Skip to content

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

License

Notifications You must be signed in to change notification settings

chrismueller/Audit-Test-Automation

Β 
Β 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

Audit Test Automation Package

Powershell Gallery Direct download

ATAPHtmlReport:
ataphtmlreportshield

ATAPAuditor:
atapauditorshield

AuditTAP Release 5.7.1:
ATAP

Table of contents

Overview

Our Audit Test Automation Package enables you to get an overview about the compliance status of your systems against established hardening guidelines. Below you will find an overview of the integrated hardening standards and their respective authors (such as Microsoft, CIS, BSI, etc.). The resulting HTML-reports provide a transparent and comprehensible overview over the compliance-status for each of the different settings and configurations suggested inside the provided industry standards and hardening guides.

Modules

The package consists of the following PowerShell modules:

  • ATAPHtmlReport
  • ATAPAuditor

Reports

ATAPAuditor contains reports based on the following benchmarks including the version number. How to read the table below:

  • The entries in the DISA column specify the version of the DISA STIG that is used.
  • The entries in the CIS column specify the version of the CIS benchmark that is used.
  • The entries in the MS column specify the version of the Microsoft security baseline that is used.
  • The entries in the BSI column specify the version of the BSI benchmark that is used.
  • The entries in the ACSC column specify the version of the ACSC benchmark that is used.

We currently support the following reports, based on these topics:

Application

Report DISA CIS Microsoft BSI ACSC
Google Chrome V1R15 2.0.0 - - -
Mozilla Firefox V4R24 1.0.0 - - -
Microsoft Edge - - 99 - -
Microsoft Internet Explorer 11 V1R16 1.0.0 2004 - -
Microsoft IIS10 - 1.1.1 - - -
Microsoft Office 2016 Excel V1R2 - - - -
Microsoft Office 2016 Outlook V1R2 - - - -
Microsoft Office 2016 PowerPoint V1R1 - - - -
Microsoft Office 2016 SkypeForBusiness V1R1 - - - -
Microsoft Office 2016 Word V1R1 - - - -
Microsoft Office 2016 V1R1, V1R2 1.1.0 - - -
Microsoft SQL Server 2016 - 1.3.0 - - -

The report Microsoft Office 2016 aggregates the results of all Microsoft Office 2016 <Product> reports.

Microsoft OS

Report DISA CIS Microsoft BSI ACSC
Microsoft Windows 7 - 3.1.0 - - -
Microsoft Windows 10 V1R23 2.0.0 21H1 SiSyPHuS 1.3 21H1
Microsoft Windows 10 GDPR - - 16082019 V1.1 -
Microsoft Windows 10 BSI - - - SiSyPHuS 1.3 -
Microsoft Windows 10 Stand-alone - Stand-alone 1.0.1 - SiSyPHuS 1.3 (Stand-alone) -
Microsoft Windows 11 Stand-alone - Stand-alone 2.0.0 - SiSyPHuS 1.3 (Stand-alone) -
Microsoft Windows 11 - 2.0.0 22H2 SiSyPHuS 1.3 -
Microsoft Windows Server 2012 2.19 2.6.0 - - -
Microsoft Windows Server 2016 1.12 2.0.0 FINAL - -
Microsoft Windows Server 2016 DC V1R6 2.0.0 FINAL - -
Microsoft Windows Server 2019 1.5 2.0.0 FINAL - -
Microsoft Windows Server 2019 DC V1R2 2.0.0 FINAL - -
Microsoft Windows Server 2022 V1R1 2.0.0 FINAL - -
Microsoft Windows Server 2022 DC - 2.0.0 FINAL - -

The report Microsoft Windows 10 BSI aggregates the results of all BSI recommendations for Microsoft Windows 10 reports.

Unix OS

Report DISA CIS Microsoft BSI ACSC FB Pro
Debian 10 - - - - - Base
Fedora 35 - - - - - Base
Red Hat Enterprise Linux 8 - - - - - Base
Ubuntu 20.04 - 1.1.0 - - - Base
Ubuntu 22.04 - 1.0.0 - - - Base
Debian 11 - 1.0.0 - - - Base
SUSE Linux Enterprise 15 - 1.1.1 - - - -

How to install

We offer several ways of how you can use our free of charge . Find several detailed explanations below and use them as follows:

  • Installation via PSGallery - just install our package directly from PowerShell Gallery.
  • Manual installation - use the manual way in case you do not have internet connectivity on the system you want to check. We are aware of these "non connected" scenarios for example in datacenter environments.
  • Use our installer to install or update

Installation from PS Gallery

Simple and straight-forward. Install with a single line of code.

Install-Module -Name ATAPAuditor

Video tutorial for manual installation

Following the well-known phrase "A picture is worth a thousand words" we visualized -installation in a roughly three minute video. The first half of the video guides through the process of manual installation, the second half shows installation via PowerShell Gallery.

See the Installing a PowerShell module guide for more specific instructions.

  1. Download the most recent release
  2. In case your systems security configuration prevents direct execution / access on internet based ("untrusted") files you may need to "unblock" the file first.
Unblock-File -Path .\Audit-Test-Automation-5.6.zip -Verbose

The following screenshot shows the output:

grafik

  1. Extract the archive, for example by using the following commands in PowerShell or by using your favourite unzipping toolset.
    When using PowerShell, please check correct version number with below code example.
Expand-Archive -Path ".\Audit-Test-Automation-5.6.zip" -DestinationPath "AuditTAP"
  1. Copy ATAPAuditor and ATAPHtmlReport modules to any of the paths of $env:PSModulePath.

Installer

Download the installer from the releases page. The wizard will guide you through the installation steps to install the necessary modules, along with a convenient Start-menu shortcut.

Linux

For usage on Linux systems a PowerShell installation is required. The necessary steps depend on the Linux distribution and is documented here. Once PowerShell is installed proceed with a manual installation or using PS Gallery.

Usage

Optionally, import ATAPAuditor module:

Import-Module -Name ATAPAuditor

By default the module creates a new report in Documents\ATAPReports folder. A list of all available reports can be found in above table. Just substitute the ReportName with the name of the benchmark. Append -Path to specify output folder.

❗ ATAP is only compatible with PowerShell 5. When run in a different PowerShell version, the user will be prompted to open a PowerShell 5 console or stop the script. ❗

Examples:

Save-ATAPHtmlReport -ReportName "Microsoft Windows 11 Stand-alone" -RiskScore -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 10" -RiskScore -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 11" -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 10 BSI" -RiskScore -Path C:\Temp
Save-ATAPHtmlReport -ReportName "Microsoft Windows Server 2022" -Path C:\Temp
Save-ATAPHtmlReport -ReportName "Google Chrome"
Save-ATAPHtmlReport -ReportName "Ubuntu 20.04"

Pro-Tip: After typing Save-ATAPHtmlReport -ReportName, use the keyboard shortcut <ctrl> + <space> to display all available parameters and select the desired report using arrow-keys.

The ATAPAuditor module also provides a simple menu based runner for reports. It can be found in ATAPAuditor\Helpers\Menu.ps1. When using the Windows based installer, a shortcut can be found in the start menu.

How to Update

In order to update AuditTAP, you need to update both modules "ATAPAuditor" and "ATAPHtmlReport". To do that, just run the following line of code:

For updating ATAPAuditor:

Update-Module ATAPAuditor

For updating ATAPHtmlReport:

Update-Module ATAPHtmlReport

If you want to update via Installer, make sure to download the latest version of AuditTAP. Then just follow the installation steps.

Good to know

  • Make sure your execution policy is set to at least remoteSigned (the scripts are not digitally signed)
Set-ExecutionPolicy RemoteSigned -scope CurrentUser
  • You can extend your AuditReports with a RiskScore by adding the RiskScore-Switch parameter (currently only available for Windows Reports):
Save-ATAPHtmlReport -ReportName "Microsoft Windows 10" -Force -RiskScore
  • ATAPAuditor has a dependency on ATAPHtmlReport.
  • Some reports take more than a few seconds because hundreds of individual settings and controls are checked. Please be patient, the result will satisfy your needs πŸ˜‰
  • If you used old versions of AuditTAP you may want to clean up your modules. Be sure you have not integrated AuditTAP functionality in reporting processes. In order to accomplish this task you can use the following script.
# Remove all old AuditTAP Reports if available
$collection = @("ATAPHtmlReport","Excel2016Audit","GoogleChromeAudit","IIS8Audit","IIS10Audit","MicrosoftIE11Audit","MozillaFirefoxAudit","Outlook2016Audit","Powerpoint2016Audit","Skype4Business2016Audit","SQL2016Benchmarks","Windows10Audit","Windows10GDPRAudit","WindowsServer2016Audit","Word2016Audit")
ForEach ($item in $collection)
{
  if (Get-Module -ListAvailable -Name $item)
  {
    # Module found, so remove it
    $installPath = Get-Module -ListAvailable $item | Select-Object -ExpandProperty Path | Split-Path -Parent
    Remove-Item -Path $installPath -Recurse -Force -Confirm:$false
  }
  else
  {
    # Module not installed, do nothing and take next item
  }
}

Sample reports

You can find several sample reports in the "Samples" folder.

Customization

You can change the default folder for Save-ATAPHtmlReport, which is Documents\ATAPReports, by creating and later editing the environment variable ATAPReportPath. Environment variables can be set for different scopes - please choose the one that fits your needs. The following samples will set the default path to 'C:\ATAPReports'.

Temporary scope: CurrentSession

$env:ATAPReportPath = 'C:\ATAPReports'

Permanent scope: CurrentUser

[System.Environment]::SetEnvironmentVariable('ATAPReportPath','C:\ATAPReports',[System.EnvironmentVariableTarget]::User)

Permanent scope: Machine

[System.Environment]::SetEnvironmentVariable('ATAPReportPath','C:\ATAPReports',[System.EnvironmentVariableTarget]::Machine)

Converting reports to Xml instead of HTML

For this functionality, it is handy to know the Invoke-ATAPReport command can be used: Just use the following code snippet, and exchange the variables "Reportname" and "FilePath".

$Reportname = "Microsoft Windows 11"
$FilePath = "C://YourPath/YourFileName.xml"
ConvertTo-Xml -InputObject (Invoke-ATAPReport -ReportName $ReportName) -As "String" -Depth 10 | Out-File -FilePath $FilePath

Related links

AuditTAP information

Hardening recommendations in general

Questions, issues or project support

Please check the FAQ-section first before opening an issue or contacting us.

  • For questions or issues regarding AuditTAP please use GitHub issue tracker.
  • For questions regarding project support please write a short mail to [email protected]

About

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 98.6%
  • Shell 1.2%
  • Other 0.2%