Andreas/noid-privacy
1
0
Fork 0
mirror of https://github.com/NexusOne23/noid-privacy.git synced 2026-02-08 04:24:29 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

v2.2.0 - Complete Security Hardening Framework (632 Settings)

Browse source
This commit is contained in:
NexusOne23 2025-12-08 10:32:49 +01:00
commit ba364813ed
195 changed files with 43788 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

200
Modules/_ModuleTemplate/Public/Invoke-ModuleTemplate.ps1 Normal file
View file

@ -0,0 +1,200 @@
function Invoke-ModuleTemplate {
<#
.SYNOPSIS
Template function implementing BACKUP/APPLY/VERIFY/RESTORE pattern
.DESCRIPTION
This is a template function showing how to properly implement
the four-phase hardening pattern required for all modules.
.PARAMETER DryRun
Preview changes without applying them
.PARAMETER SkipBackup
Skip backup phase (not recommended)
.PARAMETER SkipVerify
Skip verification phase (not recommended)
.EXAMPLE
Invoke-ModuleTemplate -DryRun
Preview what changes would be made
.EXAMPLE
Invoke-ModuleTemplate
Apply all hardening changes with backup
.OUTPUTS
PSCustomObject with execution results
#>
[CmdletBinding()]
[OutputType([PSCustomObject])]
param(
[Parameter(Mandatory = $false)]
[switch]$DryRun,
[Parameter(Mandatory = $false)]
[switch]$SkipBackup,
[Parameter(Mandatory = $false)]
[switch]$SkipVerify
)
begin {
Write-Log -Level INFO -Message "Starting ModuleTemplate execution" -Module "ModuleTemplate"
$result = [PSCustomObject]@{
ModuleName = "ModuleTemplate"
Success = $true
ChangesApplied = 0
Errors = @()
Warnings = @()
BackupCreated = $false
VerificationPassed = $false
}
}
process {
try {
# ========================================
# PHASE 1: BACKUP
# ========================================
if (-not $SkipBackup -and -not $DryRun) {
Write-Log -Level INFO -Message "PHASE 1: Creating backups" -Module "ModuleTemplate"
try {
# Example: Backup a registry key
$backupFile = Backup-RegistryKey `
-KeyPath "HKLM:\SOFTWARE\Policies\Microsoft\Windows" `
-BackupName "ModuleTemplate_Example"
if ($null -ne $backupFile) {
$result.BackupCreated = $true
Write-Log -Level SUCCESS -Message "Backup created successfully" -Module "ModuleTemplate"
}
else {
$result.Warnings += "Backup creation failed"
Write-Log -Level WARNING -Message "Backup creation failed" -Module "ModuleTemplate"
}
}
catch {
$result.Warnings += "Backup error: $($_.Exception.Message)"
Write-Log -Level WARNING -Message "Backup error" -Module "ModuleTemplate" -Exception $_
}
}
elseif ($DryRun) {
Write-Log -Level INFO -Message "[DRY RUN] Would create backup" -Module "ModuleTemplate"
}
# ========================================
# PHASE 2: APPLY
# ========================================
Write-Log -Level INFO -Message "PHASE 2: Applying changes" -Module "ModuleTemplate"
if ($DryRun) {
Write-Log -Level INFO -Message "[DRY RUN] Would apply the following changes:" -Module "ModuleTemplate"
Write-Log -Level INFO -Message "[DRY RUN] - Example registry key modification" -Module "ModuleTemplate"
Write-Log -Level INFO -Message "[DRY RUN] - Example service configuration" -Module "ModuleTemplate"
}
else {
# Example: Apply a registry setting
$registrySuccess = Set-RegistryValue `
-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Example" `
-Name "ExampleSetting" `
-Value 1 `
-Type "DWord" `
-BackupName "ModuleTemplate_Registry"
if ($registrySuccess) {
$result.ChangesApplied++
Write-Log -Level SUCCESS -Message "Registry setting applied" -Module "ModuleTemplate"
}
else {
$result.Errors += "Failed to apply registry setting"
Write-Log -Level ERROR -Message "Failed to apply registry setting" -Module "ModuleTemplate"
}
# Example: Configure a service
if (Test-ServiceExists -ServiceName "ExampleService") {
$serviceSuccess = Set-ServiceStartupType `
-ServiceName "ExampleService" `
-StartupType "Disabled" `
-BackupName "ModuleTemplate_Service"
if ($serviceSuccess) {
$result.ChangesApplied++
Write-Log -Level SUCCESS -Message "Service configured" -Module "ModuleTemplate"
}
else {
$result.Errors += "Failed to configure service"
Write-Log -Level ERROR -Message "Failed to configure service" -Module "ModuleTemplate"
}
}
}
# ========================================
# PHASE 3: VERIFY
# ========================================
if (-not $SkipVerify) {
Write-Log -Level INFO -Message "PHASE 3: Verifying changes" -Module "ModuleTemplate"
if ($DryRun) {
Write-Log -Level INFO -Message "[DRY RUN] Would verify all settings" -Module "ModuleTemplate"
$result.VerificationPassed = $true
}
else {
# Example: Verify registry setting
$actualValue = Get-RegistryValue `
-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Example" `
-Name "ExampleSetting" `
-DefaultValue 0
if ($actualValue -eq 1) {
Write-Log -Level SUCCESS -Message "Registry setting verified" -Module "ModuleTemplate"
$result.VerificationPassed = $true
}
else {
$result.VerificationPassed = $false
$result.Errors += "Verification failed: Registry setting not applied correctly"
Write-Log -Level ERROR -Message "Verification failed" -Module "ModuleTemplate"
}
}
}
# ========================================
# PHASE 4: RESTORE (Only if errors occurred)
# ========================================
if ($result.Errors.Count -gt 0 -and -not $DryRun) {
Write-Log -Level WARNING -Message "PHASE 4: Errors detected, initiating rollback" -Module "ModuleTemplate"
# Restore from backup would go here
# This is handled by the Rollback.ps1 module
Write-Log -Level INFO -Message "Run Restore-AllBackups to undo changes" -Module "ModuleTemplate"
}
}
catch {
$result.Success = $false
$result.Errors += $_.Exception.Message
Write-Log -Level ERROR -Message "Module execution failed" -Module "ModuleTemplate" -Exception $_
}
}
end {
# Final status
if ($result.Errors.Count -eq 0) {
Write-Log -Level SUCCESS -Message "ModuleTemplate completed successfully" -Module "ModuleTemplate"
$result.Success = $true
}
else {
Write-Log -Level ERROR -Message "ModuleTemplate completed with errors" -Module "ModuleTemplate"
$result.Success = $false
}
Write-Log -Level INFO -Message "Changes applied: $($result.ChangesApplied)" -Module "ModuleTemplate"
Write-Log -Level INFO -Message "Errors: $($result.Errors.Count)" -Module "ModuleTemplate"
Write-Log -Level INFO -Message "Warnings: $($result.Warnings.Count)" -Module "ModuleTemplate"
return $result
}
}