v2.2.0: Fix Privacy settings count + DoH connectivity test

Privacy Module: - Fixed 'Applied X settings' to show only registry settings (60/78/86) - Bloatware count no longer added to settings total - Consistent with module prompt (MSRecommended: 60, Strict: 78, Paranoid: 86) DNS Module: - Fixed DoH connectivity test for systems with REQUIRE mode active - Tests HTTPS endpoint (port 443) when classic DNS is blocked - Proper detection of existing DoH configuration Verified: Full Apply/Verify/Restore cycle - 633/633 settings (100%)
2026-02-22 11:14:15 +01:00 · 2025-12-09 10:48:12 +01:00 · 2025-12-09 10:48:12 +01:00 · d78d941113
commit d78d941113
parent eafa89cf97
17 changed files with 319 additions and 116 deletions
--- a/NoIDPrivacy-Interactive.ps1
+++ b/NoIDPrivacy-Interactive.ps1
@ -472,16 +472,50 @@ function Show-ModuleMenu {
    Write-Banner
    Write-Header "SELECT MODULES TO APPLY"
    
+    # Module definitions with descriptions
+    $moduleDefinitions = @{
+        "SecurityBaseline" = "Microsoft Security Baseline (425 settings)"
+        "ASR"              = "Attack Surface Reduction (19 rules)"
+        "DNS"              = "Secure DNS with DoH (Quad9/Cloudflare/AdGuard)"
+        "Privacy"          = "Telemetry & Privacy hardening (3 modes)"
+        "AntiAI"           = "Disable Windows AI features (15 features, 32 policies)"
+        "EdgeHardening"    = "Secure Microsoft Edge browser (24 policies)"
+        "AdvancedSecurity" = "Beyond MS Baseline (50 settings, 15 features)"
+    }
+    
+    # Try to load config.json to check module status
+    $configPath = Join-Path $PSScriptRoot "config.json"
+    $config = $null
+    if (Test-Path $configPath) {
+        try {
+            $config = Get-Content $configPath -Raw | ConvertFrom-Json
+        }
+        catch {
+            # If config fails to load, all modules default to enabled
+        }
+    }
+    
+    # Build module list with status from config
    $modules = @(
-        [PSCustomObject]@{ Key = "1"; Name = "SecurityBaseline"; Description = "Microsoft Security Baseline (425 settings)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "2"; Name = "ASR"; Description = "Attack Surface Reduction (19 rules)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "3"; Name = "DNS"; Description = "Secure DNS with DoH (Quad9/Cloudflare/AdGuard)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "4"; Name = "Privacy"; Description = "Telemetry & Privacy hardening (3 modes)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "5"; Name = "AntiAI"; Description = "Disable Windows AI features (15 features, 32 policies)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "6"; Name = "EdgeHardening"; Description = "Secure Microsoft Edge browser (24 policies)"; Enabled = $true }
-        [PSCustomObject]@{ Key = "7"; Name = "AdvancedSecurity"; Description = "15 security features (50 settings): RDP/Credentials/Ports/TLS/WPAD/PSv2/SRP/WinUpdate/WirelessDisplay/Discovery/IPv6"; Enabled = $true }
+        [PSCustomObject]@{ Key = "1"; Name = "SecurityBaseline"; Description = $moduleDefinitions["SecurityBaseline"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "2"; Name = "ASR"; Description = $moduleDefinitions["ASR"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "3"; Name = "DNS"; Description = $moduleDefinitions["DNS"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "4"; Name = "Privacy"; Description = $moduleDefinitions["Privacy"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "5"; Name = "AntiAI"; Description = $moduleDefinitions["AntiAI"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "6"; Name = "EdgeHardening"; Description = $moduleDefinitions["EdgeHardening"]; Enabled = $true }
+        [PSCustomObject]@{ Key = "7"; Name = "AdvancedSecurity"; Description = $moduleDefinitions["AdvancedSecurity"]; Enabled = $true }
    )
    
+    # Override enabled status from config.json if available
+    if ($config -and $config.modules) {
+        foreach ($module in $modules) {
+            $configModule = $config.modules.PSObject.Properties[$module.Name]
+            if ($configModule -and $configModule.Value.PSObject.Properties['enabled']) {
+                $module.Enabled = [bool]$configModule.Value.enabled
+            }
+        }
+    }
+    
    foreach ($module in $modules) {
        if ($module.Enabled) { 
            Write-ColorText "  [$($module.Key)]" -Color Green -NoNewline
@ -609,8 +643,9 @@ function Invoke-HardeningWorkflow {
            Write-ColorText "FAILED [-]" -Color Red
        }
        
-        Write-ColorText "  Modules Applied:  " -Color Gray -NoNewline
+        Write-ColorText "  Modules Selected: " -Color Gray -NoNewline
        Write-ColorText "$($modulesToRun.Count)" -Color White
+        Write-ColorText "  (Check output above for actual results per module)" -Color DarkGray
        
        Write-Host ""
        
@ -619,7 +654,7 @@ function Invoke-HardeningWorkflow {
        }
        else {
            Write-ColorText "  Some modules had warnings or were skipped. Check details above." -Color Yellow
-            Write-ColorText "  Most security settings were still applied successfully." -Color White
+            Write-ColorText "  Review the log file for complete details." -Color White
        }
        
        Write-Host ""
@ -885,11 +920,15 @@ try {
        exit 1
    }
    
-    # Load framework
+    # Load Framework (required for core functions like Test-IsAdmin used by modules)
    $frameworkPath = Join-Path $PSScriptRoot "Core\Framework.ps1"
    if (Test-Path $frameworkPath) {
        . $frameworkPath
    }
+    else {
+        Write-Host "[ERROR] Framework.ps1 not found!" -ForegroundColor Red
+        exit 1
+    }
    
    while ($true) {
        # Clear before each main menu redraw