get-RuleServiceType',
81-
'Test-MonkeyRule'
80+
'Get-RuleServiceType'
8281
)
8382
# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
8483
CmdletsToExport = @()

core/modules/monkeyruleset/private/Get-MonkeyRuleSet.ps1

Lines changed: 14 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -41,15 +41,23 @@ Function Get-MonkeyRuleSet{
4141
[String]$Ruleset
4242
)
4343
Process{
44-
if (Test-Path -Path $Ruleset){
45-
$myRuleset = Get-Content $Ruleset -Raw | ConvertFrom-Json
46-
if(Test-isValidRuleSet -Object $myRuleset){
47-
return $myRuleset
44+
Try{
45+
If (Test-Path -Path $Ruleset){
46+
$myRuleset = Get-Content $Ruleset -Raw | ConvertFrom-Json
47+
If(Test-isValidRuleSet -Object $myRuleset){
48+
return $myRuleset
49+
}
50+
Else{
51+
Write-Warning -Message ($Script:messages.InvalidRuleset -f $Ruleset)
52+
}
4853
}
49-
else{
50-
Write-Warning -Message ($Script:messages.InvalidRulesetMessage -f $Ruleset)
54+
Else{
55+
Write-Warning -Message ($Script:messages.UnableToImportRuleset -f $Ruleset)
5156
}
5257
}
58+
Catch{
59+
Write-Warning -Message ($Script:messages.InvalidRuleset -f $Ruleset)
60+
}
5361
}
5462
}
5563

core/modules/monkeyruleset/private/Import-MonkeyRuleset.ps1

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -43,23 +43,23 @@ Function Import-MonkeyRuleset{
4343
[parameter(Mandatory=$True, ParameterSetName = 'RuleSet',HelpMessage="Ruleset File")]
4444
[String]$Ruleset
4545
)
46-
try{
47-
if($PSCmdlet.ParameterSetName -eq 'RuleSet'){
46+
Try{
47+
If($PSCmdlet.ParameterSetName -eq 'RuleSet'){
4848
$p = @{
4949
Ruleset = $Ruleset;
5050
}
5151
$myRuleSet = Get-MonkeyRuleSet @p
52-
if($myRuleSet){
52+
If($myRuleSet){
5353
New-Variable -Name SecBaseline -Value $myRuleSet -Scope Script -Force
5454
}
5555
}
56-
else{
57-
if(Test-isValidRuleSet -Object $RulesetObject){
56+
Else{
57+
If(Test-isValidRuleSet -Object $RulesetObject){
5858
New-Variable -Name SecBaseline -Value $RulesetObject -Scope Script -Force
5959
}
6060
}
6161
}
62-
catch{
62+
Catch{
6363
Write-Warning $Script:messages.UnableToSetRuleset
6464
Write-Verbose $_.Exception.Message
6565
}

core/modules/monkeyutils/monkeyutils.psd1

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,8 @@ FunctionsToExport = @(
9999
'Get-MonkeyDuplicateObjectsByProperty',
100100
'Update-PsObject',
101101
'Get-AstFunction',
102-
'Get-ObjectPropertyByPath'
102+
'Get-ObjectPropertyByPath',
103+
'Test-IsValidUrl'
103104
)
104105

105106
# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
# Monkey365 - the PowerShell Cloud Security Tool for Azure and Microsoft 365 (copyright 2022) by Juan Garrido
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
15+
Function Test-IsValidUrl{
16+
<#
17+
.SYNOPSIS
18+
19+
.DESCRIPTION
20+
21+
.INPUTS
22+
23+
.OUTPUTS
24+
25+
.EXAMPLE
26+
27+
.NOTES
28+
Author : Juan Garrido
29+
Twitter : @tr1ana
30+
File Name : Test-IsValidUrl
31+
Version : 1.0
32+
33+
.LINK
34+
https://github.com/silverhack/monkey365
35+
#>
36+
[cmdletbinding()]
37+
[OutputType([System.Boolean])]
38+
Param (
39+
[parameter(Mandatory=$false, ValueFromPipeline = $true, HelpMessage="InputObjec")]
40+
[String]$InputObject
41+
)
42+
Process{
43+
[System.Uri]$out = $null;
44+
[System.Uri]::TryCreate($InputObject,[System.UriKind]::Absolute,[ref]$out) -and ($out.Scheme -eq [System.Uri]::UriSchemeHttp -or $out.Scheme -eq [System.Uri]::UriSchemeHttps)
45+
}
46+
}
47+

0 commit comments

Comments
 (0)