CSEC_PUBLIC/WELA
1
0
Fork 0
mirror of https://github.com/Yamato-Security/WELA.git synced 2025-12-07 17:52:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
fukusuket
2025-03-12 00:32:49 +09:00
parent 8b9bb9c381
commit dbfd8d904b
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/WELA.ps1
View File

@@ -2,7 +2,9 @@
$outputFilePath = "auditpol_output.txt" $outputFilePath = "auditpol_output.txt"
Start-Process -FilePath "cmd.exe" -ArgumentList "/c chcp 437 & auditpol /get /category:* /r > $outputFilePath" -NoNewWindow -Wait Start-Process -FilePath "cmd.exe" -ArgumentList "/c chcp 437 & auditpol /get /category:* /r > $outputFilePath" -NoNewWindow -Wait
$auditpolOutput = Get-Content -Path $outputFilePath -Raw $auditpolOutput = Get-Content -Path $outputFilePath -Raw
Write-Output $auditpolOutput
$filteredOutput = $auditpolOutput | Select-String -Pattern '^(?!.*No Auditing).*{.*}$' -AllMatches | ForEach-Object { $_.Matches.Value } $filteredOutput = $auditpolOutput | Select-String -Pattern '^(?!.*No Auditing).*{.*}$' -AllMatches | ForEach-Object { $_.Matches.Value }
Write-Output $filteredOutput
$extractedStrings = [System.Collections.Generic.HashSet[string]]::new() $extractedStrings = [System.Collections.Generic.HashSet[string]]::new()
$filteredOutput | ForEach-Object { $filteredOutput | ForEach-Object {
if ($_ -match '{(.*?)}') { if ($_ -match '{(.*?)}') {
@@ -88,7 +90,7 @@ Write-Output "Usable detection rules list saved to: UsableRules.csv"
Write-Output "Unusable detection rules list saved to: UnusableRules.csv" Write-Output "Unusable detection rules list saved to: UnusableRules.csv"
Write-Output "" Write-Output ""
$totalUsable = ($usablePercentages | Measure-Object -Property UsableCount -Sum).Sum $totalUsable = ($usablePercentages | Measure-Object -Property UsableCount -Sum).Sum
$totalRulesCount = ($totalRules | Measure-Object -Property Count -Sum).Sum $totalRulesCount = ($totalCounts | Measure-Object -Property Count -Sum).Sum
$utilizationPercentage = ($totalUsable / $totalRulesCount) * 100 $utilizationPercentage = ($totalUsable / $totalRulesCount) * 100
Write-Output "You can only utilize $utilizationPercentage% of your Security detection rules." Write-Output "You can only utilize $utilizationPercentage% of your Security detection rules."