CSEC_PUBLIC/WELA
1
0
Fork 0
mirror of https://github.com/Yamato-Security/WELA.git synced 2025-12-06 17:22:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
fukusuket
2025-03-12 08:51:45 +09:00
parent cd3293b25e
commit cde9ef362e
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config/WELA.ps1
View File

@@ -3,16 +3,13 @@ $outputFilePath = "auditpol_output.txt"
Start-Process -FilePath "cmd.exe" -ArgumentList "/c chcp 437 & auditpol /get /category:* /r > $outputFilePath" -NoNewWindow -Wait Start-Process -FilePath "cmd.exe" -ArgumentList "/c chcp 437 & auditpol /get /category:* /r > $outputFilePath" -NoNewWindow -Wait
$auditpolOutput = Get-Content -Path $outputFilePath $auditpolOutput = Get-Content -Path $outputFilePath
$filteredOutput = $auditpolOutput | Select-String -NotMatch "No Auditing" $filteredOutput = $auditpolOutput | Select-String -NotMatch "No Auditing"
Write-Host "DEBUG2"
$extractedStrings = [System.Collections.Generic.HashSet[string]]::new() $extractedStrings = [System.Collections.Generic.HashSet[string]]::new()
Write-Host "DEBUG"
$filteredOutput | ForEach-Object { $filteredOutput | ForEach-Object {
if ($_ -match '{(.*?)}') { if ($_ -match '{(.*?)}') {
$extractedStrings.Add($matches[1]) $extractedStrings.Add($matches[1])
} }
} }
Write-Host $extractedStrings
Write-Host "Extracted GUIDs:"
# Step 2: Read the rules from security_rules.json # Step 2: Read the rules from security_rules.json
$jsonFilePath = "./config/security_rules.json" $jsonFilePath = "./config/security_rules.json"