Tags: elysium-suite/aeacus
Tags
Add warnings for possible mistakes (#152) I definitely haven't spent any time at all being confused by these or anything like that. 0 time whatsoever. Anyway, if someone else makes a mistake like this, the new warnings could serve as a hint that something is wrong.
Adds 4 new user properties to the UserDetail check. (#146) * Adds 4 new user properties to the UserDetail check. Signed-off-by: Mobmaker <[email protected]> * Add modifier check type Signed-off-by: Mobmaker <[email protected]> * Updated documentation to match the "modifier" field Signed-off-by: Mobmaker <[email protected]> * Updated to ensure that users know time should be in UTC Signed-off-by: Mobmaker <[email protected]> * Removed debug lines Signed-off-by: Mobmaker <[email protected]> * Removed the modifier field and switched to a comparison value split system. Signed-off-by: Mobmaker <[email protected]> * Made comparison stricter, reducing edge cases. Signed-off-by: Mobmaker <[email protected]> * Handled more errors, optimized some code. Signed-off-by: Mobmaker <[email protected]> * Fixed error handling inversion Signed-off-by: Mobmaker <[email protected]> * fixed documentational wording Signed-off-by: Mobmaker <[email protected]> * Removed false positive Signed-off-by: Mobmaker <[email protected]>
Param handing rework and general refactor (#138) * Update documentation * Update README * Remove extraneous/outdated files * Update checks documentation and tests * Refactor for simplicity This commit changes a lot. Essentially, it's a migration away from the shoe-horned module structure we had before (cmd), since it doesn't really make sense for us to split into submodules with a relatively small project. It's also using a struct with more descriptive fields for all the checks, which also permits us to use reflection to call the functions rather than the grotesque case statements. * Use compilation directive, and add cli options This permits people to use directories other than /opt and C:\ when testing aeacus. * Fix path to stopscoring.sh * Reduce redundancy in gen-crypto * Update build file go version * Fix crypto failing on some checks (UserExists) This was annoying. I was using XOR as the final operation after AES, which I can only assume caused issues with some bytes when XOR'd again and decrypted with AES-GCM. The solution was to put AES-GCM as the final operation, which is also just smarter, since it's an authenticated cipher. This commit also refactors readData() into readScoringData(), since the abstraction there wasn't used anywhere else. * Update go modules and remove verbose messages * Restore crypto.go after make release * Don't count penalties as scored vulnerabilities * Simplify check status handling, fix typos * Remove condition fields, implement param checking There's now a function that will check that the required parameters are being used for a check. * Remove extraneous printing of variable * Changelog and compatibility aliases * Fix build issue arising from `checkTrace` * Add more compiling and crypto information * Rewrite crypto.md to be more approachable * Don't use magic numbers in negation check * Fix info types in README * Add inline SecurityPolicy check documentation * Refactored shell feature (#139) * linux shell revamp, proof of concept * windows shell revamp, proof of concept using conpty * add shell goroutine to runtime * remove old shell functionality * modified shell code to work with new refactor * Use implicit build directives for shell * Add PasswordHistorySize to ranged SecPol checks Thanks to KaliPatriot for pointing this fix out. * Use upstream constants for BitLocker * Remove destroyImage functionality, update Go * Add regex documentation * Added sour's changes + linted them. Co-authored-by: Safin Singh <[email protected]> Co-authored-by: Alvin Zheng <[email protected]> Co-authored-by: mob <[email protected]>
PreviousNext