Showing preview only (1,731K chars total). Download the full file or copy to clipboard to get everything.
Repository: lateralblast/lunar
Branch: master
Commit: cc174e4dc704
Files: 668
Total size: 1.5 MB
Directory structure:
gitextract_oer0oofz/
├── README.md
├── aws/
│ ├── account-creation-policy.json
│ ├── iam-manager-policy.json
│ ├── iam-master-policy.json
│ └── server-access-logging.json
├── changelog
├── docker-compose.yml
├── functions/
│ ├── aix/
│ │ ├── check_auditctl.sh
│ │ ├── check_chsec.sh
│ │ ├── check_chuser.sh
│ │ ├── check_itab.sh
│ │ ├── check_lslpp.sh
│ │ ├── check_no.sh
│ │ ├── check_pwpolicy.sh
│ │ ├── check_rctcp.sh
│ │ ├── check_subserver.sh
│ │ └── check_trust.sh
│ ├── aws/
│ │ ├── audit_aws.sh
│ │ ├── audit_aws_rec_all.sh
│ │ ├── check_aws_open_port.sh
│ │ └── check_aws_password_policy.sh
│ ├── azure/
│ │ ├── compute/
│ │ │ ├── batch/
│ │ │ │ ├── check_azure_batch_pool_value.sh
│ │ │ │ └── check_azure_batch_value.sh
│ │ │ ├── container/
│ │ │ │ └── check_azure_container_instance_value.sh
│ │ │ ├── function/
│ │ │ │ ├── check_azure_function_app_value.sh
│ │ │ │ └── check_azure_function_deployment_slot_value.sh
│ │ │ ├── vm/
│ │ │ │ └── check_azure_vm_value.sh
│ │ │ └── webapp/
│ │ │ ├── check_azure_app_service_app_value.sh
│ │ │ ├── check_azure_app_service_ase_value.sh
│ │ │ ├── check_azure_app_service_deployment_slot_value.sh
│ │ │ └── check_azure_app_service_plan_value.sh
│ │ ├── database/
│ │ │ ├── check_azure_cosmos_db_value.sh
│ │ │ ├── check_azure_mysql_db_value.sh
│ │ │ ├── check_azure_postgresql_db_value.sh
│ │ │ ├── check_azure_redis_cache_value.sh
│ │ │ ├── check_azure_redis_enterprise_cache_value.sh
│ │ │ └── check_azure_sql_db_value.sh
│ │ ├── logging/
│ │ │ ├── check_azure_activity_log_alert_value.sh
│ │ │ ├── check_azure_monitor_value.sh
│ │ │ ├── check_azure_monitoring_diagnostics_value.sh
│ │ │ ├── check_azure_network_watcher_flow_log_value.sh
│ │ │ ├── check_azure_network_watcher_value.sh
│ │ │ └── check_azure_storage_logging_value.sh
│ │ ├── network/
│ │ │ ├── check_azure_network_private_endpoint_value.sh
│ │ │ ├── check_azure_public_ip_value.sh
│ │ │ └── check_azure_vnet_value.sh
│ │ ├── other/
│ │ │ └── audit_azure.sh
│ │ ├── security/
│ │ │ ├── check_azure_basic_authentication_publishing_credential_value.sh
│ │ │ ├── check_azure_lock_value.sh
│ │ │ ├── check_azure_microsoft_defender_value.sh
│ │ │ ├── check_azure_network_security_perimeter_value.sh
│ │ │ ├── check_azure_nsg_security_rule_value.sh
│ │ │ ├── check_azure_resource_manager_lock.sh
│ │ │ ├── check_azure_security_contact_value.sh
│ │ │ ├── check_azure_security_setting.sh
│ │ │ └── check_azure_waf_value.sh
│ │ ├── storage/
│ │ │ ├── check_azure_backup_policy_value.sh
│ │ │ ├── check_azure_data_factory_value.sh
│ │ │ ├── check_azure_databox_value.sh
│ │ │ ├── check_azure_databricks_value.sh
│ │ │ ├── check_azure_elastic_san_value.sh
│ │ │ ├── check_azure_file_share_value.sh
│ │ │ ├── check_azure_netapp_file_value.sh
│ │ │ ├── check_azure_storage_account_container_value.sh
│ │ │ ├── check_azure_storage_account_keys_rotation.sh
│ │ │ ├── check_azure_storage_account_value.sh
│ │ │ ├── check_azure_storage_blob_policy_value.sh
│ │ │ ├── check_azure_storage_blob_value.sh
│ │ │ ├── check_azure_storage_container_value.sh
│ │ │ └── check_azure_storage_fs_value.sh
│ │ └── vaults/
│ │ ├── check_azure_backup_vault_value.sh
│ │ ├── check_azure_key_vault_key_value.sh
│ │ ├── check_azure_key_vault_value.sh
│ │ └── check_azure_recovery_services_vault_value.sh
│ ├── command/
│ │ ├── check_command_output.sh
│ │ └── check_command_value.sh
│ ├── darwin/
│ │ ├── check_dscl.sh
│ │ ├── check_launchctl_service.sh
│ │ ├── check_osx_defaults.sh
│ │ ├── check_osx_systemsetup.sh
│ │ ├── check_pmset.sh
│ │ └── check_sysadminctl.sh
│ ├── docker/
│ │ ├── audit_docker.sh
│ │ └── check_dockerd.sh
│ ├── file/
│ │ ├── audit_search_fs.sh
│ │ ├── audit_select.sh
│ │ ├── audit_test_subset.sh
│ │ ├── backup_file.sh
│ │ ├── check_append_file.sh
│ │ ├── check_file_comment.sh
│ │ ├── check_file_exists.sh
│ │ ├── check_file_perms.sh
│ │ ├── check_file_value.sh
│ │ ├── disable_value.sh
│ │ ├── replace_file_value.sh
│ │ ├── restore_file.sh
│ │ └── update_log_file.sh
│ ├── kubernetes/
│ │ └── audit_kubernetes.sh
│ ├── linux/
│ │ ├── check_ausearch.sh
│ │ ├── check_chkconfig_service.sh
│ │ ├── check_debian_package.sh
│ │ ├── check_gsettings_value.sh
│ │ ├── check_linux_package.sh
│ │ ├── check_linux_service.sh
│ │ ├── check_systemctl_service.sh
│ │ └── check_xinetd_service.sh
│ ├── packages/
│ │ └── check_package.sh
│ ├── services/
│ │ └── check_inetd_service.sh
│ └── sunos/
│ ├── audit_system.sh
│ ├── audit_system_sparc.sh
│ ├── audit_system_x86.sh
│ ├── check_initd_service.sh
│ ├── check_service.sh
│ ├── check_solaris_package.sh
│ ├── check_sunos_service.sh
│ ├── check_svcadm_service.sh
│ └── create_ndd_script.sh
├── lunar.sh
├── main/
│ ├── check_environment.sh
│ ├── check_os_release.sh
│ ├── check_shellcheck.sh
│ ├── get_info.sh
│ └── print_info.sh
└── modules/
├── accounting/
│ ├── audit_filesystem_partitions.sh
│ ├── audit_kernel_accounting.sh
│ ├── audit_process_accounting.sh
│ ├── audit_sar_accounting.sh
│ ├── audit_system_accounting.sh
│ ├── audit_system_accounts.sh
│ ├── audit_system_auth.sh
│ ├── audit_system_auth_account_reset.sh
│ ├── audit_system_auth_no_magic_root.sh
│ ├── audit_system_auth_nullok.sh
│ ├── audit_system_auth_unlock_time.sh
│ ├── audit_system_auth_use_uid.sh
│ └── audit_system_integrity.sh
├── aix/
│ ├── audit_i4ls.sh
│ └── audit_writesrv.sh
├── apache/
│ └── audit_apache.sh
├── audit/
│ └── audit_auditd.sh
├── aws/
│ ├── compute/
│ │ ├── audit_aws_ec2.sh
│ │ ├── audit_aws_elb.sh
│ │ ├── audit_aws_es.sh
│ │ ├── audit_aws_rec_ec2.sh
│ │ ├── audit_aws_rec_elb.sh
│ │ ├── audit_aws_rec_es.sh
│ │ └── audit_aws_ses.sh
│ ├── config/
│ │ ├── audit_aws_cf.sh
│ │ ├── audit_aws_config.sh
│ │ └── audit_aws_support_role.sh
│ ├── database/
│ │ ├── audit_aws_ec.sh
│ │ ├── audit_aws_rds.sh
│ │ ├── audit_aws_rec_dynamodb.sh
│ │ ├── audit_aws_rec_ec.sh
│ │ ├── audit_aws_rec_rds.sh
│ │ ├── audit_aws_rec_redshift.sh
│ │ └── audit_aws_redshift.sh
│ ├── logging/
│ │ ├── audit_aws_inspector.sh
│ │ ├── audit_aws_logging.sh
│ │ ├── audit_aws_monitoring.sh
│ │ ├── audit_aws_rec_inspector.sh
│ │ ├── audit_aws_rec_monitoring.sh
│ │ └── audit_aws_sns.sh
│ ├── network/
│ │ ├── audit_aws_dns.sh
│ │ ├── audit_aws_rec_vpcs.sh
│ │ └── audit_aws_vpcs.sh
│ ├── security/
│ │ ├── audit_aws_access_keys.sh
│ │ ├── audit_aws_certs.sh
│ │ ├── audit_aws_creds.sh
│ │ ├── audit_aws_iam.sh
│ │ ├── audit_aws_keys.sh
│ │ ├── audit_aws_mfa.sh
│ │ ├── audit_aws_password_policy.sh
│ │ └── audit_aws_sgs.sh
│ └── storage/
│ ├── audit_aws_cdn.sh
│ └── audit_aws_s3.sh
├── azure/
│ ├── compute/
│ │ ├── batch/
│ │ │ └── audit_azure_batch.sh
│ │ ├── container/
│ │ │ └── audit_azure_container_instances.sh
│ │ ├── cycle/
│ │ │ └── audit_azure_cycle_cloud.sh
│ │ ├── function/
│ │ │ ├── apps/
│ │ │ │ ├── audit_azure_function_app_basic_authentication_publishing_credentials.sh
│ │ │ │ ├── audit_azure_function_app_client_certificates.sh
│ │ │ │ ├── audit_azure_function_app_cross_origin_resource_sharing.sh
│ │ │ │ ├── audit_azure_function_app_ftp_states.sh
│ │ │ │ ├── audit_azure_function_app_http_values.sh
│ │ │ │ ├── audit_azure_function_app_java_versions.sh
│ │ │ │ ├── audit_azure_function_app_managed_identities.sh
│ │ │ │ ├── audit_azure_function_app_public_network_access.sh
│ │ │ │ ├── audit_azure_function_app_python_versions.sh
│ │ │ │ ├── audit_azure_function_app_remote_debugging.sh
│ │ │ │ ├── audit_azure_function_app_service_authentication.sh
│ │ │ │ ├── audit_azure_function_app_tls_values.sh
│ │ │ │ ├── audit_azure_function_app_virtual_network_integration.sh
│ │ │ │ └── audit_azure_function_apps.sh
│ │ │ └── slots/
│ │ │ ├── audit_azure_function_deployment_slots.sh
│ │ │ ├── audit_azure_function_deployment_slots_basic_authentication_publishing_credentials.sh
│ │ │ ├── audit_azure_function_deployment_slots_client_certificates.sh
│ │ │ ├── audit_azure_function_deployment_slots_cross_origin_resource_sharing.sh
│ │ │ ├── audit_azure_function_deployment_slots_ftp_states.sh
│ │ │ ├── audit_azure_function_deployment_slots_http_values.sh
│ │ │ ├── audit_azure_function_deployment_slots_java_versions.sh
│ │ │ ├── audit_azure_function_deployment_slots_managed_identities.sh
│ │ │ ├── audit_azure_function_deployment_slots_private_endpoints.sh
│ │ │ ├── audit_azure_function_deployment_slots_public_network_access.sh
│ │ │ ├── audit_azure_function_deployment_slots_python_versions.sh
│ │ │ ├── audit_azure_function_deployment_slots_remote_debugging.sh
│ │ │ ├── audit_azure_function_deployment_slots_tls_values.sh
│ │ │ └── audit_azure_function_deployment_slots_virtual_network_integration.sh
│ │ ├── main/
│ │ │ └── audit_azure_compute_services.sh
│ │ ├── vm/
│ │ │ └── audit_azure_vms.sh
│ │ └── webapp/
│ │ ├── apps/
│ │ │ ├── audit_azure_app_service_apps.sh
│ │ │ ├── audit_azure_app_service_ases.sh
│ │ │ ├── audit_azure_app_service_authentication.sh
│ │ │ ├── audit_azure_app_service_basic_authentication_publishing_credential_values.sh
│ │ │ ├── audit_azure_app_service_client_certificates.sh
│ │ │ ├── audit_azure_app_service_cross_origin_resource_sharing.sh
│ │ │ ├── audit_azure_app_service_ftp_states.sh
│ │ │ ├── audit_azure_app_service_http_logs.sh
│ │ │ ├── audit_azure_app_service_http_values.sh
│ │ │ ├── audit_azure_app_service_java_versions.sh
│ │ │ ├── audit_azure_app_service_managed_identies.sh
│ │ │ ├── audit_azure_app_service_php_versions.sh
│ │ │ ├── audit_azure_app_service_plans.sh
│ │ │ ├── audit_azure_app_service_private_dns_zones.sh
│ │ │ ├── audit_azure_app_service_private_endpoints.sh
│ │ │ ├── audit_azure_app_service_public_network_access.sh
│ │ │ ├── audit_azure_app_service_python_versions.sh
│ │ │ ├── audit_azure_app_service_remote_debugging.sh
│ │ │ ├── audit_azure_app_service_tls_values.sh
│ │ │ ├── audit_azure_app_service_virtual_network_integration.sh
│ │ │ └── audit_azure_app_service_vnets.sh
│ │ └── slots/
│ │ ├── audit_azure_app_service_deployment_slots.sh
│ │ ├── audit_azure_app_service_deployment_slots_basic_authentication_publishing_credentials.sh
│ │ ├── audit_azure_app_service_deployment_slots_client_certificates.sh
│ │ ├── audit_azure_app_service_deployment_slots_cross_origin_resource_sharing.sh
│ │ ├── audit_azure_app_service_deployment_slots_ftp_states.sh
│ │ ├── audit_azure_app_service_deployment_slots_http_values.sh
│ │ ├── audit_azure_app_service_deployment_slots_java_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_managed_identities.sh
│ │ ├── audit_azure_app_service_deployment_slots_php_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_private_endpoints.sh
│ │ ├── audit_azure_app_service_deployment_slots_public_network_access.sh
│ │ ├── audit_azure_app_service_deployment_slots_python_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_remote_debugging.sh
│ │ ├── audit_azure_app_service_deployment_slots_tls_values.sh
│ │ └── audit_azure_app_service_deployment_slots_virtual_network_integration.sh
│ ├── database/
│ │ ├── audit_azure_cosmos_db.sh
│ │ ├── audit_azure_mysql_db.sh
│ │ ├── audit_azure_postgresql_db.sh
│ │ ├── audit_azure_redis_cache.sh
│ │ └── audit_azure_sql_db.sh
│ ├── logging/
│ │ ├── audit_azure_activity_log_alerts.sh
│ │ ├── audit_azure_activity_logs_cmk.sh
│ │ ├── audit_azure_application_insights.sh
│ │ ├── audit_azure_diagnostic_setting_categories.sh
│ │ ├── audit_azure_entra_diagnostic_settings.sh
│ │ ├── audit_azure_graph_diagnostic_settings.sh
│ │ ├── audit_azure_intune_logs.sh
│ │ ├── audit_azure_logging_and_monitoring.sh
│ │ ├── audit_azure_resource_logging.sh
│ │ └── audit_azure_subscription_diagnostic_settings.sh
│ ├── main/
│ │ ├── audit_azure_custom_subscription_admin_roles.sh
│ │ ├── audit_azure_extensions.sh
│ │ ├── audit_azure_sku_basic_consumption.sh
│ │ ├── audit_azure_subscription_owners.sh
│ │ └── audit_azure_survey.sh
│ ├── network/
│ │ ├── audit_azure_network_private_endpoints.sh
│ │ ├── audit_azure_network_security_perimeter.sh
│ │ ├── audit_azure_network_watcher.sh
│ │ ├── audit_azure_network_watcher_flow_logs.sh
│ │ ├── audit_azure_networking_services.sh
│ │ ├── audit_azure_public_ips.sh
│ │ ├── audit_azure_virtual_network_flow_logs.sh
│ │ └── audit_azure_vnets.sh
│ ├── security/
│ │ ├── audit_azure_authentication_type.sh
│ │ ├── audit_azure_guest_users.sh
│ │ ├── audit_azure_identity_services.sh
│ │ ├── audit_azure_locks.sh
│ │ ├── audit_azure_microsoft_defender.sh
│ │ ├── audit_azure_nsg_flow_logs.sh
│ │ ├── audit_azure_nsg_security_rules.sh
│ │ ├── audit_azure_security_contacts.sh
│ │ ├── audit_azure_security_services.sh
│ │ ├── audit_azure_user_access_admin_role.sh
│ │ ├── audit_azure_waf.sh
│ │ ├── audit_azure_waf_inspection_policy.sh
│ │ └── audit_azure_waf_ssl_policy.sh
│ ├── storage/
│ │ ├── audit_azure_blob_storage.sh
│ │ ├── audit_azure_data_factory.sh
│ │ ├── audit_azure_database_services.sh
│ │ ├── audit_azure_databox.sh
│ │ ├── audit_azure_databricks.sh
│ │ ├── audit_azure_elastic_san.sh
│ │ ├── audit_azure_file_shares.sh
│ │ ├── audit_azure_managed_lustre.sh
│ │ ├── audit_azure_netapp_files.sh
│ │ ├── audit_azure_storage_account_locks.sh
│ │ ├── audit_azure_storage_accounts.sh
│ │ ├── audit_azure_storage_logging.sh
│ │ └── audit_azure_storage_services.sh
│ └── vaults/
│ ├── audit_azure_backup_vaults.sh
│ ├── audit_azure_key_vault_certificates.sh
│ ├── audit_azure_key_vault_keys.sh
│ ├── audit_azure_key_vault_logging.sh
│ ├── audit_azure_key_vault_private_endpoints.sh
│ ├── audit_azure_key_vault_public_network_access.sh
│ ├── audit_azure_key_vault_purge_protection.sh
│ ├── audit_azure_key_vault_rbac.sh
│ ├── audit_azure_key_vault_secrets.sh
│ └── audit_azure_recovery_services_vaults.sh
├── bluetooth/
│ └── audit_bluetooth.sh
├── boot/
│ ├── audit_boot_server.sh
│ ├── audit_bootparams.sh
│ └── audit_grub_security.sh
├── core/
│ ├── audit_core_dumps.sh
│ ├── audit_core_limit.sh
│ └── audit_core_storage.sh
├── cron/
│ ├── audit_cron.sh
│ ├── audit_cron_allow.sh
│ ├── audit_cron_logging.sh
│ └── audit_cron_perms.sh
├── darwin/
│ ├── audit_account_lockout.sh
│ ├── audit_account_switching.sh
│ ├── audit_ad_tracking.sh
│ ├── audit_air_drop.sh
│ ├── audit_air_play.sh
│ ├── audit_amfi.sh
│ ├── audit_apfs.sh
│ ├── audit_app_perms.sh
│ ├── audit_asl.sh
│ ├── audit_asset_cache.sh
│ ├── audit_auto_login.sh
│ ├── audit_auto_logout.sh
│ ├── audit_bonjour_advertising.sh
│ ├── audit_cd_sharing.sh
│ ├── audit_file_sharing.sh
│ ├── audit_file_vault.sh
│ ├── audit_gate_keeper.sh
│ ├── audit_guest_sharing.sh
│ ├── audit_icloud_drive.sh
│ ├── audit_infrared_remote.sh
│ ├── audit_internet_sharing.sh
│ ├── audit_java.sh
│ ├── audit_keychain_lock.sh
│ ├── audit_keychain_sync.sh
│ ├── audit_location_services.sh
│ ├── audit_lockdown.sh
│ ├── audit_media_sharing.sh
│ ├── audit_remote_apple_events.sh
│ ├── audit_safari_allow_popups.sh
│ ├── audit_safari_auto_fill.sh
│ ├── audit_safari_auto_run.sh
│ ├── audit_safari_history.sh
│ ├── audit_safari_javascript.sh
│ ├── audit_safari_show_statusbar.sh
│ ├── audit_safari_tracking.sh
│ ├── audit_safari_warn.sh
│ ├── audit_safe_downloads.sh
│ ├── audit_screen_corner.sh
│ ├── audit_screen_lock.sh
│ ├── audit_screen_sharing.sh
│ ├── audit_siri.sh
│ ├── audit_sleep.sh
│ ├── audit_software_update.sh
│ ├── audit_sys_suspend.sh
│ ├── audit_system_preferences.sh
│ ├── audit_time_machine.sh
│ ├── audit_touch_id.sh
│ ├── audit_universal_control.sh
│ ├── audit_usage_data.sh
│ ├── audit_wake_on_lan.sh
│ ├── audit_web_sharing.sh
│ └── audit_wireless.sh
├── dhcp/
│ ├── audit_dhcp_server.sh
│ ├── audit_dhcpcd.sh
│ ├── audit_dhcprd.sh
│ └── audit_dhcpsd.sh
├── dns/
│ ├── audit_dns_client.sh
│ └── audit_dns_server.sh
├── docker/
│ ├── audit_docker_daemon.sh
│ ├── audit_docker_logging.sh
│ ├── audit_docker_monitoring.sh
│ ├── audit_docker_network.sh
│ ├── audit_docker_security.sh
│ └── audit_docker_users.sh
├── esxi/
│ ├── audit_dcui.sh
│ ├── audit_dvfilter.sh
│ ├── audit_esxi_shell.sh
│ └── audit_mob.sh
├── firewall/
│ ├── audit_firewall_setting.sh
│ ├── audit_ipfilter.sh
│ ├── audit_ipfw.sh
│ ├── audit_ipsec.sh
│ ├── audit_iptables.sh
│ ├── audit_routing_daemons.sh
│ ├── audit_routing_params.sh
│ ├── audit_suse_firewall.sh
│ └── audit_ufw.sh
├── fs/
│ ├── audit_autofs.sh
│ ├── audit_file_extensions.sh
│ ├── audit_file_metadata.sh
│ ├── audit_file_perms.sh
│ ├── audit_hotplug.sh
│ ├── audit_nfs.sh
│ ├── audit_samba.sh
│ ├── audit_setup_file.sh
│ ├── audit_smbconf_perms.sh
│ ├── audit_sticky_bit.sh
│ ├── audit_suid_files.sh
│ ├── audit_unowned_files.sh
│ ├── audit_user_dotfiles.sh
│ ├── audit_user_netrc.sh
│ ├── audit_user_rhosts.sh
│ ├── audit_winbind.sh
│ └── audit_writable_files.sh
├── ftp/
│ ├── audit_ftp_banner.sh
│ ├── audit_ftp_client.sh
│ ├── audit_ftp_conf.sh
│ ├── audit_ftp_logging.sh
│ ├── audit_ftp_server.sh
│ ├── audit_ftp_umask.sh
│ ├── audit_ftp_users.sh
│ ├── audit_tftp_client.sh
│ └── audit_tftp_server.sh
├── full/
│ ├── full_audit_accounting_services.sh
│ ├── full_audit_disk_services.sh
│ ├── full_audit_file_services.sh
│ ├── full_audit_firewall_services.sh
│ ├── full_audit_ftp_services.sh
│ ├── full_audit_hardware_services.sh
│ ├── full_audit_kernel_services.sh
│ ├── full_audit_log_services.sh
│ ├── full_audit_mail_services.sh
│ ├── full_audit_naming_services.sh
│ ├── full_audit_network_services.sh
│ ├── full_audit_osx_services.sh
│ ├── full_audit_other_daemons.sh
│ ├── full_audit_other_services.sh
│ ├── full_audit_password_services.sh
│ ├── full_audit_power_services.sh
│ ├── full_audit_print_services.sh
│ ├── full_audit_routing_services.sh
│ ├── full_audit_shell_services.sh
│ ├── full_audit_update_services.sh
│ ├── full_audit_user_services.sh
│ ├── full_audit_virtualisation_services.sh
│ ├── full_audit_web_services.sh
│ ├── full_audit_windows_services.sh
│ └── full_audit_x11_services.sh
├── groups/
│ ├── audit_duplicate_groups.sh
│ ├── audit_group_fields.sh
│ ├── audit_groups_exist.sh
│ └── audit_root_primary_group.sh
├── gui/
│ ├── audit_font_server.sh
│ ├── audit_gdm_conf.sh
│ ├── audit_gnome_automount.sh
│ ├── audit_gnome_banner.sh
│ ├── audit_gnome_screen_lock.sh
│ ├── audit_kdm_config.sh
│ ├── audit_opengl.sh
│ └── audit_xwindows_server.sh
├── kerberos/
│ ├── audit_kerberos_tgt.sh
│ └── audit_krb5.sh
├── kernel/
│ ├── audit_kernel_modules.sh
│ └── audit_kernel_params.sh
├── kubernetes/
│ ├── audit_kubernetes_apiserver.sh
│ ├── audit_kubernetes_controller.sh
│ ├── audit_kubernetes_etcd.sh
│ ├── audit_kubernetes_kubelet.sh
│ ├── audit_kubernetes_perms.sh
│ └── audit_kubernetes_scheduler.sh
├── ldap/
│ ├── audit_ldap.sh
│ ├── audit_ldap_cache.sh
│ └── audit_ldap_server.sh
├── linux/
│ ├── audit_aide.sh
│ ├── audit_apparmor.sh
│ ├── audit_apport.sh
│ ├── audit_avahi_conf.sh
│ ├── audit_avahi_server.sh
│ ├── audit_biosdevname.sh
│ ├── audit_execshield.sh
│ ├── audit_linux_logfiles.sh
│ ├── audit_modprobe_conf.sh
│ ├── audit_pae.sh
│ ├── audit_prelink.sh
│ ├── audit_ptrace_scope.sh
│ ├── audit_selinux.sh
│ ├── audit_sysctl.sh
│ ├── audit_virtual_memory.sh
│ ├── audit_xen.sh
│ ├── audit_xinetd.sh
│ ├── audit_xinetd_server.sh
│ └── audit_yum_conf.sh
├── login/
│ ├── audit_console_login.sh
│ ├── audit_failed_logins.sh
│ ├── audit_issue_banner.sh
│ ├── audit_login_delay.sh
│ ├── audit_login_details.sh
│ ├── audit_login_guest.sh
│ ├── audit_login_records.sh
│ ├── audit_login_root.sh
│ ├── audit_login_warning.sh
│ ├── audit_remote_login.sh
│ ├── audit_retry_limit.sh
│ ├── audit_security_banner.sh
│ ├── audit_serial_login.sh
│ ├── audit_sulogin.sh
│ └── audit_xlogin.sh
├── logs/
│ ├── audit_debug_logging.sh
│ ├── audit_inetd_logging.sh
│ ├── audit_logadm_value.sh
│ └── audit_logrotate.sh
├── mail/
│ ├── audit_email_daemons.sh
│ ├── audit_exim.sh
│ ├── audit_postfix_daemon.sh
│ ├── audit_sendmail_aliases.sh
│ ├── audit_sendmail_daemon.sh
│ └── audit_sendmail_greeting.sh
├── mounts/
│ ├── audit_mount_fdi.sh
│ ├── audit_mount_nodev.sh
│ ├── audit_mount_noexec.sh
│ └── audit_mount_setuid.sh
├── nis/
│ ├── audit_crypt_policy.sh
│ ├── audit_disk_encryption.sh
│ ├── audit_encryption_kit.sh
│ ├── audit_nis_client.sh
│ ├── audit_nis_entries.sh
│ ├── audit_nis_server.sh
│ └── audit_nisplus.sh
├── ntp/
│ └── audit_ntp.sh
├── pam/
│ ├── audit_pam_authtok.sh
│ ├── audit_pam_deny.sh
│ ├── audit_pam_gdm_autologin.sh
│ ├── audit_pam_rhosts.sh
│ └── audit_rsa_securid_pam.sh
├── password/
│ ├── audit_pass_req.sh
│ ├── audit_passwd_perms.sh
│ ├── audit_password_expiry.sh
│ ├── audit_password_fields.sh
│ ├── audit_password_hashing.sh
│ ├── audit_password_hints.sh
│ ├── audit_password_history.sh
│ ├── audit_password_lock.sh
│ ├── audit_password_strength.sh
│ ├── audit_shadow_group.sh
│ ├── audit_smbpasswd_perms.sh
│ ├── audit_system_auth_password_hashing.sh
│ ├── audit_system_auth_password_history.sh
│ ├── audit_system_auth_password_policy.sh
│ └── audit_system_auth_password_strength.sh
├── power/
│ └── audit_power_management.sh
├── print/
│ ├── audit_cups.sh
│ ├── audit_ppd_cache.sh
│ ├── audit_print.sh
│ └── audit_printer_sharing.sh
├── remote/
│ ├── audit_remote_consoles.sh
│ ├── audit_remote_info.sh
│ ├── audit_remote_management.sh
│ ├── audit_remote_shell.sh
│ └── audit_vnc.sh
├── rpc/
│ ├── audit_nobody_rpc.sh
│ └── audit_rpc_bind.sh
├── rsh/
│ ├── audit_rsh_client.sh
│ └── audit_rsh_server.sh
├── security/
│ ├── audit_secure_empty_trash.sh
│ ├── audit_secure_keyboard_entry.sh
│ └── audit_secure_swap.sh
├── services/
│ ├── audit_inetd.sh
│ ├── audit_ipmi.sh
│ ├── audit_ipv6.sh
│ ├── audit_iscsi.sh
│ ├── audit_legacy.sh
│ ├── audit_other_daemons.sh
│ ├── audit_postgresql.sh
│ ├── audit_rarp.sh
│ ├── audit_snmp.sh
│ └── audit_unconfined_daemons.sh
├── ssh/
│ ├── audit_root_ssh_keys.sh
│ ├── audit_ssh_config.sh
│ ├── audit_ssh_forwarding.sh
│ └── audit_ssh_perms.sh
├── sudo/
│ ├── audit_sudo_authenticate.sh
│ ├── audit_sudo_logfile.sh
│ ├── audit_sudo_nopassword.sh
│ ├── audit_sudo_perms.sh
│ ├── audit_sudo_timeout.sh
│ ├── audit_sudo_timestamp.sh
│ ├── audit_sudo_usepty.sh
│ └── audit_wheel_sudo.sh
├── sunos/
│ ├── audit_apocd.sh
│ ├── audit_audit_class.sh
│ ├── audit_bpcd.sh
│ ├── audit_bpjava_msvc.sh
│ ├── audit_cde_banner.sh
│ ├── audit_cde_cal.sh
│ ├── audit_cde_print.sh
│ ├── audit_cde_screen_lock.sh
│ ├── audit_cde_spc.sh
│ ├── audit_cde_ttdb.sh
│ ├── audit_create_class.sh
│ ├── audit_dfstab.sh
│ ├── audit_echo.sh
│ ├── audit_eeprom_security.sh
│ ├── audit_extended_attributes.sh
│ ├── audit_gss.sh
│ ├── audit_ipadm_value.sh
│ ├── audit_keyserv.sh
│ ├── audit_labeld.sh
│ ├── audit_ncs.sh
│ ├── audit_ndd_value.sh
│ ├── audit_network_connections.sh
│ ├── audit_ocfserv.sh
│ ├── audit_online_documentation.sh
│ ├── audit_privilege_events.sh
│ ├── audit_service_tags.sh
│ ├── audit_slp.sh
│ ├── audit_solaris_auditing.sh
│ ├── audit_stack_protection.sh
│ ├── audit_svccfg_value.sh
│ ├── audit_svm.sh
│ ├── audit_svm_gui.sh
│ ├── audit_ticotsord.sh
│ ├── audit_tname.sh
│ ├── audit_tnd.sh
│ ├── audit_uucp.sh
│ ├── audit_vnetd.sh
│ ├── audit_volfs.sh
│ ├── audit_vopied.sh
│ ├── audit_wbem.sh
│ ├── audit_webconsole.sh
│ ├── audit_webmin.sh
│ ├── audit_wins.sh
│ └── audit_zones.sh
├── syslog/
│ ├── audit_syslog_auth.sh
│ ├── audit_syslog_conf.sh
│ ├── audit_syslog_perms.sh
│ └── audit_syslog_server.sh
├── talk/
│ ├── audit_talk_client.sh
│ └── audit_talk_server.sh
├── tcp/
│ ├── audit_tcp_strong_iss.sh
│ ├── audit_tcp_syn_cookie.sh
│ └── audit_tcp_wrappers.sh
├── telnet/
│ ├── audit_telnet_banner.sh
│ ├── audit_telnet_client.sh
│ └── audit_telnet_server.sh
├── users/
│ ├── audit_daemon_umask.sh
│ ├── audit_default_umask.sh
│ ├── audit_dot_files.sh
│ ├── audit_duplicate_ids.sh
│ ├── audit_duplicate_users.sh
│ ├── audit_forward_files.sh
│ ├── audit_home_ownership.sh
│ ├── audit_home_perms.sh
│ ├── audit_inactive_users.sh
│ ├── audit_mesgn.sh
│ ├── audit_netrc_files.sh
│ ├── audit_old_users.sh
│ ├── audit_reserved_ids.sh
│ ├── audit_rhosts_files.sh
│ ├── audit_root_access.sh
│ ├── audit_root_home.sh
│ ├── audit_root_path.sh
│ ├── audit_shell_timeout.sh
│ ├── audit_shells.sh
│ └── audit_super_users.sh
└── wheel/
├── audit_pam_wheel.sh
├── audit_wheel_group.sh
├── audit_wheel_su.sh
└── audit_wheel_users.sh
================================================
FILE CONTENTS
================================================
================================================
FILE: README.md
================================================
LUNAR
=====
Lockdown UNix Auditing and Reporting
Version
-------
Current version 15.9.1
Refer to lunar.sh and changelog for more up to date version information
License
-------
CC BY-SA: https://creativecommons.org/licenses/by-sa/4.0/
Fund me here: https://ko-fi.com/richardatlateralblast
** NOTICE **
------------
Run this code in audit more only, e.g. with -a or --audit switch.
Run lockdown at your own risk. As per any system change, have backups.
I'm working on improving the recovery mode, but there may still be bugs.
I've tried to clean up this script as much as possible using shellcheck,
and I've enabled the option to use the -e (errexit) and -u (nounset) shell
flags to help protect against errors. The -x (xtrace) shell flag can be
enabled by using the script with the -Q or --debug flag.
Status
------
In progress:
- More flexibility in reporting format(s) e.g. CSV
- More inline documentation and documentation output
- Adding Azure support (current focus)
- Adding Kubernetes support
- Adding Apache support
Introduction
------------
This scripts generates a scored audit report of a Unix host's security.
It is based on the CIS and other frameworks. Where possible there are
references to the CIS and other benchmarks in the code documentation.
Why a shell script? I wanted a tool that was able to run on locked down systems
where other tools may not be available. I also wanted a tool that ran on all
versions of UNIX. Having said that there are some differences between sh and
bash, so I've used functions only from sh.
There is no warranty implied or given with this script. My recommendation
is to use this script in audit mode only, and address each warning individually
via policy, documentation and configuration management.
I am by no means a coder, so there are bound to be bugs and better ways to
approach things in this script, so a sincere thank you to the people who have
provided feedback, updates and patches to fix bugs/features in code.
It can also can perform a lockdown. Unlike some other scripts I have added
capability to backout changes. Files are backed up using cpio to a directory
based on the date.
Although it can perform a lockdown, as previously stated, I'd recommend you
address the warnings via policy, documentation and configuration management.
This is how I use the tool. The AWS Services audit only supports reporting,
it does not provide lockdown capability.
Supported Operating Systems
---------------------------
The following Operating Systems are supported:
- Linux
- Rocky Linux
- RHEL
- Centos
- Scientific Linux
- SLES
- Debian
- Ubuntu
- Amazon Linux
- Solaris
- Mac OS X
- FreeBSD (needs more testing)
- AIX (needs more testing)
- ESXi (initial support - some tests)
Windows support would require the installation of additional software, so I haven't looked into it.
Having said that, Windows support may come in the future via bash.
Supported Services
------------------
The following services are supported:
- AWS
- Azure
- Entra ID (not complete)
- Storage (not complete)
- Compute (not complete)
- Docker
- Kubernetes (not complete)
- Apache (not complete)
The AWS Services audit uses the AWS CLI, and as such requires a user with the
appropriate rights. It does not currently support the lockdown capability,
it only supports generating an audit report against the CIS benchmark.
There are a couple of the checks that can only be done or resolved via the GUI.
An example of this is enabling billing. Refer to the CIS Benchmark for more information.
Where possible I've put suggested fix commands in the verbose audit output.
Again in some cases, these can only be done by the CLI. Refer to the CIS
Benchmark for more information.
In addition I've added a recommendations mode that checks AWS against publicly
available best practice from companies like Cloud Conformity.
Configuration Management
------------------------
The following configuration management output is supported:
- Ansible
This option outputs example ansible configuration management code/stanzas
for implementing the recommendation.
Requirements
------------
For UNIX:
- Ubuntu / Debian
- sysv-rc-conf
- bc
- finger
For AWS:
- AWS
- AWS CLI
- AWS Credentials (API Access and Secret Keys)
- Read rights to appropriate AWS services, e.g.
- CloudTrail:DescribeTrails
- Config:DescribeConfigurationRecorders
- SNS:ListSubscriptionsByTopic
For Azure:
- Azure
- Azure CLI
- Extensions
- databricks
- bastion
- resource-graph
- application-insights
Usage
-----
```
Usage: ./lunar.sh -switch|--switch
switch(es):
-----------
-1|--list)
List changes/backups
-2|--tests)
Print tests
-3|--printfunct)
Print function
-4|--dryrun)
Run in dryrun mode
-6|--format)
Outpt format/type
-7|--file)
Output file
-8|--usesudo)
Use sudo
-9|--shellcheck)
Run shellcheck against script
-0|--force)
Force action
-a|--audit)
Run in audit mode (for Operating Systems - no changes made to system)
-A|--fullaudit)
Run in audit mode and include filesystems (for Operating Systems - no changes made to system)
-b|--backups|--listbackups)
List backups
-B|--basedir)
Set base directory
-c|--codename|--distro)
Distro/Code name (used with docker/multipass)
-C|--shell)
Run docker-compose testing suite (drops to shell in order to do more testing)
-d|--dockeraudit)
Run in audit mode (for Docker - no changes made to system)
-D|--dockertests)
List all Docker functions available to selective mode
-e|--host)
Run in audit mode on external host (for Operating Systems - no changes made to system)
-E|--hash|--passwordhash)
Password hash
-f|--action)
Action (e.g delete - used with multipass)
-F|--tempfile)
Temporary file to use for operations
-g|--giturl)
Git URL for code to copy to container
-G|--wheelgroup)
Set wheel group
-h|--help)
Display help
-H|--usage)
Display usage
-i|--anacron)
Enable/Disable anacron
-I|--type)
Audit type
-k|--kubeaudit)
Run in audit mode (for Kubernetes - no changes made to system)
-K|--function|--test)
Do a specific function
-l|--lockdown)
Run in lockdown mode (for Operating Systems - changes made to system)
-L|--fulllockdown|fulllock)
Run in lockdown mode (for Operating Systems - changes made to system)
-m|--machine|--vm)
Set virtualisation type
-M|--workdir)
Set work directory
-n|--ansible)
Output ansible
-N|--nocat)
Do output cat in score
-o|--os|--osver)
Set OS version
-O|--osinfo|--systeminfo)
Print OS/System information
-p|--previous)
Print previous audit information
-P|--sshsandbox|--sandbox)
Enable/Disabe SSH sandbox
-q|--quiet|--nostrict)
Run in quiet mode
-Q|--debug)
Run in debug mode
-r|--awsregion|--region)
Set AWS region
-R|--moduleinfo|--testinfo)
Print information about a module
-s|--select|--check)
Run in selective mode (only run tests you want to)
-S|--unixtests|--unix)
List UNIX tests
-t|--tag|--name)
Set docker tag
-T|--tempdir)
Set temp directoru
-u|--undo)
Undo lockdown (for Operating Systems - changes made to system)
-U|--dofiles)
Include filesystems
-v|--verbose)
Run in verbose mode
-V|--version)
Print version
-w|--awsaudit)
Run in audit mode (for AWS - no changes made to system)
-W|--awstests|--aws)
List all AWS functions available to selective mode
-x|--awsrec)
Run in recommendations mode (for AWS - no changes made to system)
-X|--strict)
Run shellcheck against script
-z)
Run specified audit function in lockdown mode
-Z|--changes|--listchanges)
List changes
```
Examples
--------
Perform full audit (without recursive file system checks):
```
./lunar.sh --audit
```
List tests:
```
./lunar.sh --tests
```
List AWS tests:
```
./lunar.sh --tests aws
```
Do a specific test:
```
./lunar.sh --audit --select remote_shell
```
Create a Ubuntu 24.04 multipass VM for testing:
```
./lunar.sh --action create --machine multipass --osver 24.04
```
More Information
----------------
For more information refer to wiki:
[Wiki](https://github.com/lateralblast/lunar/wiki)
[Usage](https://github.com/lateralblast/lunar/wiki/Usage)
[Ansible](https://github.com/lateralblast/lunar/wiki/Ansible)
[Ubuntu](https://github.com/lateralblast/lunar/wiki/Ubuntu)
[Solaris 11](https://github.com/lateralblast/lunar/wiki/Solaris_11)
[CentOS](https://github.com/lateralblast/lunar/wiki/CentOS)
[Amazon Linux](https://github.com/lateralblast/lunar/wiki/Amazon)
[AWS](https://github.com/lateralblast/lunar/wiki/AWS)
[Docker](https://github.com/lateralblast/lunar/wiki/Docker)
Testing
-------
Added a simple testing framework for debugging the lunar script itself.
This uses docker compose to start a container, mount the lunar directory and run lunar.
================================================
FILE: aws/account-creation-policy.json
================================================
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
================================================
FILE: aws/iam-manager-policy.json
================================================
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iam:AddUserToGroup",
"iam:AttachGroupPolicy",
"iam:DeleteGroupPolicy",
"iam:DeleteUserPolicy",
"iam:DetachGroupPolicy",
"iam:DetachRolePolicy",
"iam:DetachUserPolicy",
"iam:PutGroupPolicy",
"iam:PutUserPolicy",
"iam:RemoveUserFromGroup",
"iam:UpdateGroup",
"iam:UpdateAssumeRolePolicy",
"iam:UpdateUser",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:GetUser",
"iam:GetUserPolicy",
"iam:ListEntitiesForPolicy",
"iam:ListGroupPolicies",
"iam:ListGroups",
"iam:ListGroupsForUser",
"iam:ListPolicies",
"iam:ListPoliciesGrantingServiceAccess",
"iam:ListPolicyVersions",
"iam:ListRolePolicies",
"iam:ListAttachedGroupPolicies",
"iam:ListAttachedRolePolicies",
"iam:ListAttachedUserPolicies",
"iam:ListRoles",
"iam:ListUsers"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": [
"iam:CreateGroup",
"iam:CreatePolicy",
"iam:CreatePolicyVersion",
"iam:CreateRole",
"iam:CreateUser",
"iam:DeleteGroup",
"iam:DeletePolicy",
"iam:DeletePolicyVersion",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DeleteUser",
"iam:PutRolePolicy"
],
"Resource": "*"
}
]
}
================================================
FILE: aws/iam-master-policy.json
================================================
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iam:CreateGroup",
"iam:CreatePolicy",
"iam:CreatePolicyVersion",
"iam:CreateRole",
"iam:CreateUser",
"iam:DeleteGroup",
"iam:DeletePolicy",
"iam:DeletePolicyVersion",
"iam:DeleteRole",
"iam:DeleteRolePolicy",
"iam:DeleteUser",
"iam:PutRolePolicy",
"iam:GetPolicy",
"iam:GetPolicyVersion",
"iam:GetRole",
"iam:GetRolePolicy",
"iam:GetUser",
"iam:GetUserPolicy",
"iam:ListEntitiesForPolicy",
"iam:ListGroupPolicies",
"iam:ListGroups",
"iam:ListGroupsForUser",
"iam:ListPolicies",
"iam:ListPoliciesGrantingServiceAccess",
"iam:ListPolicyVersions",
"iam:ListRolePolicies",
"iam:ListAttachedGroupPolicies",
"iam:ListAttachedRolePolicies",
"iam:ListAttachedUserPolicies",
"iam:ListRoles",
"iam:ListUsers"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": [
"iam:AddUserToGroup",
"iam:AttachGroupPolicy",
"iam:DeleteGroupPolicy",
"iam:DeleteUserPolicy",
"iam:DetachGroupPolicy",
"iam:DetachRolePolicy",
"iam:DetachUserPolicy",
"iam:PutGroupPolicy",
"iam:PutUserPolicy",
"iam:RemoveUserFromGroup",
"iam:UpdateGroup",
"iam:UpdateAssumeRolePolicy",
"iam:UpdateUser"
],
"Resource": "*"
}
]
}
================================================
FILE: aws/server-access-logging.json
================================================
{
"LoggingEnabled": {
"TargetBucket": "webapp-service-reports",
"TargetPrefix": "access-logs/",
"TargetGrants": [
{
"Grantee": {
"Type": "Group",
"URI": "http://acs.amazonaws.com/groups/s3/LogDelivery"
},
"Permission": "WRITE"
},
{
"Grantee": {
"Type": "Group",
"URI": "http://acs.amazonaws.com/groups/s3/LogDelivery"
},
"Permission": "READ_ACP"
}
]
}
}
================================================
FILE: changelog
================================================
# Changes:
# 0.0.0 Thursday, 25 October 2012 9:40:54 AM EST
# Initial version
# 0.0.1 Thursday, 1 November 2012 2:28:41 PM EST
# Added initial audit code
# 0.0.2 Fri 2 Nov 2012 13:24:54 EST
# Created subroutines for updating files and parameters
# 0.0.3 Thursday, 8 November 2012 9:35:19 PM EST
# Added restore code
# 0.0.4 Saturday, 10 November 2012 11:37:22 AM EST
# Added kernel accounting
# 1.0.0 Monday, 12 November 2012 10:45:27 AM EST
# Initial Github Commit
# 1.0.1 Monday, 12 November 2012 9:52:17 PM EST
# Formating fixes
# 1.0.2 Monday, 12 November 2012 10:03:54 PM EST
# Additional cleanup
# 1.0.3 Thu 15 Nov 2012 02:37:31 EST
# Initial Solaris 11 support
# 1.0.4 Fri 16 Nov 2012 10:57:17 EST
# Updated Solaris 11 support, Initial re-commit to new repository
# 1.0.5 Sat 17 Nov 2012 09:55:07 EST
# Added echo services
# 1.0.6 Monday, 19 November 2012 8:13:20 AM EST
# Solaris 10 and 11 support mostly done - some minor additions could be made
# 1.0.7 Monday, 19 November 2012 11:02:05 AM EST
# Added initial support for Solaris versions less than 10
# 1.0.8 Thursday, 20 December 2012 2:46:32 PM EST
# Fixed problem with inetadm command
# 1.0.9 Thursday, 20 December 2012 3:47:52 PM EST
# Added -A and -L switches and moved filesystem searches to it
# 1.1.0 Thu 20 Dec 2012 17:01:52 EST
# Cleaned up formating
# 1.1.1 Fri Dec 21 21:43:39 EST 2012
# Initial Solaris 9 testing completed
# 1.1.2 Sat Dec 22 08:13:17 EST 2012
# Fixed bugs with parameter value checking
# 1.1.3 Sat Dec 22 08:27:53 EST 2012
# Fixed bug with home directory check
# 1.1.4 Sat Dec 22 08:50:38 EST 2012
# Fixed bug with inetd code
# 1.1.5 Sat Dec 22 08:54:05 EST 2012
# Fixed Solaris 9 update version detection
# 1.1.6 Sat Dec 22 16:45:16 EST 2012
# Updated documentation
# 1.1.7 Thu Feb 14 20:46:31 EST 2013
# Initial Linux support
# 1.1.8 Fri Feb 15 18:40:48 EST 2013
# Linux xinetd and chkconfig support added
# 1.1.9 Sat Feb 16 12:01:05 EST 2013
# Added sysctl audit for Linux
# 1.2.0 Sat Feb 16 14:09:03 EST 2013
# Added ftpd logging checking for Linux
# 1.2.1 Sat Feb 16 14:22:58 EST 2013
# Updated file update to support tabs
# 1.2.2 Sat Feb 16 22:30:05 EST 2013
# Added pam options for Linux
# 1.2.3 Sun Feb 17 02:17:04 EST 2013
# Added code for sendmail greeting
# 1.2.4 Sun 17 Feb 2013 08:27:32 EST
# Added code for vsftpd banner
# 1.2.5 Sun Feb 17 19:55:54 EST 2013
# Added securetty check for Linux
# 1.2.6 Sun 17 Feb 2013 20:40:27 EST
# Added auditd config
# 1.2.7 Mon Feb 18 03:11:37 EST 2013
# Added warning banners
# 1.2.8 Mon Feb 18 04:42:08 EST 2013
# Added X11 warning messages
# 1.2.9 Mon Feb 18 09:41:55 EST 2013
# Added Linux core dumps and rhosts for PAM
# 1.3.0 Mon Feb 18 13:42:24 EST 2013
# Added gdm.conf audit
# 1.3.1 Mon Feb 18 14:38:04 EST 2013
# Added Linux nodev audit
# 1.3.2 Mon Feb 18 15:08:26 EST 2013
# Added Linux FDI audit
# 1.3.3 Mon Feb 18 17:53:30 EST 2013
# Added X11 nolisten
# 1.3.4 Mon Feb 18 20:30:30 EST 2013
# Improved file octal derivation on Solaris
# 1.3.5 Tue Feb 19 12:47:55 EST 2013
# Added file verification for Linux
# 1.3.6 Tue Feb 19 14:48:33 EST 2013
# Added password strength testing on Linux
# 1.3.7 Tue Feb 19 15:09:05 EST 2013
# Added Cipher directive to SSH config
# 1.3.8 Tue Feb 19 15:37:52 EST 2013
# Added logrotate configuration
# 1.3.9 Tue Feb 19 15:52:20 EST 2013
# Added module loading and mounting to auditd
# 1.4.0 Tue Feb 19 17:03:17 EST 2013
# Added modprobe.conf check
# 1.4.1 Tue Feb 19 17:25:39 EST 2013
# Added sendmail local-only mode check
# 1.4.2 Tue Feb 19 17:32:12 EST 2013
# Added code to check NTP running as ntp user
# 1.4.3 Tue Feb 19 21:01:02 EST 2013
# Added selective function to run individual tests
# 1.4.4 Tue Feb 19 21:34:30 EST 2013
# Added selinux
# 1.4.5 Tue Feb 19 21:46:55 EST 2013
# Added yum config check
# 1.4.6 Tue Feb 19 22:59:12 EST 2013
# Added lockout for failed password attempts
# 1.4.7 Wed Feb 20 10:13:46 EST 2013
# Simplified RPM verify routine
# 1.4.8 Wed Feb 20 10:59:28 EST 2013
# Added root primary group audit
# 1.4.9 Wed Feb 20 11:16:28 EST 2013
# Added system account shell check
# 1.5.0 Wed Feb 20 15:00:07 EST 2013
# Added handling for [at,cron].[deny,allow]
# 1.5.1 Wed Feb 20 16:03:18 EST 2013
# Fixed file append function
# 1.5.2 Thu Feb 21 14:00:42 EST 2013
# Fixed code to update files
# 1.5.3 Thursday, 21 February 2013 3:29:49 PM EST
# Improved code to fix cron
# 1.5.4 Thu Feb 21 16:49:46 EST 2013
# Added rpm check code
# 1.5.5 Fri 22 Feb 2013 07:23:16 EST
# Cleaned up code for selective audit
# 1.5.6 Fri 3 May 2013 16:25:36 EST
# Fixed minor bug with for loop
# 1.5.7 Fri May 24 15:46:54 EST 2013
# Initial Debian/Ubuntu support
# 1.5.8 Fri May 24 21:04:33 EST 2013
# Improved Debian/Ubuntu support
# 1.5.9 Sat May 25 11:40:50 EST 2013
# Improved Debian/Ubuntu support
# 1.6.0 Sat May 25 22:35:36 EST 2013
# Improved Debian/Ubuntu support
# 1.6.1 Sun Jun 9 09:05:44 EST 2013
# Added some file checks
# 1.6.2 Sun Jun 9 23:18:37 EST 2013
# Improved documentation
# 1.6.3 Tue Jun 11 14:25:01 EST 2013
# Updated documentation and added verbose mode
# 1.6.4 Wed Jun 12 10:35:31 EST 2013
# Fixed NTP test and added audit test information
# 1.6.5 Wed Jun 12 17:13:57 EST 2013
# Added inital SUSE support
# 1.6.6 Thu Jun 13 16:50:19 EST 2013
# Added OS X support
# 1.6.7 Thu Jun 13 19:09:55 EST 2013
# Added Cyrus and Qpopper check
# 1.6.8 Thu Jun 13 19:23:10 EST 2013
# Added Postfix check
# 1.6.9 Thu Jun 13 19:52:00 EST 2013
# support
# 1.7.0 Wed 21 Aug 2013 15:50:51 EST
# Added check for root SSH keys
# 1.7.1 Wed 21 Aug 2013 15:57:47 EST
# Added check for SYSLOG=YES in /etc/default/login for Solaris
# 1.7.2 Wed 21 Aug 2013 16:10:15 EST
# Added DISABLETIME flag to /etc/default/login check for Solaris
# 1.7.3 Wed 21 Aug 2013 16:16:45 EST
# Added check for LOG_FROM_REMOTE=NO in /etc/default/syslogd for Solaris
# 1.7.4 Sun 25 Aug 2013 19:35:39 EST
# Fixed ssh key check code
# 1.7.5 Thu 29 Aug 2013 15:12:31 EST
# Added su wheel group check
# 1.7.6 Thu 29 Aug 2013 15:33:13 EST
# Added check for users that have never logged in to make sure accounts are locked
# 1.7.7 Fri 30 Aug 2013 15:01:51 EST
# Added default crypto check
# 1.7.8 Fri 30 Aug 2013 15:16:08 EST
# Added code to check wheel group users
# 1.7.9 Fri 30 Aug 2013 15:45:06 EST
# Added restore function to wheel checks
# 1.8.0 Sat 31 Aug 2013 15:51:56 EST
# Added check for PASSREQ = YES in /etc/default/login
# 1.8.1 Tue 3 Sep 2013 13:54:12 EST
# Added check for SYSLOG = YES in /etc/default/su
# 1.8.2 Tue 3 Sep 2013 13:56:58 EST
# Added check for MINDIGIT = 1 in /etc/default/passwd
# 1.8.3 Tue 3 Sep 2013 14:55:16 EST
# Added check for UsePrivilegeSeparation yes in /etc/ssh/sshd_config
# 1.8.4 Tue 3 Sep 2013 14:58:27 EST
# Added check for PrintMotd no in /etc/ssh/sshd_config
# 1.8.5 Tue 3 Sep 2013 15:01:25 EST
# Added check for LoginGraceTime 120 in /etc/ssh/sshd_config
# 1.8.6 Tue 3 Sep 2013 16:06:05 EST
# Added check to make sure shells in /etc/shells exist
# 1.8.7 Thu 12 Sep 2013 15:51:09 EST
# Added ability to load modules
# 1.8.8 Mon Sep 16 05:23:51 EDT 2013
# Bug fixes
# 1.8.9 Mon Sep 16 19:38:17 EST 2013
# Fixed logrotate check
# 1.9.0 Mon 16 Sep 2013 20:03:12 EST
# Fixed scoring on root group check
# 1.9.1 Mon Sep 16 20:07:42 EST 2013
# Added fix information to root SSH key check
# 1.9.2 Mon 16 Sep 2013 20:28:54 EST
# Fixed home directory permissions check
# 1.9.3 Mon 16 Sep 2013 21:02:02 EST
# Fix dot file checking
# 1.9.4 Mon 16 Sep 2013 21:14:17 EST
# Fixed scoring for root PATH check
# 1.9.5 Mon 16 Sep 2013 22:23:33 EST
# Fixed scoring for empty password field testing
# 1.9.6 Tue 17 Sep 2013 08:46:54 EST
# Fixed scoring in reserved UID check
# 1.9.7 Tue 17 Sep 2013 08:54:15 EST
# Fixed scoring for old user logins test
# 1.9.8 Tue 17 Sep 2013 10:09:50 EST
# Improved checking for old user logins
# 1.9.9 Tue 17 Sep 2013 10:42:36 EST
# Fixed scoring for System Account audit
# 2.0.0 Tue 17 Sep 2013 10:58:53 EST
# Numerous bug fixes
# 2.0.1 Tue 17 Sep 2013 14:43:54 EST
# Improved SNMP daemon check on Linux
# 2.0.2 Wed 18 Sep 2013 13:13:23 EST
# Added RSA SecurID PAM check
# 2.0.3 Fri 20 Sep 2013 16:57:09 EST
# Added better handling for *credit password parameters under Linux
# 2.0.4 Fri 20 Sep 2013 18:21:21 EST
# Cleaned up linux PAM audit
# 2.0.5 Sat 21 Sep 2013 15:32:55 EST
# Improved linux password history audit
# 2.0.6 Wed 9 Oct 2013 09:50:53 EST
# Moved directory check
# 2.0.7 Wed 9 Oct 2013 09:56:16 EST
# Fixed id check under Solaris
# 2.0.8 Wed 9 Oct 2013 10:55:38 EST
# Fixed call to check_inetd_service
# 2.0.9 Wed 9 Oct 2013 10:56:44 EST
# Fixed source on Solaris
# 2.1.0 Wed 9 Oct 2013 11:19:38 EST
# Fixed "==" evaluation
# 2.1.1 Wed 9 Oct 2013 14:16:37 EST
# Added check for disabled account to system account check
# 2.1.2 Wed 9 Oct 2013 14:25:31 EST
# Fixed grep command in audit_shells
# 2.1.3 Wed 9 Oct 2013 14:28:33 EST
# Fixed other grep commands
# 2.1.4 Wed 9 Oct 2013 14:36:39 EST
# Fixed set command on Solaris
# 2.1.5 Wed 9 Oct 2013 14:38:56 EST
# Fixed two SunOS checks
# 2.1.6 Wed 9 Oct 2013 14:47:08 EST
# Fixed message for inactive user account check
# 2.1.7 Wed 9 Oct 2013 16:32:47 EST
# Fixed scoring on inactive user account check
# 2.1.8 Thu 10 Oct 2013 08:46:13 EST
# Fixed console report on Solaris
# 2.1.9 Thu 10 Oct 2013 09:30:40 EST
# Fixed output for check that file ${exists}
# 2.2.0 Thu 10 Oct 2013 09:44:36 EST
# Fixed scoring for file permissions check
# 2.2.1 Thu 10 Oct 2013 09:59:41 EST
# Fixed security banner check scoring
# 2.2.2 Wed 15 Jan 2014 09:32:48 EST
# Fixed bug with shadow check on OS X
# 2.2.3 Wed 15 Jan 2014 11:07:20 EST
# Minor bug fixes
# 2.2.4 Thu 20 Feb 2014 14:55:44 EST
# Split code out to be more manageable
# 2.2.5 Wed 12 Mar 2014 11:45:34 EST
# Various typo fixes
# 2.2.6 Thu 13 Mar 2014 15:39:00 EST
# Fixed Login Warning for OS X
# 2.2.7 Thu 13 Mar 2014 15:59:31 EST
# Fixed Launchctl check for OS X
# 2.2.8 Thu 13 Mar 2014 16:00:45 EST
# Added Apple Remote Events code for OS X
# 2.2.9 Fri 14 Mar 2014 09:33:14 EST
# Added Internet Sharing code for OS X
# 2.3.0 Fri 14 Mar 2014 15:55:55 EST
# Added Account Lockout code for OS X
# 2.3.1 Mon 17 Mar 2014 06:40:22 EST
# Added Printer Sharing code for OS X
# 2.3.2 Mon 17 Mar 2014 07:58:31 EST
# Added hot corner check to screen lock check for OS X
@ 2.3.3 Mon 17 Mar 2014 10:37:20 EST
# Added SSH check for OS X
# 2.3.4 Mon 17 Mar 2014 11:21:34 EST
# Added DVD/CDo sharing check for OS X
# 2.3.5 Mon 17 Mar 2014 15:28:31 EST
# Added Wake on Lan check for OS X
# 2.3.6 Mon 17 Mar 2014 16:00:01 EST
# Added File Vault check for OS X
# 2.3.7 Mon 17 Mar 2014 17:03:59 EST
# Added Gatekeeper check for OS X
# 2.3.8 Tue 18 Mar 2014 09:06:10 EST
# Added Safe Downloads list check for OS X
# 2.3.9 Tue 18 Mar 2014 09:07:23 EST
# Updated CIS reference for firewall settings fo OS X
# 2.4.0 Tue 18 Mar 2014 09:50:12 EST
# Added Secure Keyboard Entry check for OS X
# 2.4.1 Tue 18 Mar 2014 11:59:01 EST
# Added Secure Empty Trash check for OS X
# 2.4.2 Tue 18 Mar 2014 12:09:43 EST
# Cleaned up some defaults checks for OS X
# 2.4.3 Tue 18 Mar 2014 12:25:29 ES
# Added OX Security Auditing check
# 2.4.4 Tue 18 Mar 2014 12:38:16 EST
# Cleaned up some code
# 2.4.5 Tue 18 Mar 2014 15:25:02 EST
# Added code to check system log retention on OS X
# 2.4.6 Tue 18 Mar 2014 15:44:13 EST
# Added code to check bonjour advertising on OS X
# 2.4.7 Tue 18 Mar 2014 16:13:11 EST
# Added sudo timeout check
# 2.4.8 Tue 18 Mar 2014 16:33:21 EST
# Added Keychain Lock time check for OS X
# 2.4.9 Wed 19 Mar 2014 07:15:21 EST
# Added user home directory permisions check for OS X
# 2.5.0 Wed 19 Mar 2014 07:32:50 EST
# Added autologin check for OS X
# 2.5.1 Wed 19 Mar 2014 08:22:03 EST
# Added autologout check for OS X
# 2.5.2 Wed 19 Mar 2014 08:48:57 EST
# Added pwpolicy function for OS X
# 2.5.3 Wed 19 Mar 2014 09:13:10 EST
# Added password complexity checks for OS X
# 2.5.4 Wed 19 Mar 2014 09:18:19 EST
# Added CIS reference to account login details check for OS X
# 2.5.5 Wed 19 Mar 2014 09:23:03 EST
# Added password hints check for OS X
# 2.5.6 Wed 19 Mar 2014 09:24:56 EST
# Added CIS reference for guest account check for OS X
# 2.5.7 Wed 19 Mar 2014 09:27:16 EST
# Added CIS reference for guest file sharing check for OS X
# 2.5.8 Wed 19 Mar 2014 09:32:40 EST
# Added file extensions check for OS X
# 2.5.9 Wed 19 Mar 2014 11:36:56 EST
# Added Safari Auto-run check for OS X
# 2.6.0 Wed 19 Mar 2014 11:42:21 EST
# Fixed bug with launchctl check
# 2.6.1 Wed 19 Mar 2014 11:44:25 EST
# Fixed bug with gatekeeper and wake on lan check
# 2.6.2 Wed 19 Mar 2014 12:05:53 EST
# Various bug fixes
# 2.6.3 Wed 19 Mar 2014 12:20:50 EST
# Improved ability to run script as non root user in audit only mode
# 2.6.4 Wed 19 Mar 2014 13:24:05 EST
# More bug fixes
# 2.6.5 Wed 19 Mar 2014 17:10:44 EST
# Added swap to nodev check
# 2.6.6 Thu 20 Mar 2014 13:52:09 EST
# Added nosuid filesystem mount check for Linux
# 2.6.7 Thu 20 Mar 2014 14:41:40 EST
# Fixed system log check
# 2.6.8 Thu 20 Mar 2014 14:45:20 EST
# Added aide check for Linux
# 2.6.7 Thu 20 Mar 2014 16:55:35 EST
# Moved grouped function files to full_* to better distinguish them
# 2.6.8 Thu 20 Mar 2014 17:29:21 EST
# Added support to old users check to use last rather than finger if finger is not available
# 2.6.9 Thu 20 Mar 2014 22:56:31 EST
# Updated SELinux check
# 2.7.0 Fri 21 Mar 2014 10:29:30 EST
# Added CIS reference to unconfined daemons test
# 2.7.1 Fri 21 Mar 2014 10:32:24 EST
# Added permissions check for /etc/grub to SELinux test
# 2.7.2 Fri 21 Mar 2014 10:38:24 EST
# Added CIS reference to single user mode test
# 2.7.3 Fri 21 Mar 2014 10:46:47 EST
# Added core dumps restriction to Linux and added CIS reference
# 2.7.4 Fri 21 Mar 2014 10:56:56 EST
# Added execshield check
# 2.7.6 Fri 21 Mar 2014 14:02:30 EST
# Added code to remove telnet-server package on Linux
# 2.7.7 Fri 21 Mar 2014 14:06:58 EST
# Added code to remove rsh-server on package Linux
# 2.7.8 Fri 21 Mar 2014 14:10:30 EST
# Added code to remove YP/NIS server packages on Linux
# 2.7.9 Fri 21 Mar 2014 14:13:10 EST
# Added code to remove tftp-server package on Linux
# 2.8.0 Fri 21 Mar 2014 14:29:43 EST
# Added /etc/netboot check for Solaris 11
# 2.8.1 Fri 21 Mar 2014 14:51:23 EST
# Added code to remove talk-server package on Linux
# 2.8.2 Fri 21 Mar 2014 15:14:24 EST
# Added code to remove xinetd-server package on Linux
# 2.8.3 Fri 21 Mar 2014 15:16:44 EST
# Added CIS references for various xinetd based services for Linux
# 2.8.4 Fri 21 Mar 2014 15:20:21 EST
# Added CIS reference for daemon umask check
# 2.8.5 Fri 21 Mar 2014 15:26:05 EST
# Added code to remove X Windows package on Linux
# 2.8.6 Fri 21 Mar 2014 15:47:54 EST
# Fixed bugs with OS vendor determination
# 2.8.7 Fri 21 Mar 2014 16:01:40 EST
# Moved Avahi server code to separate module and added CIS reference
# 2.8.8 Fri 21 Mar 2014 16:10:05 EST
# Added code to remove dhcp server package on Linux
# 2.8.9 Fri 21 Mar 2014 16:11:40 EST
# Added CIS reference for NTP
# 2.9.0 Fri 21 Mar 2014 16:19:07 EST
# Added code to remove openldap-servers package on Linux
# 2.9.1 Fri 21 Mar 2014 16:20:45 EST
# Added CIS reference for NFS check
# 2.9.2 Sun 23 Mar 2014 12:32:36 EST
# Minor bug fixes
# 2.9.3 Sun 23 Mar 2014 12:38:22 EST
# Added CIS reference to NIS server check and code to remove package on Linux
# 2.9.4 Sun 23 Mar 2014 12:46:47 EST
# Added package uninstall disable/enable variable
# 2.9.5 Sun 23 Mar 2014 12:53:28 EST
# Added CIS reference to FTP server check and code to remove package on Linux
# 2.9.6 Sun 23 Mar 2014 12:59:18 EST
# Added CIS reference to HTTP server check and code to remove package on Linux
# 2.9.7 Sun 23 Mar 2014 13:04:24 EST
# Added CIS reference for Dovecot check and code to remove package on Linux
# 2.9.8 Sun 23 Mar 2014 13:07:47 EST
# Added CIS reference to Samba server check and code to remove package on Linux
# 2.9.9 Sun 23 Mar 2014 13:11:41 EST
# Added CIS reference to Squid server check and code to remove package on Linux
# 3.0.0 Sun 23 Mar 2014 13:18:10 EST
# Added CIS reference to SNMP check and code to remove package on Linux
# 3.0.1 Sun 23 Mar 2014 13:23:20 EST
# Added CIS reference to Postfix check and code to check local-only agent mode on Linux
# 3.0.2 Sun 23 Mar 2014 13:37:30 EST
# Added code to install and configure rsyslog on Linux
# 3.0.3 Sun Sun 23 Mar 2014 15:38:27 EST
# Added CIS references to system accounting check
# 3.0.4 Sun 23 Mar 2014 15:41:50 EST
# Added CIS references to logrotate check
# 3.0.5 Sun 23 Mar 2014 16:01:36 EST
# Added CIS references to sysctl check
# 3.0.6 Sun 23 Mar 2014 16:15:53 EST
# Added CIS references to TCP wrappers check
# 3.0.7 Mon 24 Mar 2014 09:20:12 EST
# Added iptables check
# 3.0.8 Mon 24 Mar 2014 09:22:53 EST
# Added CIS reference to cron permissions check
# 3.0.9 Mon 24 Mar 2014 09:35:34 EST
# Cleaned up crow.allow test and added CIS reference
# 3.1.0 Mon 24 Mar 2014 09:59:21 EST
# Added CIS reference to SSH test
# 3.1.1 Mon 24 Mar 2014 10:02:57 EST
# Added CIS reference to password hashing algorithm test
# 3.1.2 Mon 24 Mar 2014 10:10:33 EST
# Added CIS reference to password policy test
# 3.1.3 Mon 24 Mar 2014 10:26:28 EST
# Added CIS reference for account lockout timeout test
# 3.1.4 Mon 24 Mar 2014 17:31:53 EST
# Added CIS reference for password reuse test
# 3.1.5 Mon 24 Mar 2014 17:36:23 EST
# Added CIS reference for remote console test
# 3.1.6 Mon 24 Mar 2014 17:38:52 EST
# Added CIS reference for pam wheel test
# 3.1.7 Mon 24 Mar 2014 17:40:29 EST
# Added CIS reference for password expiry test
# 3.1.8 Mon 24 Mar 2014 17:45:45 EST
# Added CIS reference for system account test
# 3.1.9 Mon 24 Mar 2014 17:47:28 EST
# Added CIS reference for default root group test
# 3.2.0 Mon 24 Mar 2014 18:12:53 EST
# Added CIS reference for user default umask test
# 3.2.1 Mon 24 Mar 2014 19:36:42 EST
# Added code to test Gnome login message on Linux
# 3.2.2 Mon 24 Mar 2014 21:06:01 EST
# Added CIS reference for world writable files test
# 3.2.3 Mon 24 Mar 2014 21:09:52 EST
# Added CIS reference for unowned file check
# 3.2.4 Mon 24 Mar 2014 21:11:25 EST
# Added CIS reference for suid system executables test
# 3.2.5 Mon 24 Mar 2014 21:14:24 EST
# Added CIS reference for password field test
# 3.2.6 Mon 24 Mar 2014 21:16:41 EST
# Added CIS reference for legacy NIS entries test
# 3.2.7 Mon 24 Mar 2014 21:21:11 EST
# Added CIS reference for reserved id test
# 3.2.8 Mon 24 Mar 2014 21:23:46 EST
# Added CIS reference for root path test
# 3.2.9 Mon 24 Mar 2014 21:25:58 EST
# Added CIS reference for user home permissions test
# 3.3.0 Mon 24 Mar 2014 21:27:52 EST
# Added CIS reference for user dot files test
# 3.3.1 Mon 24 Mar 2014 21:29:32 EST
# Added CIS reference for user .netrc test
# 3.3.2 Mon 24 Mar 2014 21:35:03 EST
# Added CIS reference for user .rhosts test
# 3.3.3 Mon 24 Mar 2014 21:39:43 EST
# Added CIS reference for group test
# 3.3.4 Mon 24 Mar 2014 21:45:24 EST
# Added CIS reference for duplicate ids test
# 3.3.5 Mon 24 Mar 2014 21:47:39 EST
# Added CIS reference for duplicate gids test
# 3.3.6 Mon 24 Mar 2014 21:54:09 EST
# Added CIS reference for duplicate users test
# 3.3.7 Tue 25 Mar 2014 06:21:54 EST
# Added CIS reference for user .forward test
# 3.3.8 Tue 25 Mar 2014 07:33:44 EST
# Fixed screen lock test for OS X
# 3.3.9 Tue 25 Mar 2014 07:53:48 EST
# Fixed CD sharing test for OS X
# 3.4.0 Tue 25 Mar 2014 07:58:34 EST
# Fixed printer sharing test for OS X
# 3.4.1 Tue 25 Mar 2014 08:09:02 EST
# Added firmware password test for OS X
# 3.4.2 Tue 25 Mar 2014 08:29:09 EST
# Added CIS NTP reference for OS X
# 3.4.3 Tue 25 Mar 2014 08:42:51 EST
# Added code to add NTP pool servers to config file
# 3.4.4 Tue 25 Mar 2014 09:21:15 EST
# Improved launchctl function to be able to turn off and on services
# 3.4.5 Tue 25 Mar 2014 10:19:31 EST
# Added samba config lockdown tests
# 3.4.6 Tue 25 Mar 2014 10:27:55 EST
# Added apache config lockdown tests
# 3.4.7 Tue 25 Mar 2014 10:31:06 EST
# Added CIS reference for SSH for OS X
# 3.4.8 Tue 25 Mar 2014 10:51:37 EST
# Added Xgrid check
# 3.4.9 Tue 25 Mar 2014 10:57:18 EST
# Added code to disable mDNS on OS X
# 3.5.0 Tue 25 Mar 2014 13:47:00 EST
# Initial FreeBSD support
# 3.5.1 Tue 25 Mar 2014 13:54:21 EST
# Added rc.conf and loader.conf support to file functions
# 3.5.2 Tue 25 Mar 2014 14:02:58 EST
# Added FreeBSD support and CIS reference to SSH test
# 3.5.3 Tue 25 Mar 2014 14:14:26 EST
# Added CIS reference for FreeBSD for TCP Wrappers and added inetd flag test for FreeBSD
# 3.5.4 Tue 25 Mar 2014 14:29:21 EST
# Added ipfw code and CIS reference for FreeBSD
# 3.5.5 Tue 25 Mar 2014 14:42:04 EST
# Added inet/init code and CIS reference for FreeBSD
# 3.5.6 Tue 25 Mar 2014 15:32:56 EST
# Added daemon umask test and CIS reference for FreeBSD
# 3.5.7 Tue 25 Mar 2014 15:40:44 EST
# Added syslog and CIS reference for FreeBSD
# 3.5.8 Tue 25 test Mar 2014 15:59:26 EST
# Added sendmail test and CIS reference for FreeBSD
# 3.5.9 Tue 25 Mar 2014 16:04:18 EST
# Added bind test and CIS reference for FreeBSD
# 3.6.0 Tue 25 Mar 2014 16:27:15 EST
# Added NFS test and CIS reference for FreeBSD
# 3.6.1 Tue 25 Mar 2014 16:32:36 EST
# Added NIS test and CIS reference for FreeBSD
# 3.6.2 Tue 25 Mar 2014 16:39:59 EST
# Added printing test and CIS reference for FreeBSD
# 3.6.3 Tue 25 Mar 2014 16:50:16 EST
# Added core dump test and CIS reference for FreeBSD
# 3.6.4 Tue 25 Mar 2014 17:02:17 EST
# Added kernel parameters code and CIS reference for FreeBSD
# 3.6.5 Tue 25 Mar 2014 17:37:52 EST
# Added syslog logging entry and CIS reference for FreeBSD while fixing bug with Syslog server code
# 3.6.6 Tue 25 Mar 2014 17:48:07 EST
# Added system accounting code and CIS reference for FreeBSD
# 3.6.7 Tue 25 Mar 2014 17:52:12 EST
# Added TCP/UDP packet logging code and CIS reference for FreeBSD
# 3.6.8 Tue 25 Mar 2014 21:42:42 EST
# Added newsyslog and CIS reference for FreeBSD
# 3.6.9 Tue 25 Mar 2014 21:50:08 EST
# Added nosuid mount test and CIS reference for FreeBSD
# 3.7.0 Tue 25 Mar 2014 21:58:55 EST
# Added passwd and group permissions test and CIS reference for FreeBSD
# 3.7.1 Tue 25 Mar 2014 22:02:50 EST
# Added sticky bit test and CIS reference for FreeBSD
# 3.7.2 Tue 25 Mar 2014 22:05:40 EST
# Added world writable files test and CIS reference for FreeBSD
# 3.7.3 Tue 25 Mar 2014 22:09:34 EST
# Added suid and sgid files test and CIS reference for FreeBSD
# 3.7.4 Tue 25 Mar 2014 22:15:30 EST
# Added user homde directory permissions test and CIS reference for FreeBSD
# 3.7.5 Tue 25 Mar 2014 22:18:28 EST
# Added unowned files test and CIS reference for FreeBSD
# 3.7.6 Tue 25 Mar 2014 22:29:47 EST
# Added initial PAM test and CIS reference for FreeBSD
# 3.7.7 Tue 25 Mar 2014 22:34:36 EST
# Added dotfiles test and CIS reference for FreeBSD
# 3.7.8 Tue 25 Mar 2014 22:47:39 EST
# Added cron/at test and CIS references for FreeBSD
# 3.7.9 Tue 25 Mar 2014 22:54:48 EST
# Added security banner test and CIS references for FreeBSD
# 3.8.0 Wed 26 Mar 2014 05:57:25 EST
# Added X11 listen test and CIS reference for FreeBSD
# 3.8.1 Wed 26 Mar 2014 06:09:12 EST
# Added system account test and CIS reference for FreeBSD
# 3.8.2 Wed 26 Mar 2014 07:13:36 EST
# Added toor account test and CIS reference for FreeBSD
# 3.8.3 Wed 26 Mar 2014 07:19:10 EST
# Added uid 0 test and CIS reference for FreeBSD
# 3.8.4 Wed 26 Mar 2014 07:30:35 EST
# Added umask test and CIS reference for FreeBSD
# 3.8.5 Wed 26 Mar 2014 07:36:10 EST
# Added mesg n test and CIS reference for FreeBSD
# 3.8.6 Wed 26 Mar 2014 07:45:29 EST
# Added password algorithm test and CIS reference for FreeBSD
# 3.8.7 Wed 26 Mar 2014 08:35:24 EST
# Added serial logins test and CIS reference for FreeBSD
# 3.8.8 Wed 26 Mar 2014 08:54:37 EST
# Added single user password test and CIS reference for FreeBSD
# 3.8.9 Wed 26 Mar 2014 09:20:46 EST
# Added X wrapper test and CIS reference for FreeBSD
# 3.9.0 Wed 26 Mar 2014 11:21:34 EST
# Added initial AIX support
# 3.9.1 Wed 26 Mar 2014 13:35:49 EST
# Added password parameter tests and CIS references for AIX
# 3.9.2 Wed 26 Mar 2014 13:58:21 EST
# Added login retry limit test and CIS references for AIX
# 3.9.3 Wed 26 Mar 2014 14:06:37 EST
# Added rlogin test and CIS reference for AIX
# 3.9.4 Wed 26 Mar 2014 14:34:31 EST
# Added code to drive chuser and added su group test and CIS reference for AIX
# 3.9.5 Wed 26 Mar 2014 16:48:23 EST
# Added system user rlogin test and CIS reference for AIX
# 3.9.6 Wed 26 Mar 2014 17:37:12 EST
# Added code to drive [rm,ls,ch]itab on AIX
# 3.9.7 Wed 26 Mar 2014 17:41:27 EST
# Added qdaemon test and CIS reference for AIX
# 3.9.8 Wed 26 Mar 2014 17:45:23 EST
# Added lpd and piobe test and CIS reference for AIX
# 3.9.9 Wed 26 Mar 2014 17:50:30 EST
# Added dt test and CIS reference for AIX
# 4.0.0 Wed 26 Mar 2014 17:54:55 EST
# Added rcnfs test and CIS reference for AIX
# 4.0.1 Wed 26 Mar 2014 20:36:07 EST
# Added world writable files test and CIS reference for AIX
# 4.0.2 Wed 26 Mar 2014 20:45:50 EST
# Added unowned files test and CIS reference for AIX
# 4.0.3 Wed 26 Mar 2014 20:53:15 EST
# Added setuid files test and CIS reference for AIX
# 4.0.4 Thu 27 Mar 2014 07:41:22 EST
# Added Trusted Execution handling code for AIX
# 4.0.5 Thu 27 Mar 2014 07:57:51 EST
# Added Trusted Execution tests and CIS reference for AIX
# 4.0.6 Thu 27 Mar 2014 08:12:32 EST
# Added code to check AIX package is installed
# 4.0.7 Thu 27 Mar 2014 08:44:18 EST
# Added root PATH check and CIS reference for AIX
# 4.0.8 Thu 27 Mar 2014 08:48:48 EST
# Added duplicate group test and CIS reference for AIX
# 4.0.9 Thu 27 Mar 2014 08:52:25 EST
# Added duplicate user test and CIS reference for AIX
# 4.1.0 Thu 27 Mar 2014 09:01:12 EST
# Added empty password field test and CIS reference for AIX
# 4.1.1 Thu 27 Mar 2014 09:09:00 EST
# Added cron/at allow tests and CIS references for AIX
# 4.1.2 Thu 27 Mar 2014 09:14:09 EST
# Added security motd test and CIS reference for AIX
# 4.1.3 Thu 27 Mar 2014 10:07:11 EST
# Added FTP banner test and CIS reference for AIX
# 4.1.4 Thu 27 Mar 2014 10:13:14 EST
# Added FTP daemon umask test and CIS reference for AIX
# 4.1.5 Thu 27 Mar 2014 10:35:00 EST
# Added FTP users test and CIS reference for AIX
# 4.1.6 Thu 27 Mar 2014 10:55:57 EST
# Added sar accounting test and CIS reference for AIX
# 4.1.7 Thu 27 Mar 2014 10:58:32 EST
# Added mesgn test and CIS reference for AIX
# 4.1.8 Thu 27 Mar 2014 11:06:00 EST
# Added writesrv test and CIS reference for AIX
# 4.1.9 Thu 27 Mar 2014 11:11:56 EST
# Added power management test and CIS reference for AIX
# 4.2.0 Thu 27 Mar 2014 11:30:22 EST
# Added online documentation daemon test and CIS reference for httpdlite on AIX
# 4.2.1 Thu 27 Mar 2014 15:05:10 EST
# Added NCS test and CIS reference for AIX
# 4.2.2 Thu 27 Mar 2014 15:13:04 EST
# Added i4ls test and CIS reference of AIX
# 4.2.3 Thu 27 Mar 2014 15:45:39 EST
# Added serial login test and CIS reference for AIX
# 4.2.4 Thu 27 Mar 2014 16:06:59 EST
# Added user home directory tests and CIS references for AIX
# 4.2.5 Thu 27 Mar 2014 16:16:13 EST
# Added /var/adm/sa ownership test and CIS reference for AIX
# 4.2.6 Thu 27 Mar 2014 16:30:53 EST
# Added snmp and ras permissions test and CIS reference for AIX
# 4.2.7 Thu 27 Mar 2014 17:11:37 EST
# Added various file/directory permissions tests and CIS references for AIX
# 4.2.8 Thu 27 Mar 2014 17:44:09 EST
# Added Initial TCP Wrappers test and CIS references for AIX
# 4.2.9 Fri 28 Mar 2014 07:52:02 EST
# Added code to drive rctcp on AIX
# 4.3.0 Fri 28 Mar 2014 08:18:59 EST
# Added sendmail test and CIS reference for AIX
# 4.3.1 Fri 28 Mar 2014 08:31:37 EST
# Added snmp test and CIS reference for AIX
# 4.3.2 Fri 28 Mar 2014 08:37:56 EST
# Added sendmail disable variable
# 4.3.3 Fri 28 Mar 2014 08:46:02 EST
# Added dhcpcd test and CIS reference for AIX
# 4.3.4 Fri 28 Mar 2014 08:52:12 EST
# Added dhcprd test and CIS reference for AIX
# 4.3.5 Fri 28 Mar 2014 08:56:33 EST
# Added dhcpsd test and CIS reference for AIX
# 4.3.6 Fri 28 Mar 2014 09:01:46 EST
# Added autoconf6 test and CIS reference for AIX
# 4.3.7 Fri 28 Mar 2014 09:14:02 EST
# Added gated test and CIS reference for AIX
# 4.3.8 Fri 28 Mar 2014 09:56:38 EST
# Added mrouted test and CIS reference for AIX
# 4.3.9 Fri 28 Mar 2014 10:14:12 EST
# Added named test and CIS reference for AIX
# 4.3.9 Fri 28 Mar 2014 10:16:12 EST
# Added routed test and CIS reference for AIX
# 4.4.0 Fri 28 Mar 2014 10:21:13 EST
# Added rwhod test and CIS reference for AIX
# 4.4.1 Fri 28 Mar 2014 10:26:21 EST
# Added timed test and CIS reference for AIX
# 4.4.2 Fri 28 Mar 2014 10:29:26 EST
# Added dpid2 test and CIS reference for AIX
# 4.4.3 Fri 28 Mar 2014 10:31:32 EST
# Added hostmibd test and CIS reference for AIX
# 4.4.4 Fri 28 Mar 2014 10:32:07 EST
# Added snmpdmibd test and CIS reference for AIX
# 4.4.5 Fri 28 Mar 2014 10:33:56 EST
# Added aixmibd test and CIS reference for AIX
# 4.4.6 Fri 28 Mar 2014 10:51:38 EST
# Added NPD tests and CIS references for AIX
# 4.4.7 Fri 28 Mar 2014 10:57:08 EST
# Added .netrc tests and CIS references for AIX
# 4.4.8 Fri 28 Mar 2014 10:59:05 EST
# Added .rhosts tests and CIS references for AIX
# 4.4.9 Fri 28 Mar 2014 12:43:48 EST
# Added hosts.equiv tests and CIS references for AIX
# 4.5.0 Fri 28 Mar 2014 12:54:51 EST
# Added code to drive no on AIX
# 4.5.1 Fri 28 Mar 2014 13:33:07 EST
# Added network kernel tuning parameter test and CIS references for AIX
# 4.5.2 Fri 28 Mar 2014 14:38:14 EST
# Added code to drive subserver on AIX
# 4.5.3 Fri 28 Mar 2014 14:56:37 EST
# Added legacy services tests and CIS references for AIX
# 4.5.4 Sat 29 Mar 2014 20:45:37 EST
# Added numerous CIS references for Solaris tests
# 4.5.5 Sun 30 Mar 2014 09:07:50 EST
# Added more CIS references for Solaris tests
# 4.5.6 Sun 30 Mar 2014 15:47:53 EST
# Added more CIS references for Linux tests and cleaned up some Linux test conditions
# 4.5.7 Sun 30 Mar 2014 18:19:19 EST
# Added kernel-PAE package check
# 4.5.8 Sun 30 Mar 2014 18:46:32 EST
# Added various client package tests for Linux
# 4.5.9 Sun 30 Mar 2014 20:56:34 EST
# Added code to remove talk client on Linux
# 4.6.0 Sun 30 Mar 2014 21:03:03 EST
# Fixed xinetd test for Linux
# 4.6.1 Sun 30 Mar 2014 21:48:42 EST
# Added CIS references and updated syslog configuration for Linux
# 4.6.2 Sun 30 Mar 2014 22:00:49 EST
# Updated syslog and rsyslog test for Linux
# 4.6.3 Mon 31 Mar 2014 09:35:36 EST
# Added pam_deny and pam_ccred tests for Linux
# 4.6.4 Mon 31 Mar 2014 10:01:27 EST
# Added inactive user test for Linux
# 4.6.5 Mon 31 Mar 2014 10:49:09 EST
# Added more CIS references for Linux
# 4.6.6 Mon 31 Mar 2014 14:44:00 EST
# Added noexec tmpfs test for Linux
# 4.6.7 Mon 31 Mar 2014 21:05:17 EST
# More CIS references for Linux
# 4.6.8 Tue 1 Apr 2014 09:48:55 EST
# Added interactive boot test
# 4.6.9 Tue 1 Apr 2014 10:13:02 EST
# Added kernel-pae test and CIS reference for SuSE Linux
# 4.7.0 Tue 1 Apr 2014 13:45:14 EST
# Added AppArmour and biosdevname test for SuSE Linux
# 4.7.1 Tue 1 Apr 2014 14:49:16 EST
# Added SuSEfirewall2 test
# 4.7.2 Tue 1 Apr 2014 17:41:27 EST
# Added shadow group member test for SuSE Linux
# 4.7.3 Tue 1 Apr 2014 18:31:11 EST
# Added gdm-autologin PAM check for Solaris 11
# 4.7.4 Tue 1 Apr 2014 19:50:22 EST
# Added EEEPROM password test for SPARC
# 4.7.5 Wed 2 Apr 2014 12:31:55 EST
# Fixed bugs (thanks to Mark Lane for testing)
# 4.7.6 Wed 2 Apr 2014 15:13:36 EST
# More bug fixes
# 4.7.7 Thu 3 Apr 2014 15:05:09 EST
# Updated AppArmour test for SuSE Linux
# 4.7.8 Sat 12 Apr 2014 13:34:49 EST
# Reference updates
# 4.7.9 Sat 12 Apr 2014 22:20:43 EST
# Reference updates
# 4.8.0 Sun 13 Apr 2014 17:40:02 EST
# Reference updates and bug fixes
# 4.8.1 Sun 13 Apr 2014 21:21:48 EST
# Removed duplicate auto logout module
# 4.8.2 Fri 25 Apr 2014 12:16:09 EST
# Fixed some bugs
# 4.8.3 Sun 27 Apr 2014 16:07:34 EST
# Fixed audit_system_auth_use_uid
# 4.8.4: Tue 6 May 2014 12:42:52 EST
# Minor fixes
# 4.8.5: Thu 8 May 2014 09:14:24 EST
# Fixed cron allow test for Solaris 11, Linux and FreeBSD
# 4.8.6: Wed 14 May 2014 13:29:30 EST
# Minor updates
# 4.8.7: Thu 15 May 2014 12:07:13 EST
# Deleted duplicate root group test
# 4.8.8: Thu May 29 03:05:01 UTC 2014
# Bug fixes and inital ESXi support (no tests)
# 4.8.9: Thu 29 May 2014 16:28:43 EST
# Improved scoring and added SNMP and Syslog tests for ESX
# 4.9.0: Fri 30 May 2014 08:53:44 EST
# Added NTP check for ESXi and made further improvements to scoring
# 4.9.1: Fri 30 May 2014 11:37:44 EST
# Added signed kernel module test for ESXi
# 4.9.2: Fri 30 May 2014 15:23:01 EST
# Added shell timeout tests for ESXi
# 4.9.3: Fri 30 May 2014 15:40:43 EST
# Added Syslog directory test for ESXi
# 4.9.4: Fri 30 May 2014 16:48:29 EST
# Added software update test for ESXi
# 4.9.5: Fri 30 May 2014 18:48:39 EST
# Added Managed Object Browser test for ESXi
# 4.9.6: Fri 30 May 2014 20:44:33 EST
# Added Dvfilter test for ESXi
# 4.9.7: Sat 31 May 2014 06:54:25 EST
# Added DCUI, SSH and ESXi Shell tests fo ESXi
# 4.9.8: Sat 31 May 2014 08:15:56 EST
# Added Lockdown check for ESXi
# 4.9.9: Sat 31 May 2014 09:47:48 EST
# Minor code cleanup
# 5.0.0: Wed 11 Jun 2014 18:54:58 EST
# Updated license
# 5.0.1: Tue 28 Apr 2015 15:05:14 AEST
# Removed call to audit_root_account as it was split into several audit_root_* subroutines
# 5.0.2: Sat 14 Jan 2017 12:06:37 AEDT
# Start adding support for Amazon Linux and added vfat to modprobe check
# 5.0.3: Sat 14 Jan 2017 16:22:29 AEDT
# Initial Amazon Linux support
# 5.0.4: Sat 14 Jan 2017 17:22:34 AEDT
# Fixed audit select function
# 5.0.5: Sat 14 Jan 2017 19:34:40 AEDT
# Fixed code to print module information
# 5.0.6: Sat 14 Jan 2017 23:48:24 AEDT
# Code cleanup
# 5.0.7: Sun 15 Jan 2017 11:11:19 AEDT
# Updates for Amazon Linux and Centos / RHEL 7
# 5.0.8: Sun 15 Jan 2017 13:09:27 AEDT
# More updates for Amazon Linux and Centos / RHEL 7
# 5.0.9: Sun 15 Jan 2017 13:55:43 AEDT
# More updates for Amazon Linux and Centos / RHEL 7
# 5.1.0: Sun 15 Jan 2017 14:17:54 AEDT
# More updated for Amazon Linux and Centos / RHEL 7
# 5.1.1: Sun 15 Jan 2017 14:57:17 AEDT
# Documentation cleanup
# 5.1.2: Sun 15 Jan 2017 16:09:52 AEDT
# More updates for Amazon Linux and Centos / RHEL 7
# 5.1.3: Sun 15 Jan 2017 16:18:28 AEDT
# Bug fixes
# 5.1.4: Mon 16 Jan 2017 07:38:08 AEDT
# Bug fixes
# 5.1.5: Mon 16 Jan 2017 07:55:34 AEDT
# Fix for Amazon Linux
# 5.1.6: Mon 16 Jan 2017 08:16:55 AEDT
# Bug fixes
# 5.1.7: Mon 16 Jan 2017 09:18:43 AEDT
# Cleaned up reporting
# 5.1.8: Mon 16 Jan 2017 17:15:21 AEDT
# Fixed code to use . rather than source on Ubuntu and Debian (sh is actually bash)
# 5.1.9: Tue 17 Jan 2017 20:13:43 AEDT
# Updated Linux package handling code
# 5.2.0: Wed 18 Jan 2017 08:39:55 AEDT
# Initial code for AWS Foundation Security audit
# 5.2.1: Wed 18 Jan 2017 14:47:16 AEDT
# Added AWS credentials check
# 5.2.2: Wed 18 Jan 2017 15:49:35 AEDT
# Added AWS credential rotation check
# 5.2.3: Wed 18 Jan 2017 18:56:54 AEDT
# Added AWS password policy check
# 5.2.4: Wed 18 Jan 2017 20:33:11 AEDT
# Added AWS root account MFA check
# 5.2.5: Wed 18 Jan 2017 21:28:14 AEDT
# Added AWS user policy check
# 5.2.6: Thu 19 Jan 2017 07:34:48 AEDT
# Added AWS support role check
# 5.2.7: Thu 19 Jan 2017 09:05:08 AEDT
# Added AWS access keys check
# 5.2.8: Thu 19 Jan 2017 10:15:18 AEDT
# Added AWS full administrative privileges check
# 5.2.9: Thu 19 Jan 2017 10:58:16 AEDT
# Added AWS CloudTrail MultiRegion check
# 5.3.0: Thu 19 Jan 2017 11:14:20 AEDT
# Added AWS CloudTrail LogFileValidation check
# 5.3.1: Thu 19 Jan 2017 11:47:33 AEDT
# Added AWS CloudTrail bucket permissions check
# 5.3.2: Thu 19 Jan 2017 16:59:12 AEDT
# Added AWS IAM Master / Manager account check
# 5.3.3: Thu 19 Jan 2017 17:54:06 AEDT
# Fixed various AWS bugs
# 5.3.4: Thu 19 Jan 2017 21:40:00 AEDT
# Added AWS CloudTrail bucket policy check
# 5.3.5: Thu 19 Jan 2017 22:14:38 AEDT
# Added AWS CloudTrail CloudWatch Logs integration check
# 5.3.6: Thu 19 Jan 2017 23:02:54 AEDT
# Added initial support for AWS Config check
# 5.3.7: Thu 19 Jan 2017 23:13:12 AEDT
# Added AWS CloudTrail S3 Bucket logging check
# 5.3.8: Thu 19 Jan 2017 23:24:30 AEDT
# Added AWS CloudTrail KMS Key check
# 5.3.9: Fri 20 Jan 2017 08:24:56 AEDT
# Added AWS Key check
# 5.4.0: Fri 20 Jan 2017 10:03:02 AEDT
# Added AWS VPC peering check
# 5.4.1: Fri 20 Jan 2017 13:19:36 AEDT
# Added Inbound / Outbond check for AWS Security Groups
# 5.4.2: Fri 20 Jan 2017 14:33:57 AEDT
# Added AWS VPC flow log check
# 5.4.3: Fri 20 Jan 2017 16:13:34 AEDT
# Added AWS Security Group check for open SSH / RDP ports
# 5.4.4: Fri 20 Jan 2017 17:28:52 AEDT
# Added initial AWS SNS checks
# 5.4.5: Fri 20 Jan 2017 19:38:09 AEDT
# Added initial AWS monitoring checks
# 5.4.6: Fri 20 Jan 2017 20:14:43 AEDT
# Added AWS alarm and subscriber checks
# 5.4.7: Fri 20 Jan 2017 20:41:44 AEDT
# Added AWS IAM alarm and subscriber checks
# 5.4.8: Fri 20 Jan 2017 22:14:27 AEDT
# Added AWS CloudTrail, Console, Key, S3, Config, NACL, Security Group, Gateway, Route and VPC alarm and subscriber checks
# 5.4.9: Sat 21 Jan 2017 08:41:04 AEDT
# Added fix information for AWS Access Keys
# 5.5.0: Tue 24 Jan 2017 05:20:07 AEDT
# Cleaned up AWS CloudTrail checks
# 5.5.1: Tue 24 Jan 2017 16:22:48 AEDT
# Added some fix information for VPC checks
# 5.5.2: Tue 24 Jan 2017 16:47:11 AEDT
# Added some fix information for SNS check
# 5.5.3: Tue 24 Jan 2017 17:15:33 AEDT
# Updated AWS CloudTrail Key fix information
# 5.5.4: Tue 24 Jan 2017 17:26:25 AEDT
# Added some fix information for S3 bucket logging
# 5.5.5: Tue 24 Jan 2017 17:29:39 AEDT
# Added some fix information for AWS Config
# 5.5.6: Tue 24 Jan 2017 17:38:19 AEDT
# Added some fix information for CloudTrail bucket permissions
# 5.5.7: Tue 24 Jan 2017 19:58:17 AEDT
# Added initial ability to set AWS region on command line
# 5.5.8: Tue 24 Jan 2017 21:09:08 AEDT
# Added additional support for setting AWS region
# 5.5.9: Tue 24 Jan 2017 21:25:13 AEDT
# Added initial support for AWS recommendations
# 5.6.0: Tue 24 Jan 2017 22:35:11 AEDT
# Added AWS IAM SSH Public Keys check
# 5.6.1: Tue 24 Jan 2017 22:45:17 AEDT
# Added AWS IAM empty group check
# 5.6.2: Wed 25 Jan 2017 06:27:00 AEDT
# Added check for expired AWS certificates
# 5.6.3: Wed 25 Jan 2017 06:40:16 AEDT
# Added check for inactive AWS IAM accounts
# 5.6.4: Wed 25 Jan 2017 07:19:13 AEDT
# Added check for AWS Route53 Domain renewals
# 5.6.5: Wed 25 Jan 2017 07:31:24 AEDT
# Added check for AWS Route53 Domain expiration
# 5.6.6: Wed 25 Jan 2017 08:32:35 AEDT
# Added check for AWS Route53 Zone SPF records
# 5.6.7: Wed 25 Jan 2017 08:40:14 AEDT
# Added check for AWS Route53 Domain Transfer Lock
# 5.6.8: Wed 25 Jan 2017 12:52:00 AEDT
# Added check for AWS instance image ID owner
# 5.6.9: Wed 25 Jan 2017 17:47:28 AEDT
# Added check for number of AWS EIPs consumer
# 5.7.0: Wed 25 Jan 2017 18:21:39 AEDT
# Added check for AWS instances using the default security group
# 5.7.1: Wed 25 Jan 2017 18:46:14 AEDT
# Added check for AWS EC2-Classic instances
# 5.7.2: Wed 25 Jan 2017 19:34:59 AEDT
# Added check against recommended Instance name
# 5.7.3: Wed 25 Jan 2017 20:49:54 AEDT
# Added check for AWS instance termination protection
# 5.7.4: Wed 25 Jan 2017 21:20:52 AEDT
# Added check to see if instances have IAM profiles
# 5.7.5: Thu 26 Jan 2017 04:41:19 AEDT
# Added check for publicly shared AWS AMIs
# 5.7.6: Thu 26 Jan 2017 05:42:37 AEDT
# Added check against recommended Security Group name
# 5.7.7: Thu 26 Jan 2017 09:09:47 AEDT
# Split out AWS VPC and SG checks
# 5.7.8: Thu 26 Jan 2017 09:17:26 AEDT
# Added check for AWS SGs with open CIFS ports
# 5.7.9: Thu 26 Jan 2017 09:22:07 AEDT
# Added check for AWS SGs with open DNS ports
# 5.8.0: Thu 26 Jan 2017 09:51:13 AEDT
# Added check for AWS SGs with open FTP ports
# 5.8.1: Thu 26 Jan 2017 10:03:33 AEDT
# Added check for AWS SGs with various open ports
# 5.8.2: Thu 26 Jan 2017 11:00:34 AEDT
# Added check for AWS SGs with open MongoDB ports
# 5.8.3: Thu 26 Jan 2017 11:09:27 AEDT
# Added check for AWS SGs with open RPC ports
# 5.8.4: Thu 26 Jan 2017 11:48:10 AEDT
# Added check for AWS SGs with open ICMP
# 5.8.5: Thu 26 Jan 2017 11:51:56 AEDT
# Added check for AWS SGs with open SMTP
# 5.8.6: Thu 26 Jan 2017 11:55:15 AEDT
# Added check for AWS SGs with open Telnet
# 5.8.7: Thu 26 Jan 2017 12:20:11 AEDT
# Added check for AWS users with attached policies
# 5.8.8: Thu 26 Jan 2017 14:02:54 AEDT
# Added check for AWS ES domains being publicly accessible
# 5.8.9: Thu 26 Jan 2017 14:27:20 AEDT
# Added check for AWS ES domains having IP access policy
# 5.9.0: Thu 26 Jan 2017 14:43:32 AEDT
# Added check for AWS ES domains having dedicated master nodes
# 5.9.1: Thu 26 Jan 2017 14:51:13 AEDT
# Added check for AWS ES domains using General Purpose SSD to be cost effective
# 5.9.2: Thu 26 Jan 2017 15:25:04 AEDT
# Added check for AWS ES domains being cross zone aware
# 5.9.3: Thu 26 Jan 2017 16:03:54 AEDT
# Added more tag checks for AWS EC2 instances
# 5.9.4: Thu 26 Jan 2017 20:54:23 AEDT
# Added check for empty DynamoDB tables to be cost effective
# 5.9.5: Thu 26 Jan 2017 21:19:06 AEDT
# Added check for AWS ELB logging being enabled
# 5.9.6: Thu 26 Jan 2017 22:54:21 AEDT
# Added check for AWS ELB connection draining being enabled
# 5.9.7: Thu 26 Jan 2017 23:08:23 AEDT
# Added check for AWS ELB cross zone balancing being enabled
# 5.9.8: Fri 27 Jan 2017 07:07:37 AEDT
# Added check for AWS ELB using deprecated ciphers
# 5.9.9: Fri 27 Jan 2017 07:38:05 AEDT
# Added check for AWS ELB using deprecated protocols
# 6.0.0: Fri 27 Jan 2017 08:20:44 AEDT
# Added check for AWS ELB using HTTP rather than HTTPS
# 6.0.1: Fri 27 Jan 2017 08:32:32 AEDT
# Added check for AWS ELB having at least 2 instances
# 6.0.2: Fri 27 Jan 2017 08:48:57 AEDT
# Added check for AWS ELB SGs being open on port 80
# 6.0.3: Fri 27 Jan 2017 09:22:00 AEDT
# Added check for out of service AWS ELB instances
# 6.0.4: Fri 27 Jan 2017 09:33:32 AEDT
# Added check for unencrypted AWS EC2 volumes
# 6.0.5: Fri 27 Jan 2017 13:19:21 AEDT
# Added check for AWS EC2 volume names
# 6.0.6: Fri 27 Jan 2017 18:04:39 AEDT
# Added check for AWS EC2 snapshots older than 30 days
# 6.0.7: Fri 27 Jan 2017 19:13:08 AEDT
# Added check for AWC EC2 unattached volumes to be cost effective
# 6.0.8: Fri 27 Jan 2017 19:37:26 AEDT
# Added check for AWC VPC exposed endpoints
# 6.0.9: Fri 27 Jan 2017 21:42:09 AEDT
# Added check for AWS VPC names
# 6.1.0: Sat 28 Jan 2017 08:16:46 AEDT
# Added check for AWS VPC / VPN redundancy
# 6.1.1: Sat 28 Jan 2017 09:00:59 AEDT
# Added check for AWS S3 bucket grants
# 6.1.2: Sat 28 Jan 2017 09:05:50 AEDT
# Added check for AWS S3 bucket logging
# 6.1.3: Sat 28 Jan 2017 09:13:45 AEDT
# Added check for AWS S3 bucket versioning
# 6.1.4: Sat 28 Jan 2017 14:06:32 AEDT
# Added check for AWS SES and DKIM
# 6.1.5: Sat 28 Jan 2017 14:45:31 AEDT
# Added check for AWS RDS auto minor version upgrade
# 6.1.6: Sat 28 Jan 2017 15:15:43 AEDT
# Added check for AWS RDS automated backups
# 6.1.7: Sat 28 Jan 2017 16:51:40 AEDT
# Added check for AWS RDS encryption
# 6.1.8: Sat 28 Jan 2017 17:06:52 AEDT
# Added check for AWS RDS having Multi-AZ enabled
# 6.1.9: Sat 28 Jan 2017 19:32:15 AEDT
# Added check for AWS RDS Security Groups
# 6.2.0: Sat 28 Jan 2017 20:39:56 AEDT
# Added check for AWS RDS using KMS key
# 6.2.1: Sat 28 Jan 2017 21:08:09 AEDT
# Added check for AWS RDS using General Purpose SSD to be cost effective
# 6.2.2: Sat 28 Jan 2017 21:26:07 AEDT
# Added check for AWS RDS instances being on a public facing subnet
# 6.2.3: Sat 28 Jan 2017 21:45:29 AEDT
# Added check for AWS RDS instances using default master username
# 6.2.4: Sun 29 Jan 2017 11:40:24 AEDT
# Added check for AWS RDS registered instances expiring
# 6.2.5: Sun 29 Jan 2017 11:54:14 AEDT
# Added check for AWS RDS backup retention period
# 6.2.6: Sun 29 Jan 2017 12:44:23 AEDT
# Added check for AWS EC2 EBS volumes having KMS keys
# 6.2.7: Sun 29 Jan 2017 15:31:20 AEDT
# Added check for AWS EC2 EBS volume snapshots being taken
# 6.2.8: Sun 29 Jan 2017 17:16:24 AEDT
# Added check for AWS CloudTrail recording global events
# 6.2.9: Sun 29 Jan 2017 19:03:52 AEDT
# Added check for AWS inactive KMS keys
# 6.3.0: Sun 29 Jan 2017 19:03:52 AEDT
# Added check for AWS SNS topic being publicly accessible
# 6.3.1: Sun 29 Jan 2017 20:02:57 AEDT
# Added check for AWS CloudFormation stacks using SNS
# 6.3.2: Sun 29 Jan 2017 20:30:55 AEDT
# Added check for AWS CloudFormation stacks having policies
# 6.3.3: Sun 29 Jan 2017 20:49:28 AEDT
# Added check for AWS ElastiCache having HA enabled
# 6.3.4: Sun 29 Jan 2017 21:06:57 AEDT
# Added check for AWS ElastiCache reserved instances expiring
# 6.3.5: Sun 29 Jan 2017 21:23:07 AEDT
# Added check for AWS Cloudfront WAF integration being enabled
# 6.3.6: Sun 29 Jan 2017 21:31:31 AEDT
# Added check for AWS Cloudfront logging being enabled
# 6.3.7: Sun 29 Jan 2017 21:38:47 AEDT
# Added check for AWS Cloudfront using deprecate SSL version
# 6.3.8: Sun 29 Jan 2017 21:43:31 AEDT
# Added check for AWS Cloudfront using HTTP only
# 6.3.9: Sun 29 Jan 2017 22:08:20 AEDT
# Added check for AWS CloudWatch alarm for EC2 instance changes
# 6.4.0: Sun 29 Jan 2017 22:22:11 AEDT
# Added check for AWS CloudWatch alarm for EC2 instance size changes
# 6.4.1: Mon 30 Jan 2017 08:13:20 AEDT
# Added check for AWS Redshift upgrades being enabled
# 6.4.2: Mon 30 Jan 2017 08:36:14 AEDT
# Added check for AWS Redshift logging being enabled
# 6.4.3: Mon 30 Jan 2017 08:44:03 AEDT
# Added check for AWS Redshift encryption being enabled
# 6.4.4: Mon 30 Jan 2017 08:50:04 AEDT
# Added check for AWS Redshift using KMS keys
# 6.4.5: Mon 30 Jan 2017 09:12:42 AEDT
# Added check for AWS Redshift using EC2-VPC domains rather than EC2-Classic
# 6.4.6: Mon 30 Jan 2017 09:34:38 AEDT
# Added check for AWS Redshift paramter groups requiring SSL
# 6.4.7: Mon 30 Jan 2017 09:47:58 AEDT
# Added check for AWS Redshift being publicly available
# 6.4.8: Mon 30 Jan 2017 10:11:21 AEDT
# Added check for AWS Redshift reserved instances about to expire
# 6.4.9: Tue 31 Jan 2017 14:55:55 AEDT
# Added check for AWS Inspector being used
# 6.5.0: Tue 31 Jan 2017 16:39:08 AEDT
# Added check for AWS Inspector assessment recommendation (CVEs)
# 6.5.1: Tue 7 Feb 2017 14:34:39 AEDT
# Added initial support for Docker
# 6.5.2: Tue 7 Feb 2017 16:59:27 AEDT
# Added additional Docker support
# 6.5.3: Tue 7 Feb 2017 17:37:13 AEDT
# Added Docker network bridge test
# 6.5.4: Wed 8 Feb 2017 07:43:30 AEDT
# Added more Docker tests and updated SSH TCP forwarding test
# 6.5.5: Wed 8 Feb 2017 08:09:14 AEDT
# Fixed Docker daemon test
# 6.5.6: Wed 8 Feb 2017 08:17:15 AEDT
# Added Docker user namespace support test
# 6.5.7: Wed 8 Feb 2017 08:32:00 AEDT
# Added Docker daemon storage option and authorisation plugin checks
# 6.5.8: Wed 8 Feb 2017 08:37:12 AEDT
# Added additional Docker logging tests
# 6.5.9: Wed 8 Feb 2017 08:46:12 AEDT
# Added Docker legacy registry check
# 6.6.0: Wed 8 Feb 2017 08:48:46 AEDT
# Added Docker liver restore check
# 6.6.1: Wed 8 Feb 2017 08:54:36 AEDT
# Added Docker userland proxy test
# 6.6.2: Wed 8 Feb 2017 08:57:18 AEDT
# Added Docker encrypted network traffic check
# 6.6.3: Wed 8 Feb 2017 08:59:50 AEDT
# Added Docker seccomp profile test
# 6.6.4: Wed Feb 8 09:23:05 AEDT 2017
# Added Docker swarm unlock key test
# 6.6.5: Wed 8 Feb 2017 10:16:35 AEDT
# Added Docker file permission tests
# 6.6.6: Wed 8 Feb 2017 10:43:45 AEDT
# Added Docker container user test
# 6.6.7: Wed 8 Feb 2017 11:53:36 AEDT
# Added Docker Healthcheck test
# 6.6.8: Wed 8 Feb 2017 12:33:33 AEDT
# Added Docker AppArmor test
# 6.6.9: Wed 8 Feb 2017 12:46:13 AEDT
# Added Docker SELinux test
# 6.7.0: Wed 8 Feb 2017 14:41:52 AEDT
# Added Docker capabilities test
# 6.7.1: Wed 8 Feb 2017 14:48:15 AEDT
# Added Docker privileged container check
# 6.7.2: Wed 8 Feb 2017 15:11:17 AEDT
# Added Docker host network namespace check
# 6.7.3: Wed 8 Feb 2017 15:26:33 AEDT
# Added Docker memory usage limit test
# 6.7.4: Wed 8 Feb 2017 17:17:58 AEDT
# Initial Docker code cleanup
# 6.7.5: Wed 8 Feb 2017 17:50:16 AEDT
# Additional Docker code cleanup
# 6.7.6: Wed 8 Feb 2017 17:57:59 AEDT
# Added Docker Memory and CpuShares tests
# 6.7.7: Wed 8 Feb 2017 19:04:24 AEDT
# Added Docker Ports check and cleaned up code
# 6.7.8: Wed 8 Feb 2017 19:24:39 AEDT
# More Docker fixes
# 6.7.9: Wed 8 Feb 2017 19:38:44 AEDT
# Added Docker PidMode check
# 6.8.0: Wed 8 Feb 2017 19:41:46 AEDT
# Added Docker IpcMode check
# 6.8.1: Wed 8 Feb 2017 19:57:04 AEDT
# Added Docker Devices check
# 6.8.2: Wed 8 Feb 2017 20:02:58 AEDT
# Added Docker Ulimits check
# 6.8.3: Wed 8 Feb 2017 20:15:10 AEDT
# Added Docker mount propagation check
# 6.8.4: Wed 8 Feb 2017 20:20:25 AEDT
# Added Docker UTSMode check
# 6.8.5: Wed 8 Feb 2017 21:58:01 AEDT
# Added Docker exec commands with privileged option check
# 6.8.6: Wed 8 Feb 2017 22:45:04 AEDT
# Cleaned up Docker tests
# 6.8.7: Wed 8 Feb 2017 22:56:11 AEDT
# Added Docker exec commands with user option check
# 6.8.8: Wed 8 Feb 2017 22:59:43 AEDT
# Added Docker CgroupParent test
# 6.8.9: Wed 8 Feb 2017 23:09:53 AEDT
# Added Docker SecurityOpt tests
# 6.9.0: Wed 8 Feb 2017 23:28:37 AEDT
# Added Docker Health test
# 6.9.1: Wed 8 Feb 2017 23:45:46 AEDT
# Added Docker default bridge test
# 6.9.2: Wed 8 Feb 2017 23:49:04 AEDT
# Added Docker UsernsMode test
# 6.9.3: Wed 8 Feb 2017 23:59:47 AEDT
# Added Docker socket mount test
# 6.9.4: Thu 9 Feb 2017 00:18:07 AEDT
# Added option to list Docker reports
# 6.9.5: Thu 9 Feb 2017 00:36:30 AEDT
# Updated GRUB test
# 6.9.6: Thu Feb 9 06:53:33 AEDT 2017
# Code cleanup and bug fixes
# 6.9.7: Thu 9 Feb 2017 09:12:03 AEDT
# Bug fixes and documenation updates
# 6.9.8: Thu 9 Feb 2017 09:37:36 AEDT
# Bug fixes and documenation updates
# 6.9.9: Thu 9 Feb 2017 10:51:58 AEDT
# Bug fixes and documenation updates
# 7.0.0: Thu 9 Feb 2017 11:09:01 AEDT
# Bug fixes and documenation updates
# 7.0.1: Thu 9 Feb 2017 15:37:09 AEDT
# Updated documentation
# 7.0.2: Fri 10 Feb 2017 00:23:29 AEDT
# Updates for OS X 10.12
# 7.0.3: Fri 10 Feb 2017 08:25:51 AEDT
# Bug fixes and documentation updates
# 7.0.4: Fri 10 Feb 2017 11:52:39 AEDT
# Code cleanup
# 7.0.5: Fri 10 Feb 2017 12:28:13 AEDT
# Added screen sharing test for OS X
# 7.0.6: Fri 10 Feb 2017 12:50:59 AEDT
# Added remote login check for OS X
# 7.0.7: Fri 10 Feb 2017 13:44:56 AEDT
# Added sleep check for OS X and updated documentation
# 7.0.8: Fri 10 Feb 2017 14:05:20 AEDT
# Code cleanup
# 7.0.9: Sat 11 Feb 2017 07:39:17 AEDT
# Code cleanup
# 7.1.0: Sat 11 Feb 2017 09:52:05 AEDT
# Updated SSH support to include sandbox for privilege separation
# 7.1.1: Sat 11 Feb 2017 11:56:22 AEDT
# Added Java test for OS X
# 7.1.2: Sat 11 Feb 2017 12:21:17 AEDT
# Added system log test for OS X
# 7.1.3: Sat 11 Feb 2017 12:34:06 AEDT
# Added addition system log tests for OS X and updated documentation
# 7.1.4: Sat 11 Feb 2017 12:50:18 AEDT
# Added addition system log tests for OS X and updated documentation
# 7.1.5: Sat 11 Feb 2017 12:58:07 AEDT
# Added wireless check for OS X
# 7.1.6: Sat 11 Feb 2017 13:16:16 AEDT
# Added NFS daemon check for OS X
# 7.1.7: Sat 11 Feb 2017 15:44:55 AEDT
# Added Application permission checks for OS X
# 7.1.8: Sat 11 Feb 2017 16:33:48 AEDT
# Updated OS X password policy test
# 7.1.9: Sat 11 Feb 2017 17:18:07 AEDT
# Updated OS X password policy test
# 7.2.0: Sat 11 Feb 2017 17:39:07 AEDT
# Updated OS X keychain check
# 7.2.1: Sat 11 Feb 2017 17:50:45 AEDT
# Updated OS X login policy test and documentation
# 7.2.2: Sat 11 Feb 2017 18:18:10 AEDT
# Added system preferences check for OS X
# 7.2.3: Sat 11 Feb 2017 20:36:05 AEDT
# Added System Integrity Protection test for OS X
# 7.2.4: Sat 11 Feb 2017 21:39:02 AEDT
# Updated documentation
# 7.2.5: Sun Feb 12 13:26:29 AEDT 2017
# Code cleanup
# 7.2.6: Sat 9 Sep 2017 17:44:38 AEST
# Cleaned up command line argument handling
# 7.2.7: Wed 27 Dec 2017 07:55:29 AEDT
# Fixed uname and stat on OS X
# 7.2.8: Sat 9 Feb 2019 13:09:58 AEDT
# Fixed a bug with chkconfig on Centos
# 7.2.9: Sun 21 Apr 2019 11:19:00 AEST
# Fixed Java version check and some other bugs
# 7.3.0: Sun 21 Apr 2019 13:06:51 AEST
# Added initial code for detecting virtual platform and fixed separate filesystems check
# 7.3.1: Sun Apr 21 15:48:28 AEST 2019
# Cleanup and bug fixes
# 7.3.2: Sun 21 Apr 2019 16:25:36 AEST
# Fixed bug with sulogin check
# 7.3.3: Sun 21 Apr 2019 17:40:10 AEST
# Fixed bug with file value check and check values starting in hyphens
# 7.3.4: Sun 21 Apr 2019 18:16:35 AEST
# Initial bug fix for X Windows System package group being installed
# 7.3.5: Sun 21 Apr 2019 21:11:20 AEST
# Added group package check
# 7.3.6: Tue 23 Apr 2019 12:06:07 AEST
# Fixed bug with module check
# 7.3.7: Tue 23 Apr 2019 14:24:39 AEST
# Made code more portable
# 7.3.8: Tue 23 Apr 2019 15:14:52 AEST
# More fixes
# 7.3.9: Tue 23 Apr 2019 18:37:02 AEST
# Added initial docker test matrix
# 7.4.0: Tue 23 Apr 2019 19:16:20 AEST
# More bug fixes
# 7.4.1: Tue 23 Apr 2019 20:36:25 AEST
# Improved handling for beta releases of Red Hat Linux
# 7.4.2: Tue 23 Apr 2019 20:44:23 AEST
# Added file check to securetty test
# 7.4.3: Tue 23 Apr 2019 22:04:08 AEST
# Initial Kubernetes support
# 7.4.4: Wed 24 Apr 2019 07:24:28 AEST
# Added support of hyphens in parameter names in file value checks
# 7.4.5: Wed 24 Apr 2019 08:15:38 AEST
# Added additional kubernetes checks
# 7.4.6: Wed 24 Apr 2019 12:10:50 AEST
# Added additional kubernetes checks
# 7.4.7: Wed 24 Apr 2019 16:38:49 AEST
# Minor cleanup
# 7.4.8: Wed 24 Apr 2019 18:27:05 AEST
# Updated check file value function
# 7.4.9: Wed 24 Apr 2019 20:39:39 AEST
# Added additional kubernetes checks
# 7.5.0: Tue 11 Jun 2019 14:58:46 AEST
# Execshield fix
# 7.5.1: Tue 30 Jul 2019 21:54:54 AEST
# Fixes for Debian
# 7.5.2: Wed 31 Jul 2019 09:48:02 AEST
# Additional fix for Debian unstable
# 7.5.3: Wed 31 Jul 2019 20:36:53 AEST
# Fixes for date on Linux
# 7.5.4: Wed 22 Jan 2020 09:33:40 AEDT
# Bug fixes and initial ansbile output
# 7.5.5: Wed 22 Jan 2020 10:13:08 AEDT
# Bug fixes
# 7.5.6: Wed 22 Jan 2020 14:13:22 AEDT
# Bug fixes and code cleanup
# 7.5.7: Wed 22 Jan 2020 20:36:05 AEDT
# Added more ansible stanzas
# 7.5.8: Wed 22 Jan 2020 21:43:05 AEDT
# Bug fixes and code cleanup
# 7.5.9: Thu 23 Jan 2020 12:05:26 AEDT
# Added more ansible stanzas
# 7.6.0: Thu 23 Jan 2020 15:07:16 AEDT
# Added more ansible stanzas
# 7.6.1: Tue 18 Feb 2020 08:09:12 AEDT
# Fixes and improvements as suggesting in issue 36
# 7.6.2: Tue Feb 18 09:17:17 AEDT 2020
# Fixes for RedHat/Centos 8.x using chrony by default as suggested in issue 35
# 7.6.3: Sun 3 May 2020 08:48:13 AEST
# Fixed bug with filesystem partitions check
# 7.6.4: Sun 3 May 2020 10:53:34 AEST
# Formating cleanup
# 7.6.5: Sun 03 May 2020 12:19:19 AEST
# Added in function to check_file_value to cater for multiple parameters in a line
# 7.6.6: Sun 03 May 2020 13:13:14 AEST
# Ansible output tweaks
# 7.6.7: Sun 03 May 2020 14:34:48 AEST
# More ansible output tweaks
# 7.6.8: Mon 04 May 2020 12:01:58 AEST
# More ansible output tweaks
# 7.6.9: Mon 18 May 2020 19:25:17 AEST
# More Apache support
# 7.7.0: Wed 16 Sep 2020 09:08:19 AEST
# Fix for filesystem searches on Linux
# 7.7.1: Wed 16 Sep 2020 21:54:39 AEST
# Removed elfsign
# 7.7.2: Fri 18 Sep 2020 22:58:52 AEST
# Fixed duplicate options
# 7.7.3: Sat 19 Sep 2020 21:53:54 AEST
# Fix big with AIX Retry Limit code
# 7.7.4: Sun 20 Sep 2020 17:54:08 AEST
# Fixed AWS password policy module
# 7.7.5: Thu 22 Apr 2021 15:15:54 AEST
# Cleaned up linux service check code as per issue #37
# 7.7.6: Thu 22 Apr 2021 16:32:24 AEST
# Added code to deal with issue #61
# 7.7.7: Mon 31 Jan 2022 15:56:28 AEDT
# Updated security banner based on suggestion from Mark Lane so it can be grepped out easier
# 7.7.8: Fri 23 Sep 2022 12:19:00 AEST
# Updated check for tally2 PAM module which has been replaced with faillock PAM module in Ubuntu 22.04
# 7.7.9: Fri 23 Sep 2022 17:00:49 AEST
# Added check for apport service on Ubuntu 22.04
# 7.8.0: Fri 23 Sep 2022 17:53:12 AEST
# Fixed AppArmor check for Ubuntu
# 7.8.1: Sat 24 Sep 2022 19:10:14 AEST
# Added grub check to Apparmor check
# 7.8.2: Sun 25 Sep 2022 08:26:46 AEST
# Added grub config/menu file check to Apparmor test
# 7.8.3: Sun 25 Sep 2022 15:39:50 AEST
# Added gnome defaults check for GDM3
# 7.8.4: Sun 25 Sep 2022 17:05:31 AEST
# Added initial code for gsettings function
# 7.8.5: Sun 25 Sep 2022 17:11:38 AEST
# Fixed bug with apparmor module
# 7.8.6: Sun 25 Sep 2022 18:42:04 AEST
# Added GDM lock check for Linux
# 7.8.7: Sun 25 Sep 2022 21:17:32 AEST
# Updated GDM lock check for Linux
# 7.8.8: Mon 26 Sep 2022 13:38:37 AEST
# Updated GDM lock check for Linux
# 7.8.9: Mon 26 Sep 2022 14:39:14 AEST
# Added Gnome automount check
# 7.9.0: Mon 26 Sep 2022 14:53:17 AEST
# Added Gnome autorun check
# 7.9.1: Mon 26 Sep 2022 15:10:43 AEST
# Updated Gnome autorun check and added Gnome XDMCP check
# 7.9.2: Mon 26 Sep 2022 16:52:46 AEST
# Fixed prelink and aide checks
# 7.9.3: Mon 26 Sep 2022 20:18:21 AEST
# Added PAE/NX check
# 7.9.4: Tue 27 Sep 2022 10:48:50 AEST
# Added exim check
# 7.9.5: Tue 27 Sep 2022 10:59:19 AEST
# Added wireless check for Linux
# 7.9.6: Tue 27 Sep 2022 11:26:50 AEST
# Added some UFW checks for Ubuntu Linux
# 7.9.7: Tue 27 Sep 2022 11:47:58 AEST
# Added audispd-plugins package check
# 7.9.8: Wed 28 Sep 2022 20:20:02 AEST
# Added grub check for audit flag
# 7.9.9: Thu 29 Sep 2022 04:42:26 AEST
# Added audit log size check
# 8.0.0: Thu 29 Sep 2022 04:56:18 AEST
# Fixed audit max log file size
# 8.0.1: Thu 29 Sep 2022 05:11:57 AEST
# Added faillock to auditing
# 8.0.2: Thu 29 Sep 2022 07:23:59 AEST
# Added additional checks to system accounting/auditing
# 8.0.3: Thu 29 Sep 2022 13:42:08 AEST
# Added auditd log_group check
# 8.0.4: Thu 29 Sep 2022 14:59:40 AEST
# Added additional aide checks
# 8.0.5: Thu 29 Sep 2022 16:17:53 AEST
# Various updates to system logging and auditing checks
# 8.0.6: Sat 1 Oct 2022 14:22:20 AEST
# Added check for audit log of running command as another user
# 8.0.7: Sat 1 Oct 2022 14:28:36 AEST
# Added sudo check to audit
# 8.0.8: Sat 1 Oct 2022 14:40:46 AEST
# Added check for auditing chchon
# 8.0.9: Fri 27 Oct 2023 12:53:20 AEDT
# Moved home directory check to be a part of filesystem check option
# 8.1.0: Fri Oct 27 18:55:59 AEDT 2023
# Bug fixes for aide check
# 8.1.1: Fri Oct 27 19:11:38 AEDT 2023
# Bug fix for apparmor check
# 8.1.2: Fri Oct 27 19:15:46 AEDT 2023
# Bug fix for OS X defaults check
# 8.1.3: Fri Oct 27 19:18:29 AEDT 2023
# Bug fixes for auditd check
# 8.1.4: Fri Oct 27 19:34:00 AEDT 2023
# Bug fixes
# 8.1.5: Sat Oct 28 08:25:51 AEDT 2023
# Added check for iptables
# 8.1.6: Sat Oct 28 08:31:48 AEDT 2023
# Added check for nmcli
# 8.1.7: Sat Oct 28 15:59:00 AEDT 2023
# Added non root user check for reading shadow file
# 8.1.8: Sat Oct 28 17:16:46 AEDT 2023
# Added more checks for when not running as root
# 8.1.9: Sat 28 Oct 2023 22:53:06 AEDT
# Added addition shoftware update checks for macOS Sonoma
# 8.2.0: Sat 28 Oct 2023 22:56:29 AEDT
# Added keychain sync test for macOS Sonoma
# 8.2.1: Sun 29 Oct 2023 07:23:04 AEDT
# Fixed issue with OS version/release handling
# 8.2.2: Sun 29 Oct 2023 12:47:48 AEDT
# Documentation cleanup
# 8.2.3: Sun 29 Oct 2023 13:18:06 AEDT
# Added Air Drop check
# 8.2.4: Sun 29 Oct 2023 13:48:36 AEDT
# Added Air Play Receiver check
# 8.2.5: Sun 29 Oct 2023 13:52:09 AEDT
# Documentation fixes
# 8.2.6: Sun 29 Oct 2023 14:17:47 AEDT
# Updates for MacOS Sonoma
# 8.2.7: Sun 29 Oct 2023 14:29:02 AEDT
# Documentation updates
# 8.2.8: Sun 29 Oct 2023 15:09:04 AEDT
# Added MacOS check for asset caching
# 8.2.9: Sun 29 Oct 2023 20:48:01 AEDT
# Added MacOS check for media sharing
# 8.3.0: Sun 29 Oct 2023 21:05:10 AEDT
# Added additional MacOS check for bluetooth sharing
# 8.3.1: Sun 29 Oct 2023 21:31:22 AEDT
# Added MacOS Time Machine check
# 8.3.2: Sun 29 Oct 2023 21:52:39 AEDT
# Added additional MacOS wireless check
# 8.3.3: Sun 29 Oct 2023 21:59:28 AEDT
# Added additional MacOS wireless check
# 8.3.4: Mon 30 Oct 2023 07:16:19 AEDT
# Added MacOS Siri checks
# 8.3.5: Mon 30 Oct 2023 14:46:34 AEDT
# Added MacOS Location Services check
# 8.3.6: Mon 30 Oct 2023 16:09:37 AEDT
# Added MacOS defaults function to handle user defaults
# 8.3.7: Mon 30 Oct 2023 16:11:53 AEDT
# Bug fixes
# 8.3.8: Mon 30 Oct 2023 16:19:09 AEDT
# Added additional location services check
# 8.3.9: Mon 30 Oct 2023 16:59:08 AEDT
# Added MacOS Usage data check
# 8.4.0: Mon 30 Oct 2023 17:14:08 AEDT
# Added MacOS Ad Tracking check and updated test feedback
# 8.4.1: Mon 30 Oct 2023 20:35:54 AEDT
# Updated documentation
# 8.4.2: Mon 30 Oct 2023 20:49:28 AEDT
# Added MacOS Lockdown check
# 8.4.3: Mon 30 Oct 2023 21:11:38 AEDT
# Added MacOS screen corner setting check
# 8.4.4: Mon 30 Oct 2023 21:51:34 AEDT
# Added MacOS universal control check
# 8.4.5: Tue 31 Oct 2023 10:31:22 AEDT
# Added additional MocOS sleep checks for Intel
# 8.4.6: Tue 31 Oct 2023 10:37:41 AEDT
# Added additional MocOS sleep checks for Apple Silicon
# 8.4.7: Tue 31 Oct 2023 10:45:58 AEDT
# Added filevault check to sleep checks
# 8.4.8: Tue 31 Oct 2023 10:53:13 AEDT
# Added powernap check to sleep checks
# 8.4.9: Tue 31 Oct 2023 13:12:55 AEDT
# Added screen idle time check
# 8.5.0: Tue 31 Oct 2023 13:35:22 AEDT
# Updated documentation
# 8.5.1: Tue 31 Oct 2023 14:12:38 AEDT
# Added Touch ID checks
# 8.5.2: Tue 31 Oct 2023 14:20:28 AEDT
# Documentation updates
# 8.5.3: Wed 1 Nov 2023 13:57:00 AEDT
# Added MacOS check sysadminctl function
# 8.5.4: Wed 1 Nov 2023 16:11:13 AEDT
# Added MacOS SMB guest sharing check
# 8.5.5: Wed 1 Nov 2023 19:56:46 AEDT
# Updated documentation
# 8.5.6: Wed 1 Nov 2023 20:43:59 AEDT
# Updated kernel accounting test for MacOS Sonoma
# 8.5.7: Wed 1 Nov 2023 21:10:07 AEDT
# Updated firewall logging test for MacOS Sonoma
# 8.5.8: Wed 1 Nov 2023 21:22:02 AEDT
# Updated bonjour advertising test for MacOS Sonoma
# 8.5.9: Wed 1 Nov 2023 22:10:04 AEDT
# Updated web sharing and NFS check for MacOS Sonoma
# 8.6.0: Thu 2 Nov 2023 07:15:56 AEDT
# Updated documentation
# 8.6.1: Thu 2 Nov 2023 08:35:25 AEDT
# Added Apple Mobile File Integrity check
# 8.6.2: Thu 2 Nov 2023 08:58:41 AEDT
# Added MacOS Sealed System Volume check
# 8.6.3: Thu 2 Nov 2023 09:31:41 AEDT
# Added MacOS /System permissions check
# 8.6.4: Thu 2 Nov 2023 09:58:55 AEDT
# Updated MacOS password policy check for Sonoma
# 8.6.5: Thu 2 Nov 2023 14:06:09 AEDT
# Added APFS encrypted volume checks
# 8.6.6: Thu 2 Nov 2023 14:16:30 AEDT
# Added Core Storage encrypted volume checks
# 8.6.7: Thu 2 Nov 2023 14:55:46 AEDT
# Updated sudoers timeout check
# 8.6.8: Thu 2 Nov 2023 15:19:35 AEDT
# Added sudoers timestamp check
# 8.6.9: Thu 2 Nov 2023 15:39:28 AEDT
# Updated documentation
# 8.7.0: Thu 2 Nov 2023 15:48:28 AEDT
# Updated documentation
# 8.7.1: Thu 2 Nov 2023 20:11:40 AEDT
# Added Safari history limit check
# 8.7.2: Thu 2 Nov 2023 20:23:00 AEDT
# Added Safari Fradulent Website Warning check
# 8.7.3: Thu 2 Nov 2023 21:12:05 AEDT
# Added Safari Tracking check
# 8.7.4: Thu 2 Nov 2023 21:19:57 AEDT
# Added Hide IP Address in Safari check
# 8.7.5: Thu 2 Nov 2023 21:47:18 AEDT
# Added Safari Advertising Privacy Protection check
# 8.7.6: Fri 3 Nov 2023 08:07:58 AEDT
# Added Safari show full URL check
# 8.7.7: Fri 3 Nov 2023 09:22:30 AEDT
# Added Safari auto fill check
# 8.7.8: Fri 3 Nov 2023 09:50:02 AEDT
# Added Safari allow popups check
# 8.7.9: Fri 3 Nov 2023 10:09:51 AEDT
# Added Safari Javascript check
# 8.8.0: Fri 3 Nov 2023 10:14:10 AEDT
# Added Safari status bar check
# 8.8.1: Fri 3 Nov 2023 11:45:26 AEDT
# Added MacOS Administrative login to another session check
# 8.8.2: Fri 3 Nov 2023 19:38:55 AEDT
# Code cleanup for MacOS defaults function
# 8.8.3: Fri 3 Nov 2023 22:00:36 AEDT
# Improved MacOS version handling
# 8.8.4: Sat 4 Nov 2023 15:00:34 AEDT
# Added check for gsettings when running gnome checks
# 8.8.5: Sat 4 Nov 2023 16:31:08 AEDT
# Improved tcpwrappers check
# 8.8.6: Sat 4 Nov 2023 16:50:01 AEDT
# Improved verbose output
# 8.8.7: Sun 12 Nov 2023 20:41:54 AEDT
# Fixed PAM based account lockout issue
# 8.8.8: Sun 12 Nov 2023 20:57:03 AEDT
# More fixes for PAM checks
# 8.8.9: Sun 9 Jun 2024 15:02:54 AEST
# Fixed check_file_perms.sh find depth
# 8.9.0: Fri Jun 14 04:51:06 PM AEST 2024
# Fixed PAE check
# 8.9.1: Mon Jun 17 02:11:39 PM AEST 2024
# Improved wireless test
# 8.9.2: Mon Jun 17 02:19:52 PM AEST 2024
# Updated motd secure message check
# 8.9.3: Mon Jun 17 02:39:20 PM AEST 2024
# Updated ssh config check
# 8.9.4: Mon Jun 17 04:26:30 PM AEST 2024
# Fixes for auditd checks
# 8.9.5: Mon Jun 17 04:52:05 PM AEST 2024
# Improved syslog check
# 8.9.6: Tue Jun 18 18:23:09 AEST 2024
# Fixed code to print module info
# 8.9.7: Tue Jun 18 18:52:41 AEST 2024
# Updated command line handling
# 8.9.8: Tue 18 Jun 2024 21:30:13 AEST
# Updated defaults
# 8.9.9: Tue Jun 18 11:41:53 PM AEST 2024
# Improved systemctl check
# 9.0.0: Wed Jun 19 04:35:29 PM AEST 2024
# Improvements to reporting output
# 9.0.1: Wed Jun 19 08:24:22 PM AEST 2024
# Improvements to reporting output
# 9.0.2: Wed Jun 19 09:30:20 PM AEST 2024
# Improvements to reporting output
# 9.0.3: Fri 28 Jun 2024 14:28:00 AEST
# Major cleanup of code underway
# 9.0.4: Fri Jun 28 03:49:10 PM AEST 2024
# Fixed bug with old users check
# 9.0.5 Fri Jun 28 04:37:05 PM AEST 2024
# Fixed bug with daemon unmask check
# 9.0.6: Fri Jun 28 04:46:27 PM AEST 2024
# Improved select function check
# 9.0.7: Fri 28 Jun 2024 17:09:33 AEST
# Bug fixes
# 9.0.8: Fri Jul 5 10:27:59 AM AEST 2024
# Formatting and bug fixes
# 9.0.9: Fri Jul 5 01:41:18 PM AEST 2024
# Improved avahi conf check
# 9.1.0: Fri Jul 5 03:57:46 PM AEST 2024
# Output format improvements
# 9.1.1: Fri Jul 5 04:03:52 PM AEST 2024
# Fixed bug with systemctl command
# 9.1.2: Fri Jul 5 07:36:42 PM AEST 2024
# Added directory check to file check
# 9.1.3: Fri Jul 5 08:59:48 PM AEST 2024
# Added directory check to file append
# 9.1.4: Sat Jul 6 09:48:27 AM AEST 2024
# Initial clean up of defaults
# 9.1.5: Sat Jul 6 11:09:59 AM AEST 2024
# Updated documentation
# 9.1.6: Sat Jul 6 11:18:47 AM AEST 2024
# Cleaned up some commands
# 9.1.7: Sat Jul 6 11:47:47 AM AEST 2024
# Fixed temp_file assignment
# 9.1.8: Sat Jul 6 14:10:53 AEST 2024
# Disable results output when running in restore mode
# 9.1.9: Sat Jul 6 14:56:17 AEST 2024
# Added file checks for deleting some files
# 9.2.0: Sat Jul 6 15:07:51 AEST 2024
# Bug fixes
# 9.2.1: Sat Jul 6 08:35:44 PM AEST 2024
# Fixed wheel group test
# 9.2.2: Sat Jul 6 21:04:48 AEST 2024
# Fixed find command in cron test
# 9.2.3: Sat Jul 6 21:11:40 AEST 2024
# Improved gnome automount test
# 9.2.4: Sat Jul 6 21:20:59 AEST 2024
# Improved gnome screen lock test
# 9.2.5: Sat Jul 6 21:27:38 AEST 2024
# Improved cron allow test
# 9.2.6: Sat Jul 6 21:57:14 AEST 2024
# Improved gsettings function
# 9.2.7: Sun Jul 7 10:07:11 AM AEST 2024
# Improved file backup function
# 9.2.8: Sun Jul 7 10:12:53 AM AEST 2024
# Made file warnings consistent when file doesn't exist
# 9.2.9: Mon Jul 8 12:32:14 AEST 2024
# Improved aide check
# 9.3.0: Mon Jul 8 13:54:59 AEST 2024
# Improved tcp_wrappers check
# 9.3.1: Tue 9 Jul 2024 12:19:45 AEST
# Initial clean up of options to allow other containers besides docker
# 9.3.2: Tue Jul 9 14:47:38 AEST 2024
# Bug fixes
# 9.3.3: Tue Jul 9 21:23:27 AEST 2024
# Cleaned up tests/list options, added some multipass support for testing and updated documentation
# 9.3.4: Wed Jul 10 03:07:15 PM AEST 2024
# Improved dialog
# 9.3.5: Wed Jul 10 03:12:22 PM AEST 2024
# Bug fixes
# 9.3.6: Wed Jul 10 10:15:15 PM AEST 2024
# Bug fixes and improvements
# 9.3.7: Thu Jul 11 02:05:40 PM AEST 2024
# Added strict and debug switches
# 9.3.8: Thu Jul 11 05:07:08 PM AEST 2024
# Fixed return code in check_systemctl_service
# 9.3.9: Fri Jul 12 10:48:58 AM AEST 2024
# Bug fixes and improvements
# 9.4.0: Fri Jul 12 01:26:48 PM AEST 2024
# Bug fixes
# 9.4.1: Fri Jul 12 05:06:40 PM AEST 2024
# Bug fixes
# 9.4.2: Fri Jul 12 08:43:30 PM AEST 2024
# Fixed iptables check
# 9.4.3: Fri Jul 12 08:50:57 PM AEST 2024
# Fixed apparmor check
# 9.4.4: Fri Jul 12 09:00:09 PM AEST 2024
# Fixed sendmail daemon check
# 9.4.5: Fri Jul 12 09:09:28 PM AEST 2024
# Fixed ssh root key check
# 9.4.6: Fri Jul 12 09:43:08 PM AEST 2024
# Fixed duplicate users check
# 9.4.7: Sat Jul 13 09:09:54 AM AEST 2024
# Fixed user dot files check
# 9.4.8: Sat Jul 13 09:14:14 AM AEST 2024
# Fixed password fields check
# 9.4.9: Sat Jul 13 09:18:36 AM AEST 2024
# Fixed reserved ID check
# 9.5.0: Sat Jul 13 09:35:18 AM AEST 2024
# Fixed daemon umask check
# 9.5.1: Sat Jul 13 10:09:32 AM AEST 2024
# Fixed wheel group check
# 9.5.2: Sat Jul 13 10:14:43 AM AEST 2024
# Added wheel group and password hashing switches
# 9.5.3: Sat Jul 13 10:30:34 AM AEST 2024
# Fixed file permissions check
# 9.5.4: Sat Jul 13 10:38:11 AM AEST 2024
# Fixed old users check
# 9.5.5: Sat Jul 13 11:24:41 AM AEST 2024
# Fixed cron check and added anacron switch
# 9.5.6: Sat Jul 13 11:32:17 AM AEST 2024
# Fixed shadow group check
# 9.5.7: Sat Jul 13 11:39:27 AM AEST 2024
# Fixed xlogin check
# 9.5.8: Sat Jul 13 11:46:38 AM AEST 2024
# Fixed gnome banner check
# 9.5.9: Sat Jul 13 11:57:17 AM AEST 2024
# Fixed krb5 check
# 9.6.0: Sat Jul 13 12:03:35 PM AEST 2024
# Fixed NIS entries check
# 9.6.1: Sat Jul 13 12:13:35 PM AEST 2024
# Fixed avahi daemon check
# 9.6.2: Sat Jul 13 12:16:42 PM AEST 2024
# Fixed mount setuid check
# 9.6.3: Sat Jul 13 12:26:27 PM AEST 2024
# Fixed NFS check
# 9.6.4: Sat Jul 13 12:31:12 PM AEST 2024
# Fixed filesystem mount check
# 9.6.5: Sat Jul 13 12:48:49 PM AEST 2024
# Fixed syslog server check
# 9.6.6: Sat Jul 13 12:54:24 PM AEST 2024
# Fixed SNMP test
# 9.6.7: Sat Jul 13 01:03:46 PM AEST 2024
# Fixed chrony check
# 9.6.8: Sat Jul 13 01:07:45 PM AEST 2024
# Fixed dhcp server test
# 9.6.9: Sat Jul 13 01:10:26 PM AEST 2024
# Fixed apport check
# 9.7.0: Sat Jul 13 01:15:04 PM AEST 2024
# Fixed SPARC hardware check
# 9.7.1: Sat Jul 13 01:27:35 PM AEST 2024
# Documentation updates
# 9.7.2: Sat 13 Jul 2024 17:33:22 AEST
# Fixed version detection on MacOS
# 9.7.3: Sat 13 Jul 2024 17:37:35 AEST
# Fixed dmidecode check
# 9.7.4: Sat 13 Jul 2024 17:41:13 AEST
# Fixed SSH sandbox check
# 9.7.5: Sat 13 Jul 2024 17:43:01 AEST
# Fixed password strength test
# 9.7.6: Sat 13 Jul 2024 17:48:24 AES
# Fixed kernel accounting check
# 9.7.7: Sat 13 Jul 2024 17:57:16 AEST
# Fixed ntp check
# 9.7.8: Sat 13 Jul 2024 20:04:00 AEST
# Fixes for MacOS
# 9.7.9: Sat 13 Jul 2024 20:41:18 AEST
# More fixes for MacOS
# 9.8.0: Sat 13 Jul 2024 22:01:16 AEST
# Fixes for MacOS defaults checks
# 9.8.1: Sat 13 Jul 2024 22:05:46 AEST
# Fixed file sharing check
# 9.8.2: Sat 13 Jul 2024 22:10:29 AEST
# Fixed firewall setting check
# 9.8.3: Sat 13 Jul 2024 22:14:57 AEST
# More firewall setting check fixes
# 9.8.4: Sat 13 Jul 2024 22:24:09 AEST
# Fixed pmset check
# 9.8.5: Sat 13 Jul 2024 22:37:04 AEST
# Improved MacOS defaults check
# 9.8.6: Sat 13 Jul 2024 22:42:24 AEST
# Fixed dscl check
# 9.8.7: Sat 13 Jul 2024 22:50:22 AEST
# Fixed remote management check
# 9.8.8: Sat 13 Jul 2024 22:56:50 AEST
# Fixed safe downloads check
# 9.8.9: Sat 13 Jul 2024 23:06:29 AEST
# Fixed keychain lock check
# 9.9.0: Sat 13 Jul 2024 23:09:40 AEST
# Fixed application permissions check
# 9.9.1: Sat 13 Jul 2024 23:12:47 AEST
# Fixed touch ID check
# 9.9.2: Sat 13 Jul 2024 23:15:06 AEST
# Fixed APFS check
# 9.9.3: Sat 13 Jul 2024 23:17:18 AEST
# Fixed safari history check
# 9.9.4: Sat 13 Jul 2024 23:20:30 AEST
# Fixed safari warning check
# 9.9.5: Sat 13 Jul 2024 23:23:49 AEST
# Updated documentation
# 9.9.6: Sun 14 Jul 2024 10:45:51 AEST
# Fixed multipass VM check
# 9.9.7: Sun 14 Jul 2024 11:28:05 AEST
# Added debug switch to multipass
# 9.9.8: Sun 14 Jul 2024 11:39:07 AEST
# Added select switch to select
# 9.9.9: Sun 14 Jul 2024 12:03:00 AEST
# Improved systemctl check
# 10.0.0: Sun 14 Jul 2024 12:08:51 AEST
# Removed may need to be run as root warning for help and version switches
# 10.0.1: Sun 14 Jul 2024 12:21:36 AEST
# Improved gsettings check
# 10.0.2: Sun Jul 14 12:36:32 AEST 2024
# More improvements to gsettings check
# 10.0.3: Sun 14 Jul 2024 12:56:07 AEST
# Removed check_rpm function
# 10.0.4: Sun 14 Jul 2024 13:03:58 AEST
# Improved select function/module handling
# 10.0.5: Mon 15 Jul 2024 11:31:58 AEST
# Updated output
# 10.0.6: Mon Jul 22 14:59:00 AEST 2024
# Bug fixes
# 10.0.7: Mon Jul 22 15:06:52 AEST 2024
# Fix for systemctl check
# 10.0.8: Mon Jul 22 15:43:40 AEST 2024
# Fix for old users check
# 10.0.9: Fri 25 Apr 2025 13:55:04 AEST
# Code cleanup
# 10.1.0: Fri 25 Apr 2025 15:49:37 AEST
# Updated help routine
# 10.1.1: Sat 26 Apr 2025 10:54:56 AEST
# More code cleanup
# 10.1.2: Sat 26 Apr 2025 11:08:06 AEST
# Updated switch processing
# 10.1.3: Sat 26 Apr 2025 22:35:08 AEST
# Fixes recommended by Shellcheck
# 10.1.4: Sun 27 Apr 2025 11:35:45 AEST
# Fixed keychain sync check
# 10.1.5: Sun 27 Apr 2025 17:17:40 AEST
# Documentation updates
# 10.1.6: Sun 27 Apr 2025 18:53:29 AEST
# Updated modprobe filesystem kernel modules check
# 10.1.7: Sun Apr 27 07:58:25 PM AEST 2025
# Updated filesystem checks
# 10.1.8: Sun 27 Apr 2025 21:25:56 AEST
# Updated AppArmor test
# 10.1.9: Sun 27 Apr 2025 22:41:11 AEST
# Updated documentation
# 10.2.0: Sun 27 Apr 2025 23:10:52 AEST
# Updated virtual memory test and added ptrace test
# 10.2.1: Sun 27 Apr 2025 23:45:37 AEST
# Updated documentation and gdm test
# 10.2.2: Mon Apr 28 21:04:35 AEST 2025
# Broke out functions from main script
# 10.2.3: Tue Apr 29 09:28:23 AEST 2025
# Updated audit tests and documentation
# 10.2.4: Tue Apr 29 10:00:28 AEST 2025
# Updated rsyslog log rotate test
# 10.2.5: Tue Apr 29 13:07:05 AEST 2025
# Updated journald test
# 10.2.6: Tue Apr 29 13:27:54 AEST 2025
# Added shell timeout check
# 10.2.7: Tue Apr 29 15:16:39 AEST 2025
# Updated shell check
# 10.2.8: Tue Apr 29 15:20:43 AEST 2025
# Updated documentation
# 10.2.9: Tue Apr 29 18:19:12 AEST 2025
# Added root access test
# 10.3.0: Tue Apr 29 20:18:09 AEST 2025
# Added non root UID 0 test
# 10.3.1: Tue Apr 29 20:50:36 AEST 2025
# Added non root GID 0 test
# 10.3.2: Tue Apr 29 21:17:01 AEST 2025
# Added password history test
# 10.3.3: Tue Apr 29 22:10:06 AEST 2025
# Added inactive password lock test
# 10.3.4: Tue Apr 29 22:17:53 AEST 2025
# Updated documentation
# 10.3.5: Wed Apr 30 12:03:09 AEST 2025
# Started adding addition pam checks
# 10.3.6: Wed 30 Apr 2025 21:52:52 AEST
# Cleaned up PAM tests and added authtok test
# 10.3.7: Thu 1 May 2025 09:48:32 AEST
# Updated documentation and password quality tests
# 10.3.8: Thu 1 May 2025 11:19:34 AEST
# Updated tests and documentation
# 10.3.9: Thu 1 May 2025 12:00:56 AEST
# Renamed chkconfig test to make it more generic and updated documentation
# 10.4.0: Thu 1 May 2025 12:06:10 AEST
# Updated java test
# 10.4.1: Thu 1 May 2025 13:35:33 AEST
# Updated tests and documentation and add ftp client package test
# 10.4.2: Thu 1 May 2025 14:22:20 AEST
# Updated tests and documentation
# 10.4.3: Thu 1 May 2025 17:17:11 AEST
# Updated tests and documentation
# 10.4.4: Thu 1 May 2025 21:09:59 AEST
# Updated password quality documentation and tests
# 10.4.5: Thu 1 May 2025 22:20:53 AEST
# Documentation and test updates
# 10.4.6: Fri 2 May 2025 09:03:49 AEST
# Added sudo authenticate test
# 10.4.7: Fri 2 May 2025 09:22:59 AEST
# Added sudo NOPASSWD test
# 10.4.8: Fri 2 May 2025 10:42:57 AEST
# Updated sudo tests
# 10.4.9: Fri 2 May 2025 15:34:21 AEST
# Updated SSH config tests
# 10.5.0: Fri 2 May 2025 16:23:34 AEST
# Added SSH permissions test
# 10.5.1: Fri 2 May 2025 21:30:47 AEST
# Formatting cleanup
# 10.5.2: Sat 3 May 2025 15:57:37 AEST
# More formatting cleanup
# 10.5.3: Sat 3 May 2025 16:33:59 AEST
# Moved shellcheck function to core
# 10.5.4: Sat 3 May 2025 17:09:16 AEST
# Shellcheck fixes
# 10.5.5: Sun 4 May 2025 16:54:11 AEST
# Added ansible output for some tests
# 10.5.6: Mon 5 May 2025 10:37:12 AEST
# Added file comment function and updated ansible in some tests
# 10.5.7: Wed 7 May 2025 15:07:01 AEST
# Updated touch ID test
# 10.5.8: Wed 7 May 2025 15:41:38 AEST
# Updated Solaris audit class check
# 10.5.9: Thu 8 May 2025 10:50:22 AEST
# Updated some ansible stanzas
# 10.6.0: Fri 9 May 2025 15:49:24 AEST
# Updated AppArmor test
# 10.6.1: Fri 9 May 2025 15:51:10 AEST
# Fixed dot files test
# 10.6.2: Mon 12 May 2025 10:57:47 AEST
# Updated lockdown and restore commands in functions
# 10.6.3: Mon 12 May 2025 14:03:15 AEST
# Updated lockdown and restore commands in some modules
# 10.6.4: Mon 12 May 2025 14:30:16 AEST
# Updated lockdown and restore commands in some modules
# 10.6.5: Mon 12 May 2025 15:58:48 AEST
# Updated lockdown and restore commands in some modules
# 10.6.6: Thu 15 May 2025 18:10:29 AEST
# Added sudo check to some tests
# 10.6.7: Thu 15 May 2025 19:02:52 AEST
# Cleaned up some variable names
# 10.6.8: Thu 15 May 2025 20:42:06 AEST
# Updated xlogin test and some other tests
# 10.6.9: Thu 15 May 2025 22:23:07 AEST
# Updated formating of some tests
# 10.7.0: Sun 18 May 2025 15:52:53 AEST
# Updated formating of some tests
# 10.7.1: Mon May 19 00:26:10 AEST 2025
# Added function to print module and function names
# 10.7.2: Mon May 19 00:30:40 AEST 2025
# Fixed typos
# 10.7.3: Thu 29 May 2025 11:55:24 AEST
# Improved print_audit_info routine
# 10.7.4: Thu 29 May 2025 14:50:10 AEST
# Added lockdown check
# 10.7.5: Thu 29 May 2025 15:38:42 AEST
# Added dryrun switch
# 10.7.6: Thu 29 May 2025 15:47:11 AEST
# Fixed lockdown check
# 10.7.7: Thu 29 May 2025 16:32:48 AEST
# Improved listing of backups
# 10.7.8: Thu 29 May 2025 17:12:25 AEST
# Added lockdown/restore counting
# 10.7.9: Thu 29 May 2025 20:05:20 AEST
# Output improvements
# 10.8.0: Fri 30 May 2025 13:21:01 AEST
# Sudo improvements
# 10.8.1: Fri 30 May 2025 14:24:37 AEST
# Improved restore function
# 10.8.2: Fri 30 May 2025 14:30:04 AEST
# More improvements
# 10.8.3: Fri 30 May 2025 17:32:12 AEST
# Improved report
# 10.8.4: Fri 30 May 2025 19:42:47 AEST
# Cleaned up some variable names
# 10.8.5: Sat 31 May 2025 14:21:00 AEST
# Fixed check_file_value routine logging
# 10.8.6: Sat 31 May 2025 14:29:11 AEST
# Stopped check_environment running multiple times
# 10.8.7: Sat 31 May 2025 15:30:36 AEST
# Improved check_file_value routine
# 10.8.8: Sat May 31 15:38:14 AEST 2025
# Fixed bug with module_name being recast
# 10.8.9: Sat 31 May 2025 16:03:06 AEST
# Fixes based on POSIX sh recommendations from shellcheck
# 10.9.0: Sat 31 May 2025 16:09:06 AEST
# More shellcheck recommendations
# 10.9.1: Sat 31 May 2025 17:25:53 AEST
# Updated documentation
# 10.9.2: Thu Jan 15 11:57:32 AEDT 2026
# Updated Ubuntu codenames
# 10.9.3: Thu Jan 15 12:38:51 AEDT 2026
# Fixed OS version check in aide check
# 10.9.4: Thu Jan 15 14:16:46 AEDT 2026
# Improved virtual check
# 10.9.5: Thu Jan 15 14:22:12 AEDT 2026
# Added output file and format options for future improvements
# 10.9.6: Thu Jan 15 15:25:37 AEDT 2026
# Added hostname and domainname to OS info
# 10.9.7: Thu Jan 15 21:17:22 AEDT 2026
# Added initial CSV output
# 10.9.8: Thu Jan 15 21:26:27 AEDT 2026
# Fixed typo
# 10.9.9: Mon Jan 19 11:51:25 AEDT 2026
# Added initial Azure stub
# 11.0.0: Wed Jan 21 11:51:25 AEDT 2026
# Added Azure Storage Accounts audit stub
# 11.0.1: Wed Jan 21 15:52:58 AEDT 2026
# Added Azure Storage Accounts Key Expiration check
# 11.0.2: Thu Jan 22 14:47:19 AEDT 2026
# Fixed Azure Storage Accounts Key Expiration check
# 11.0.3: Thu Jan 22 17:10:30 AEDT 2026
# Added Azure Storage Accounts Key Regeneration check
# 11.0.4: Thu 22 Jan 2026 18:37:22 AEDT
# Added command_message routine
# 11.0.5: Thu 22 Jan 2026 20:44:42 AEDT
# Added Private Endpoint check for Storage Accounts
# 11.0.6: Thu 22 Jan 2026 21:29:00 AEDT
# Added Public Network Access check for Storage Accounts
# 11.0.7: Thu 22 Jan 2026 21:36:22 AEDT
# Added fix commands for some Storage Accounts tests
# 11.0.8: Thu 22 Jan 2026 21:41:33 AED
# Added check to verify default network access rule for Storage Accounts
# 11.0.9: Thu 22 Jan 2026 21:46:22 AEDT
# Added generic check_azure_storage_account_value function
# 11.1.0: Thu 22 Jan 2026 21:50:22 AEDT
# Added check to verify Microsoft Entra authorization for Storage Accounts
# 11.1.1: Thu 22 Jan 2026 21:51:33 AEDT
# Improved check_azure_storage_account_value function
# 11.1.2: Thu 22 Jan 2026 21:56:22 AEDT
# Added check to verify Azure services on the trusted services list for Storage Accounts
# 11.1.3: Thu 22 Jan 2026 22:06:22 AEDT
# Added check to verify Secure transfer required for Storage Accounts
# 11.1.4: Thu 22 Jan 2026 22:11:22 AEDT
# Added check to verify Cross Tenant Replication for Storage Accounts
# 11.1.5: Thu 22 Jan 2026 22:16:22 AEDT
# Added check to verify Allow blob public access for Storage Accounts
# 11.1.6: Thu 22 Jan 2026 22:21:22 AEDT
# Added Minimum TLS version check for Storage Accounts
# 11.1.7: Fri 23 Jan 2026 10:37:22 AEDT
# Added check_azure_resource_manager_locks function
# 11.1.8: Fri 23 Jan 2026 10:42:22 AEDT
# Added Azure Resource Manager Delete locks check for Storage Accounts
# 11.1.9: Fri 23 Jan 2026 10:46:22 AEDT
# Added Azure Resource Manager ReadOnly locks check for Storage Accounts
# 11.2.0: Fri 23 Jan 2026 11:12:39 AEDT
# Added Azure Storage Accounts Redundancy check
# 11.2.1: Fri 23 Jan 2026 11:51:22 AEDT
# Bug fixes and improvements
# 11.2.2: Fri 23 Jan 2026 12:06:22 AEDT
# Added check_azure_storage_blob_value function
# 11.2.3: Fri 23 Jan 2026 12:11:22 AEDT
# Added check for Azure Storage Blob Soft Delete
# 11.2.4: Fri 23 Jan 2026 12:16:22 AEDT
# Added check for Azure Storage Blob Days Retained
# 11.2.5: Fri 23 Jan 2026 14:12:30 AEDT
# Added Azure auth mode
# 11.2.6: Fri 23 Jan 2026 15:00:19 AEDT
# Added check_azure_storage_container_value function
# 11.2.7: Fri 23 Jan 2026 15:02:22 AEDT
# Added check for Azure Storage Container Soft Delete
# 11.2.8: Fri 23 Jan 2026 15:04:22 AEDT
# Added check for Azure Storage Container Days Retained
# 11.2.9: Fri 23 Jan 2026 15:06:22 AEDT
# Added check for Azure Storage Container Versioning
# 11.3.1: Fri 23 Jan 2026 20:06:22 AEDT
# Added check of Azure File Shares
# 11.3.2: Fri 23 Jan 2026 20:06:22 AEDT
# Added check for Azure File Shares Soft Delete
# 11.3.3: Fri 23 Jan 2026 20:06:22 AEDT
# Added check for Azure File Shares Days Retained
# 11.3.4: Fri 23 Jan 2026 20:06:22 AEDT
# Added check for Azure File Shares SMB Protocol Version
# 11.3.5: Fri 23 Jan 2026 20:06:22 AEDT
# Added check for Azure File Shares SMB Channel Encryption
# 11.3.6: Fri 23 Jan 2026 20:51:27 AEDT
# Added Azure CLI extension checks
# 11.3.7: Sat 24 Jan 2026 14:19:25 AEDT
# Added Azure Databricks check routine
# 11.3.8: Sat 24 Jan 2026 14:22:22 AEDT
# Added Azure Monitor check routine
# 11.3.9: Sat 24 Jan 2026 17:16:34 AEDT
# Added Azure Databricks TBD check list
# 11.4.0: Sat 24 Jan 2026 17:18:34 AEDT
# Added Azure Databricks No Public IP check
# 11.4.1: Sat 24 Jan 2026 17:19:34 AEDT
# Added Azure Databricks Private Link check
# 11.4.2: Sat 24 Jan 2026 17:20:34 AEDT
# Added Azure Databricks Private Endpoints check
# 11.4.3: Sat 24 Jan 2026 17:47:34 AEDT
# Added Azure Compute Services check stub
# 11.4.4: Sat 24 Jan 2026 17:48:34 AEDT
# Added Azure Database Services check stub
# 11.4.5: Sat 24 Jan 2026 17:58:34 AEDT
# Added Azure Identity Services check stub
# 11.4.6: Sat 24 Jan 2026 18:07:34 AEDT
# Added Azure Logging and Monitoring check stub
# 11.4.7: Sat 24 Jan 2026 18:13:34 AEDT
# Added Azure Networking Services check stub
# 11.4.8: Sat 24 Jan 2026 18:18:34 AEDT
# Added Azure Security Services check stub
# 11.4.9: Sat 24 Jan 2026 18:23:34 AEDT
# Added Azure Storage Services check stub
# 11.5.0: Sat 24 Jan 2026 21:32:22 AEDT
# Added Azure Guest Users check
# 11.5.1: Sun 25 Jan 2026 10:01:40 AEDT
# Added Azure User Access Administrator Role check
# 11.5.2: Sun 25 Jan 2026 11:19:03 AEDT
# Added Azure Custom Subscription Admin Roles check
# 11.5.3: Sun 25 Jan 2026 14:54:42 AEDT
# Added Azure Subscription Owners check
# 11.5.4: Sun 25 Jan 2026 17:50:12 AEDT
# Added Azure Subscription Diagnostic Settings check
# 11.5.5: Sun 25 Jan 2026 18:01:22 AEDT
# Added check to ensure Diagnostic Setting captures appropriate categories
# 11.5.6: Sun 25 Jan 2026 19:40:16 AEDT
# Added check to ensure Diagnostic Logs are encrypted
# 11.5.7: Sun 25 Jan 2026 21:02:32 AEDT
# Added Azure Survey check
# 11.5.8: Mon 26 Jan 2026 12:16:32 AEDT
# Split out Azure Diagnostic Settings checks into multiple routines
# 11.5.9: Mon 26 Jan 2026 18:11:56 AEDT
# Added Azure Key Vault Logging check
# 11.6.0: Mon 26 Jan 2026 18:21:09 AEDT
# Added stub for Azure NSG Flow Logs check
# 11.6.1: Mon 26 Jan 2026 18:26:22 AEDT
# Added stub for Azure AppService HTTP logs check
# 11.6.2: Mon 26 Jan 2026 18:27:22 AEDT
# Documentation and formatting updates
# 11.6.3: Mon 26 Jan 2026 18:57:48 AEDT
# Added stub for Azure Virtual Network Flow Logs check
# 11.6.4: Mon 26 Jan 2026 21:02:22 AEDT
# Added stub for Azure Entra Diagnostic Settings check
# 11.6.5: Mon 26 Jan 2026 21:11:22 AEDT
# Added stub for Azure Graph Diagnostic Settings check
# 11.6.6: Mon 26 Jan 2026 21:15:22 AEDT
# Added stub for Azure Intune Logs check
# 11.6.7: Mon 26 Jan 2026 21:34:22 AEDT
# Added Azure Activity Log Alerts Create Policy Assignment check
# 11.6.8: Mon 26 Jan 2026 21:41:22 AEDT
# Added Azure Activity Log Alerts Delete Policy Assignment check
# 11.6.9: Mon 26 Jan 2026 21:46:22 AEDT
# Added Azure Activity Log Alerts Create or Update Network Security Group check
# 11.7.0: Tue 27 Jan 2026 08:38:22 AEDT
# Added Azure Activity Log Alerts Delete Network Security Group check
# 11.7.1: Tue 27 Jan 2026 08:51:22 AEDT
# Added Azure Activity Log Alerts Create or Update Security Solution check
# 11.7.2: Tue 27 Jan 2026 08:54:22 AEDT
# Added Azure Activity Log Alerts Delete Security Solution check
# 11.7.3: Tue 27 Jan 2026 08:57:22 AEDT
# Added Azure Activity Log Alerts Create or Update SQL Server Firewall Rule check
# 11.7.4: Tue 27 Jan 2026 09:00:22 AEDT
# Added Azure Activity Log Alerts Delete SQL Server Firewall Rule check
# 11.7.5: Tue 27 Jan 2026 09:03:22 AEDT
# Added Azure Activity Log Alerts Create or Update Public IP Address rule check
# 11.7.6: Tue 27 Jan 2026 09:06:22 AEDT
# Added Azure Activity Log Alerts Delete Public IP Address rule check
# 11.7.7: Tue 27 Jan 2026 09:09:22 AEDT
# Added Azure Activity Log Alerts Service Health check
# 11.7.8: Tue 27 Jan 2026 09:26:22 AEDT
# Added Azure Application Insights check
# 11.7.9: Tue 27 Jan 2026 09:38:22 AEDT
# Added Azure Resource Logging check
# 11.8.0: Tue 27 Jan 2026 10:08:22 AEDT
# Added Azure SKU Basic/Consumption check
# 11.8.1: Tue 27 Jan 2026 11:16:00 AEDT
# Updated documentation
# 11.8.2: Tue 27 Jan 2026 12:18:37 AEDT
# Added Azure Extensions check
# 11.8.3: Tue 27 Jan 2026 13:22:22 AEDT
# Updated documentation
# 11.8.4: Tue 27 Jan 2026 14:10:22 AEDT
# Added Azure Microsoft Defender check for CSPM
# 11.8.5: Tue 27 Jan 2026 14:40:22 AEDT
# Added Azure Microsoft Defender check for CWP
# 11.8.6: Tue 27 Jan 2026 15:14:52 AEDT
# Added status check to Microsoft Defender check
# 11.8.7: Tue 27 Jan 2026 15:24:22 AEDT
# Added Azure Microsoft Defender check for Defender for Servers
# 11.8.8: Tue 27 Jan 2026 15:38:22 AEDT
# Added function to check Azure security setting values
# 11.8.9: Tue 27 Jan 2026 15:42:22 AEDT
# Code cleanup
# 11.9.0: Tue 27 Jan 2026 15:44:22 AEDT
# Typo fixes
# 11.9.1: Tue 27 Jan 2026 19:21:22 AEDT
# Added error handling to systemctl commands
# 11.9.2: Tue 27 Jan 2026 19:46:22 AEDT
# Added check that enpoint protection is enabled
# 11.9.3: Tue 27 Jan 2026 19:51:22 AEDT
# Added check that agentless scanning is enabled
# 11.9.4: Tue 27 Jan 2026 20:16:55 AEDT
# Added check for Microsoft Defender for Containers
# 11.9.5: Tue 27 Jan 2026 20:19:55 AEDT
# Added check for Microsoft Defender for Storage
# 11.9.6: Tue 27 Jan 2026 20:23:55 AEDT
# Added check for Microsoft Defender for App Services
# 11.9.7: Tue 27 Jan 2026 20:26:55 AEDT
# Added check for Microsoft Defender for Azure Cosmos DB
# 11.9.8: Tue 27 Jan 2026 20:31:22 AEDT
# Added check for Microsoft Defender for Open-Source RDBMS
# 11.9.9: Tue 27 Jan 2026 20:34:22 AEDT
# Updated documentation
# 12.0.0: Tue Jan 27 20:36:59 AEDT 2026
# Added check for Microsoft Defender for SQL Server
# 12.0.1: Tue Jan 27 20:39:35 AEDT 2026
# Added check for Microsoft Defender for SQL Servers on Machines
# 12.0.2: Tue Jan 27 20:43:22 AEDT 2026
# Added check for Microsoft Defender for Azure Key Vault
# 12.0.3: Tue Wed 28 10:16:12 AEDT 2026
# Added check for Microsoft Defender for Resource Manager
# 12.0.4: Tue Wed 28 12:58:38 AEDT 2026
# Added Azure Security Contact check
# 12.0.5: Tue Wed 28 13:26:02 AEDT 2026
# Added Azure Security Contact check for email address
# 12.0.6: Tue Wed 28 13:28:02 AEDT 2026
# Added Azure Security Contact check for alert notifications
# 12.0.7: Tue Wed 28 13:30:02 AEDT 2026
# Updated documentation
# 12.0.8: Tue Wed 28 13:35:02 AEDT 2026
# Added Azure Security Contact check for alert notifications severity
# 12.0.9: Tue Wed 28 17:08:33 AEDT 2026
# Improved Microsoft Defender check
# 12.1.0: Thu 29 Jan 2026 15:07:22 AEDT
# Added Azure Key Vault check for key enabled status
# 12.1.1: Thu 29 Jan 2026 15:10:22 AEDT
# Added Azure Key Vault check for key expiry date
# 12.1.2: Thu 29 Jan 2026 15:46:51 AEDT
# Updated output for checks to be more consistent
# 12.1.3: Thu 29 Jan 2026 15:53:49 AEDT
# Updated checks for Azure Key Vault keys
# 12.1.4: Thu 29 Jan 2026 17:32:22 AEDT
# Added Azure Key Vault Purge Protection check
# 12.1.5: Thu 29 Jan 2026 18:04:54 AEDT
# Added Azure Key Vault RBAC check
# 12.1.6: Thu 29 Jan 2026 19:58:18 AEDT
# Function variable alignment for azure checks
# 12.1.7: Thu 29 Jan 2026 21:01:10 AEDT
# Added Azure Key Vault Public Network Access check
# 12.1.8: Thu 29 Jan 2026 21:30:38 AEDT
# Added Azure Key Vault Private Endpoint check
# 12.1.9: Fri 30 Jan 2026 14:04:38 AEDT
# Added command_message function
# 12.2.0: Fri 30 Jan 2026 14:06:38 AEDT
# Added key vault check for key rotation
# 12.2.1: Fri 30 Jan 2026 14:47:22 AEDT
# Fixed Azure Databricks check
# 12.2.2: Fri 30 Jan 2026 15:50:22 AEDT
# Started adding command_message function support
# 12.2.3: Fri 30 Jan 2026 15:53:22 AEDT
# Updated documentation
# 12.2.4: Fri 30 Jan 2026 15:56:22 AEDT
# Fixed Azure Application Insights check
# 12.2.5: Fri 30 Jan 2026 15:58:22 AEDT
# Cleaned up Azure User Access Administrator Role check
# 12.2.6: Fri 30 Jan 2026 16:18:22 AEDT
# Cleaned up some Azure storage checks
# 12.2.7: Fri 30 Jan 2026 16:46:22 AEDT
# Improved environment checking
# 12.2.8: Fri 30 Jan 2026 17:04:10 AEDT
# Added Azure login check
# 12.2.9: Fri 30 Jan 2026 17:12:10 AEDT
# Updated Azure Monitor Diagnostic Settings check
# 12.3.0: Sat 31 Jan 2026 11:59:26 AEDT
# Updated Azure Activity Log Alerts check
# 12.3.1: Sat 31 Jan 2026 12:34:51 AEDT
# Updated Azure Key Vault check
# 12.3.2: Sat 31 Jan 2026 12:36:51 AEDT
# Updated Azure Key Vault logging check
# 12.3.3: Sat 31 Jan 2026 15:06:48 AEDT
# Added command_message support to more Azure modules/functions
# 12.3.4: Sat 31 Jan 2026 15:47:22 AEDT
# Added command_message support to check_environment
# 12.3.5: Sun 01 Feb 2026 11:01:22 AEDT
# Added command_message support to modules in users directory
# 12.3.6: Sun 01 Feb 2026 15:43:22 AEDT
# Added command_message support to modules in wheel directory
# 12.3.7: Sun 01 Feb 2026 15:45:22 AEDT
# Added command_message support to modules in sudo directory
# 12.3.8: Sun 01 Feb 2026 15:47:22 AEDT
# Added command_message support to modules in sunos directory
# 12.3.9: Sun 01 Feb 2026 15:49:22 AEDT
# Added command_message support to modules in syslog directory
# 12.4.0: Sun 01 Feb 2026 15:51:22 AEDT
# Added command_message support to modules in talk directory
# 12.4.1: Sun 01 Feb 2026 15:53:22 AEDT
# Added command_message support to modules in tcp directory
# 12.4.2: Sun 01 Feb 2026 15:55:22 AEDT
# Added command_message support to modules in telnet directory
# 12.4.3: Sun 01 Feb 2026 20:54:46 AEDT
# Added command_message support to modules in ssh directory
# 12.4.4: Sun 01 Feb 2026 20:56:46 AEDT
# Added command_message support to modules in services directory
# 12.4.5: Sun 01 Feb 2026 21:04:54 AEDT
# Added command_message support to modules in remote directory
# 12.4.6: Sun 01 Feb 2026 21:17:54 AEDT
# Added command_message support to modules in print directory
# 12.4.7: Sun 01 Feb 2026 21:19:16 AEDT
# Added command_message support to modules in power directory
# 12.4.8: Mon 02 Feb 2026 07:18:53 AEDT
# Added command_message support to modules in password directory
# 12.4.9: Mon 02 Feb 2026 07:32:53 AEDT
# Added command_message support to modules in pam directory
# 12.5.0: Mon 02 Feb 2026 07:51:53 AEDT
# Added command_message support to modules in nis directory
# 12.5.1: Mon 02 Feb 2026 08:00:22 AEDT
# Added command_message support to modules in mounts directory
# 12.5.2: Mon 02 Feb 2026 08:07:22 AEDT
# Added command_message support to modules in mail directory
# 12.5.3: Mon 02 Feb 2026 08:11:22 AEDT
# Added command_message support to modules in logs directory
# 12.5.4: Mon 02 Feb 2026 08:22:22 AEDT
# Added command_message support to modules in login directory
# 12.5.5: Mon 02 Feb 2026 08:24:22 AEDT
# Added command_message support to modules in linux directory
# 12.5.6: Mon 02 Feb 2026 08:26:22 AEDT
# Commit some of the command_message changes
# 12.5.7: Mon 02 Feb 2026 13:12:23 AEDT
# Fixed typo
# 12.5.8: Mon 02 Feb 2026 21:14:23 AEDT
# Improved output for some checks
# 12.5.9: Mon 02 Feb 2026 21:48:57 AEDT
# Improved output for modules in fs directory
# 12.6.0: Tue 03 Feb 2026 11:20:57 AEDT
# Improved output for modules in other directories
# 12.6.1: Tue 03 Feb 2026 11:23:43 AEDT
# Fixed typo in audit_wireless.sh
# 12.6.2: Tue 03 Feb 2026 12:24:54 AEDT
# Update some more functions to use command_message
# 12.6.3: Tue 03 Feb 2026 12:25:13 AEDT
# Updated audit_system_accounts.sh to allow single ! in shadow field
# 12.6.4: Tue 03 Feb 2026 15:32:34 AEDT
# Updated more modules to use command_message
# 12.6.5: Tue 03 Feb 2026 16:36:34 AEDT
# Improved user account check for shells
# 12.6.6: Tue 03 Feb 2026 17:18:22 AEDT
# Typo fixes
# 12.6.7: Tue 03 Feb 2026 20:13:17 AEDT
# Updates and bug fixes
# 12.6.8: Wed 04 Feb 2026 10:55:40 AEDT
# Updates and bug fixes for AWS modules
# 12.6.9: Wed 04 Feb 2026 11:01:40 AEDT
# Added command_message support to modules in audit directory
# 12.7.0: Wed 04 Feb 2026 13:19:29 AEDT
# Added command_message support to modules in esxi directory
# 12.7.1: Wed 04 Feb 2026 13:23:29 AEDT
# Added command_message support to modules in firewall directory
# 12.7.2: Wed 04 Feb 2026 13:26:29 AEDT
# Added command_message support to modules in fs directory
# 12.7.3: Wed 04 Feb 2026 13:28:29 AEDT
# Bug fixes and improvements
# 12.7.4: Thu 05 Feb 2026 20:45:10 AEDT
# Added Azure NSG Security Rules check for RDP and SSH access
# 12.7.5: Thu 05 Feb 2026 21:01:24 AEDT
# Improved Azure NSG Security Rules check
# 12.7.6: Thu 05 Feb 2026 21:10:24 AEDT
# Added Azure NSG Security Rules check for UDP access
# 12.7.7: Fri 06 Feb 2026 11:15:24 AEDT
# Added Azure NSG Security Rules check for HTTP(S)
# 12.7.8: Fri 06 Feb 2026 11:22:24 AEDT
# Updated documentation for Azure NSG Security Rules check
# 12.7.9: Fri 06 Feb 2026 11:26:24 AEDT
# Added Azure Network Watcher check
# 12.8.0: Fri 06 Feb 2026 13:32:24 AEDT
# Documentation updates
# 12.8.1: Fri 06 Feb 2026 13:35:24 AEDT
# Added Azure Public IPs check
# 12.8.2: Fri 06 Feb 2026 15:37:24 AEDT
# Added Azure Network Watcher Flow Logs check
# 12.8.3: Fri 06 Feb 2026 16:01:24 AEDT
# Updated Azure Network Watcher Flow Logs check
# 12.8.4: Fri 06 Feb 2026 16:07:24 AEDT
# Added Azure Authentication Type check stub
# 12.8.5: Fri 06 Feb 2026 17:29:24 AEDT
# Added Azure WAF check
# 12.8.6: Fri 06 Feb 2026 17:31:24 AEDT
# Added Azure VNet check
# 12.8.7: Sat 07 Feb 2026 11:35:30 AEDT
# Added Azure WAF SSL Policy check
# 12.8.8: Sat 07 Feb 2026 11:58:30 AEDT
# Added Azure WAF HTTP2 check
# 12.8.9: Sat 07 Feb 2026 18:40:30 AEDT
# Added Azure WAF Request Body check
# 12.9.0: Sun 08 Feb 2026 14:39:15 AEDT
# Added Azure WAF Inspection Policy check
# 12.9.1: Sun 08 Feb 2026 14:51:15 AEDT
# Added Azure Network Security Perimeter module check
# 12.9.2: Sun 08 Feb 2026 16:00:15 AEDT
# Added Azure Network Security Perimeter check
# 12.9.3: Tue 10 Feb 2026 16:00:15 AEDT
# Replaced regex with case statement in several functions
# 12.9.4: Tue 10 Feb 2026 16:45:15 AEDT
# Added Azure Storage SAS check
# 12.9.5: Tue 10 Feb 2026 16:50:15 AEDT
# Added Azure Storage SAS HTTPS Only check
# 12.9.6: Tue 10 Feb 2026 18:01:15 AEDT
# Added Azure Storage SAS token expiration check stub
# 12.9.7: Tue 10 Feb 2026 18:05:15 AEDT
# Updates and improvements
# 12.9.8: Thu 12 Feb 2026 13:13:41 AEDT
# Updated and improvements
# 12.9.9: Thu 12 Feb 2026 16:27:41 AEDT
# Added Azure Elastic SAN module check
# 13.0.0: Thu 12 Feb 2026 16:32:31 AEDT
# Updated and improvements
# 13.0.1: Thu 12 Feb 2026 16:55:41 AEDT
# Added execute_command function
# 13.0.2: Thu 12 Feb 2026 18:01:47 AEDT
# Added Azure Elastic SAN check
# 13.0.3: Fri 13 Feb 2026 11:01:47 AEDT
# Added Azure Site Recovery module check
# 13.0.4: Fri 13 Feb 2026 17:15:47 AEDT
# Added Azure Recovery Service Vaults check
# 13.0.5: Fri 13 Feb 2026 17:29:47 AEDT
# Added Azure Virtual Network Access Rules check
# 13.0.6: Fri 13 Feb 2026 17:51:47 AEDT
# Added Azure Network Private Endpoints check
# 13.0.7: Fri 13 Feb 2026 17:55:47 AEDT
# Added Azure amlfs extension check
# 13.0.8: Sat 14 Feb 2026 11:52:20 AEDT
# Added Azure Managed Lustre check
# 13.0.9: Sat 14 Feb 2026 11:55:20 AEDT
# Added Azure Storage File System check
# 13.1.0: Sat 14 Feb 2026 11:58:20 AEDT
# Added Azure dataprotection extension check
# 13.1.1: Sat 14 Feb 2026 03:50:57 PM AEDT
# Added initial code for Azure Data Protection Backup Vault check
# 13.1.2: Mon 16 Feb 2026 12:40:01 PM AEDT
# Updates and Improvements
# 13.1.3: Mon 16 Feb 2026 01:18:57 PM AEDT
# Fixed check_shellcheck to use find instead of ls
# 13.1.4: Mon 16 Feb 2026 01:37:57 PM AEDT
# Applied shellcheck recommendation to azure functions
# 13.1.5: Mon 16 Feb 2026 01:45:57 PM AEDT
# Updates and improvements
# 13.1.6: Mon 16 Feb 2026 02:02:57 PM AEDT
# Applied shellcheck recommendations to azure modules
# 13.1.7: Mon 16 Feb 2026 02:27:57 PM AEDT
# Applied shellcheck recommendations to several modules
# 13.1.8: Mon 16 Feb 2026 03:28:57 PM AEDT
# Added Azure tenant ID support
# 13.1.9: Mon 16 Feb 2026 04:52:57 PM AEDT
# Added Azure allow no subscriptions support
# 13.2.0: Mon 16 Feb 2026 05:01:57 PM AEDT
# Added Azure Backup Vaults check
# 13.2.1: Mon 16 Feb 2026 05:19:38 PM AEDT
# Added additional checks to Azure Backup Vaults check
# 13.2.2: Mon 16 Feb 2026 05:29:38 PM AEDT
# Added additional checks to Azure Backup Vaults check
# 13.2.3: Mon 16 Feb 2026 05:32:38 PM AEDT
# Updates and improvements
# 13.2.4: Mon 16 Feb 2026 05:45:38 PM AEDT
# Added additional checks to Azure Backup Vaults check
# 13.2.5: Mon 16 Feb 2026 06:38:57 PM AEDT
# Added Azure Recovery Services Vault check
# 13.2.6: Mon 16 Feb 2026 06:41:57 PM AEDT
# Updates and improvements
# 13.2.7: Tue 17 Feb 2026 10:45:57 AM AEDT
# Updated Azure Recovery Services Vault check
# 13.2.8: Tue 17 Feb 2026 12:54:28 PM AEDT
# Added Azure File Shares check for NFS Root Squash
# 13.2.9: Tue 17 Feb 2026 01:54:28 PM AEDT
# Updates and improvements
# 13.3.0: Tue 17 Feb 2026 02:17:28 PM AEDT
# Added Azure NetApp Files check
# 13.3.1: Tue 17 Feb 2026 02:27:28 PM AEDT
# Updates and improvements
# 13.3.2: Tue 17 Feb 2026 05:14:46 PM AEDT
# Added additional Azure Elastic SAN checks
# 13.3.3: Tue 17 Feb 2026 05:45:46 PM AEDT
# Improved Arch Linux support
# 13.3.4: Wed 18 Feb 2026 11:10:46 AM AEDT
# Added Azure Databox extension check
# 13.3.5: Wed 18 Feb 2026 12:06:14 PM AEDT
# Added Azure Databox check
# 13.3.6: Wed 18 Feb 2026 12:22:55 PM AEDT
# Updates and improvements
# 13.3.7: Wed 18 Feb 2026 01:59:55 PM AEDT
# Updates and improvements
# 13.3.8: Wed 18 Feb 2026 09:02:55 PM AEDT
# Added Azure Storage Blob Policy Value check
# 13.3.9: Wed 18 Feb 2026 09:05:55 PM AEDT
# Updates and improvements
# 13.4.0: Wed 18 Feb 2026 11:22:55 PM AEDT
# Added Azure Storage Logging check for queues
# 13.4.1: Wed 18 Feb 2026 11:40:55 PM AEDT
# Added Azure Storage Logging check for blobs
# 13.4.2: Thu 19 Feb 2026 06:45:51 AM AEDT
# Added Azure Storage Logging check for tables
# 13.4.3: Thu 19 Feb 2026 06:45:51 AM AEDT
# Updates and improvements
# 13.4.4: Thu 19 Feb 2026 12:45:51 PM AEDT
# Added Azure Storage Account Delete Locks check
# 13.4.5: Thu 19 Feb 2026 01:15:51 PM AEDT
# Added Azure Storage Account Read-only Locks check
# 13.4.6: Thu 19 Feb 2026 01:26:27 PM AEDT
# Updates and improvements
# 13.4.7: Fri 20 Feb 2026 06:24:27 AM AEDT
# Added initial Redis Cache tests
# 13.4.8: Fri 20 Feb 2026 06:24:27 AM AEDT
# Updates and improvements
# 13.4.9: Fri 20 Feb 2026 06:24:27 AM AEDT
# Added Azure Redis Cache TLS check
# 13.5.0: Fri 20 Feb 2026 06:24:27 AM AEDT
# Added Azure Redis Cache Public Network Access check
# 13.5.1: Fri 20 Feb 2026 09:23:27 AM AEDT
# Added Azure Redis Cache Private Link check
# 13.5.2: Fri 20 Feb 2026 09:58:27 AM AEDT
# Added Azure redisenterprise extension check
# 13.5.3: Fri 20 Feb 2026 10:01:27 AM AEDT
# Added Azure Redis Enterprise function
# 13.5.4: Fri 20 Feb 2026 10:23:27 AM AEDT
# Added Azure Redis Enterprise Cache Customer-Managed Keys check
# 13.5.5: Fri 20 Feb 2026 11:17:30 AM AEDT
# Added Azure Redis Cache Access Keys Authentication check
# 13.5.6: Fri 20 Feb 2026 11:22:30 AM AEDT
# Added Azure Redis Cache Update Channel check
# 13.5.7: Fri 20 Feb 2026 11:22:30 AM AEDT
# Added Azure Cosmos DB Firewalls & Networks check
# 13.5.8: Fri 20 Feb 2026 11:22:30 AM AEDT
# Added Azure Cosmos DB Private Endpoints check
# 13.5.9: Fri 20 Feb 2026 03:59:23 PM AEDT
# Added Azure Cosmos DB Disable Local Auth check
# 13.6.0: Fri 20 Feb 2026 04:09:23 PM AEDT
# Updates and improvements
# 13.6.1: Fri 20 Feb 2026 04:24:23 PM AEDT
# Added Azure Cosmos DB Customer-Managed Keys check
# 13.6.2: Fri 20 Feb 2026 06:09:23 PM AEDT
# Added Azure Cosmos DB Firewalls & Networks IP Rules check
# 13.6.3: Sat 21 Feb 2026 06:09:23 PM AEDT
# Added Azure Cosmos DB Logging check
# 13.6.4: Sat 21 Feb 2026 07:09:23 PM AEDT
# Added Azure Data Factory module check
# 13.6.5: Sat 21 Feb 2026 07:09:23 PM AEDT
# Added Azure Data Factory Customer-Managed Keys check
# 13.6.6: Sat 21 Feb 2026 07:09:23 PM AEDT
# Added Azure Data Factory Managed Identities check
# 13.6.7: Sat 21 Feb 2026 09:09:23 PM AEDT
# Added Azure Data Factory Using Azure Key Vault check
# 13.6.8: Sun 22 Feb 2026 09:39:23 PM AEDT
# Added Azure Data Factory Using RBAC check
# 13.6.9: Sun 22 Feb 2026 09:39:23 PM AEDT
# Updates and improvements
# 13.7.0: Sun 22 Feb 2026 02:19:13 PM AEDT
# Added initial Azure MySQL DB module
# 13.7.1: Sun 22 Feb 2026 02:19:13 PM AEDT
# Added initial Azure MySQL DB function
# 13.7.2: Sun 22 Feb 2026 03:19:13 PM AEDT
# Added support for Azure MySQL Flexible Server
# 13.7.3: Sun 22 Feb 2026 03:22:13 PM AEDT
# Added support for Azure MySQL Single Server
# 13.7.4: Sun 22 Feb 2026 03:22:13 PM AEDT
# Added check for Azure MySQL DB Customer-Managed Keys
# 13.7.5: Sun 22 Feb 2026 03:22:13 PM AEDT
# Added check for Azure MySQL DB Microsoft Entra Authentication
# 13.7.6: Sun 22 Feb 2026 03:22:13 PM AEDT
# Updates and improvements
# 13.7.7: Sun 22 Feb 2026 03:38:13 PM AEDT
# Added check for Azure MySQL DB Public Network Access
# 13.7.8: Sun 22 Feb 2026 03:43:13 PM AEDT
# Added check for Azure MySQL DB Private Endpoints
# 13.7.9: Sun 22 Feb 2026 03:50:37 PM AEDT
# Added check stub for Azure MySQL DB Audit Log
# 13.8.0: Sun 22 Feb 2026 03:51:37 PM AEDT
# Added check stub for Azure MySQL DB Audit Log connection
# 13.8.1: Sun 22 Feb 2026 03:55:37 PM AEDT
# Added check stub for Azure MySQL DB Error Server Log File
# 13.8.2: Sun 22 Feb 2026 03:55:37 PM AEDT
# Added check stub for Azure MySQL DB Require Secure Transport
# 13.8.3: Sun 22 Feb 2026 03:59:37 PM AEDT
# Added check stub for Azure MySQL DB TLS Version
# 13.8.4: Tue 24 Feb 2026 01:24:08 PM AEDT
# Added initial Azure PostgreSQL DB module
# 13.8.5: Tue 24 Feb 2026 01:34:08 PM AEDT
# Added initial support for Azure PostgreSQL Flexible Server
# 13.8.6: Tue 24 Feb 2026 01:44:08 PM AEDT
# Added initial support for Azure PostgreSQL Single Server
# 13.8.7: Tue 24 Feb 2026 01:54:08 PM AEDT
# Add initial Azure PostgreSQL DB checks
# 13.8.8: Tue 24 Feb 2026 02:04:08 PM AEDT
# Updates and improvements
# 13.8.9: Tue 24 Feb 2026 04:04:08 PM AEDT
# Added initial Azure SQL DB module
# 13.9.0: Tue 24 Feb 2026 04:04:08 PM AEDT
# Added initial Azure SQL DB function
# 13.9.1: Tue 24 Feb 2026 04:09:08 PM AEDT
# Updates and improvements
# 13.9.2: Tue 24 Feb 2026 21:33:43 PM AEDT
# Updates and improvements
# 13.9.3: Wed 25 Feb 2026 11:42:53 AM AEDT
# Added initial Azure App Service App module
# 13.9.4: Wed 25 Feb 2026 11:42:53 AM AEDT
# Added initial Azure App Service App function
# 13.9.5: Wed 25 Feb 2026 11:42:53 AM AEDT
# Formating updates
# 13.9.6: Wed 25 Feb 2026 11:52:53 AM AEDT
# Added Azure App Service App check for Java
# 13.9.7: Wed 25 Feb 2026 11:52:53 AM AEDT
# Updates and improvements
# 13.9.8: Wed 25 Feb 2026 12:52:53 PM AEDT
# Added Azure App Service App check for Python
# 13.9.9: Wed 25 Feb 2026 01:12:53 PM AEDT
# Added Azure App Service App check for PHP
# 14.0.0: Wed 25 Feb 2026 01:59:53 PM AEDT
# Added Azure App Service App check for Basic Authentication Publishing Credentials
# 14.0.1: Wed 25 Feb 2026 02:10:53 PM AEDT
# Added Azure App Service App check for FTP State
# 14.0.2: Wed 25 Feb 2026 03:07:53 PM AEDT
# Bug fixes
# 14.0.3: Wed 25 Feb 2026 03:20:53 PM AEDT
# Added Azure App Service App check for HTTP Version
# 14.0.4: Wed 25 Feb 2026 03:20:53 PM AEDT
# Added Azure App Service App check for HTTPS Only
# 14.0.5: Wed 25 Feb 2026 04:20:53 PM AEDT
# Added Azure App Service App check for Minimum Inbound TLS Version
# 14.0.6: Wed 25 Feb 2026 04:50:53 PM AEDT
# Added Azure App Service App check for end to end TLS encryption
# 14.0.7: Wed 25 Feb 2026 05:20:53 PM AEDT
# Added Azure App Service App check for Remote Debugging
# 14.0.8: Wed 25 Feb 2026 05:50:53 PM AEDT
# Added Azure App Service App check for Client Certificates
# 14.0.9: Wed 25 Feb 2026 06:20:53 PM AEDT
# Added Azure App Service App check for Authentication
# 14.1.0: Wed 25 Feb 2026 06:20:53 PM AEDT
# Added Azure App Service App check for Managed Identities
# 14.1.1: Wed 25 Feb 2026 06:20:53 PM AEDT
# Added Azure App Service App check for Public Network Access
# 14.1.2: Wed 25 Feb 2026 06:20:53 PM AEDT
# Added Azure App Service App check for App Service Plan SKU
# 14.1.3: Wed 25 Feb 2026 10:20:21 PM AEDT
# Added Azure App Service App check for Private Endpoints
# 14.1.4: Thu 26 Feb 2026 10:37:21 AM AEDT
# Added Azure App Service App check for Private DNS Zone
# 14.1.5: Thu 26 Feb 2026 10:47:21 AM AEDT
# Added Azure App Service App check for Virtual Network Integration
# 14.1.6: Thu 26 Feb 2026 11:00:21 AM AEDT
# Added Azure App Service App check for VNet Image Pull
# 14.1.7: Thu 26 Feb 2026 11:00:21 AM AEDT
# Added Azure App Service App check for VNet Content Share
# 14.1.8: Thu 26 Feb 2026 11:13:09 AM AEDT
# Added Azure App Service App check for Cross-Origin Resource Sharing
# 14.1.9: Thu 26 Feb 2026 12:42:49 PM AEDT
# Added Azure App Service Deployment Slot audit module
# 14.2.0: Thu 26 Feb 2026 12:44:59 AEDT
# Added Azure App Service Deployment Slot function
# 14.2.1: Thu 26 Feb 2026 12:47:19 AEDT
# Added Azure App Service Deployment Slot Java version check
# 14.2.2: Thu 26 Feb 2026 12:49:16 AEDT
# Added Azure App Service Deployment Slot Python version check
# 14.2.3: Thu 26 Feb 2026 12:50:09 AEDT
# Added Azure App Service Deployment Slot PHP version check
# 14.2.4: Thu 26 Feb 2026 13:08:16 AEDT
# Added Azure App Service Deployment Slot Basic Authentication Publishing Credentials
# 14.2.4: Thu 26 Feb 2026 13:10:25 AEDT
# Added Azure App Service Deployment Slot FTP state check
# 14.2.5: Thu 26 Feb 2026 13:11:07 AEDT
# Added Azure App Service Deployment HTTP version check
# 14.2.6: Thu 26 Feb 2026 13:13:38 AEDT
# Added Azure App Service Deployment HTTPs check
# 14.2.7: Thu 26 Feb 2026 13:14:36 AEDT
# Added Azure App Service Deployment Slot TLS version check
# 14.2.8: Thu 26 Feb 2026 13:16:53 AEDT
# Added Azure App Service Deployment Slot end to end TLS encryptions check
# 14.2.9: Thu 26 Feb 2026 13:20:20 AEDT
# Added Azure App Service Deployment Slot Remote Debugging check
# 14.2.9: Thu 26 Feb 2026 13:27:03 AEDT
# Added Azure App Service Deployment Slot Client Certificates check
# 14.2.9: Thu 26 Feb 2026 13:28:00 AEDT
# Added Azure App Service Deployment Slot Managed Identities check
# 14.3.0: Thu 26 Feb 2026 13:28:23 AEDT
# Added Azure App Service Deployment Slot Public Network Access check
# 14.3.1: Thu 26 Feb 2026 13:39:41 AEDT
# Added Azure App Service Deployment Slot VNet check
# 14.3.2: Thu 26 Feb 2026 13:40:33 AEDT
# Added Azure App Service Deployment Slot VNet Routing check
# 14.3.3: Thu 26 Feb 2026 13:41:45 AEDT
# Added Azure App Service Deployment Slot Cross-Origin Resource Sharing check
# 14.3.4: Thu 26 Feb 2026 13:44:47 AEDT
# Updates and improvements
# 14.3.5: Thu 26 Feb 2026 15:46:47 AEDT
# Added Azure Function App module
# 14.3.6: Thu 26 Feb 2026 16:47:47 AEDT
# Added Azure Function App function
# 14.3.7: Thu 26 Feb 2026 16:48:47 AEDT
# Added Azure Function App check for Java version
# 14.3.8: Thu 26 Feb 2026 16:49:47 AEDT
# Added Azure Function App check for Python version
# 14.3.9: Thu 26 Feb 2026 16:50:47 AEDT
# Added Azure Function App check for PHP version
# 14.4.0: Thu 26 Feb 2026 16:51:47 AEDT
# Added Azure Function App check for Basic Authentication Publishing Credentials
# 14.4.1: Thu 26 Feb 2026 16:52:47 AEDT
# Added Azure Function App check for FTP state
# 14.4.2: Thu 26 Feb 2026 16:53:47 AEDT
# Added Azure Function App check for HTTP version
# 14.4.3: Thu 26 Feb 2026 16:54:47 AEDT
# Added Azure Function App check for HTTPS only
# 14.4.4: Thu 26 Feb 2026 16:55:47 AEDT
# Added Azure Function App check for Minimum Inbound TLS Version
# 14.4.5: Thu 26 Feb 2026 16:56:47 AEDT
# Added Azure Function App check for end to end TLS encryption
# 14.4.6: Thu 26 Feb 2026 16:57:47 AEDT
# Added Azure Function App check for Remote Debugging
# 14.4.7: Thu 26 Feb 2026 16:58:47 AEDT
# Added Azure Function App check for Client Certificates
# 14.4.8: Thu 26 Feb 2026 16:59:47 AEDT
# Added Azure Function App check for Authentication
# 14.4.9: Thu 26 Feb 2026 17:00:47 AEDT
# Added Azure Function App check for Managed Identities
# 14.5.0: Thu 26 Feb 2026 17:01:47 AEDT
# Added Azure Function App check for Public Network Access
# 14.5.1: Thu 26 Feb 2026 17:02:47 AEDT
# Added Azure Function App check for App Service Plan SKU
# 14.5.2: Thu 26 Feb 2026 17:03:47 AEDT
# Added Azure Function App check for Private Endpoints
# 14.5.3: Thu 26 Feb 2026 17:04:47 AEDT
# Added Azure Function App check for Private DNS Zone
# 14.5.4: Thu 26 Feb 2026 17:05:47 AEDT
# Added Azure Function App check for Virtual Network Integration
# 14.5.5: Thu 26 Feb 2026 17:06:47 AEDT
# Added Azure Function App check for VNet Image Pull
# 14.5.6: Thu 26 Feb 2026 17:07:47 AEDT
# Added Azure Function App check for VNet Content Share
# 14.5.7: Thu 26 Feb 2026 17:08:47 AEDT
# Added Azure Function App check for Cross-Origin Resource Sharing
# 14.5.8: Thu 26 Feb 2026 17:21:47 AEDT
# Updates and improvements
# 14.5.9: Thu 26 Feb 2026 17:38:47 AEDT
# Added Azure Function App Deployment Slot audit module
# 14.6.0: Thu 26 Feb 2026 17:39:47 AEDT
# Added Azure Function App Deployment Slot function
# 14.6.1: Thu 26 Feb 2026 17:40:47 AEDT
# Added Azure Function App Deployment Slot check for Java version
# 14.6.2: Thu 26 Feb 2026 17:41:47 AEDT
# Added Azure Function App Deployment Slot check for Python version
# 14.6.3: Thu 26 Feb 2026 17:42:47 AEDT
# Added Azure Function App Deployment Slot check for PHP version
# 14.6.4: Thu 26 Feb 2026 17:43:47 AEDT
# Added Azure Function App Deployment Slot check for Basic Authentication Publishing Credentials
# 14.6.5: Thu 26 Feb 2026 17:44:47 AEDT
# Added Azure Function App Deployment Slot check for FTP state
# 14.6.6: Thu 26 Feb 2026 17:45:47 AEDT
# Added Azure Function App Deployment Slot check for HTTP version
# 14.6.7: Thu 26 Feb 2026 17:46:47 AEDT
# Added Azure Function App Deployment Slot check for HTTPS only
# 14.6.8: Thu 26 Feb 2026 17:47:47 AEDT
# Added Azure Function App Deployment Slot check for Minimum Inbound TLS Version
# 14.6.9: Thu 26 Feb 2026 17:48:47 AEDT
# Added Azure Function App Deployment Slot check for end to end TLS encryption
# 14.7.0: Thu 26 Feb 2026 17:49:47 AEDT
# Added Azure Function App Deployment Slot check for Remote Debugging
# 14.7.1: Thu 26 Feb 2026 17:50:47 AEDT
# Added Azure Function App Deployment Slot check for Client Certificates
# 14.7.2: Thu 26 Feb 2026 17:51:47 AEDT
# Added Azure Function App Deployment Slot check for Authentication
# 14.7.3: Thu 26 Feb 2026 17:52:47 AEDT
# Added Azure Function App Deployment Slot check for Managed Identities
# 14.7.4: Thu 26 Feb 2026 17:53:47 AEDT
# Added Azure Function App Deployment Slot check for Public Network Access
# 14.7.5: Thu 26 Feb 2026 17:54:47 AEDT
# Added Azure Function App Deployment Slot check for Virtual Network Integration
# 14.7.6: Thu 26 Feb 2026 17:55:47 AEDT
# Added Azure Function App Deployment Slot check for VNet Image Pull
# 14.7.7: Thu 26 Feb 2026 17:56:47 AEDT
# Added Azure Function App Deployment Slot check for VNet Content Share
# 14.7.8: Thu 26 Feb 2026 17:57:47 AEDT
# Added Azure Function App Deployment Slot check for Cross-Origin Resource Sharing
# 14.7.9: Thu 26 Feb 2026 17:58:47 AEDT
# Updates and improvements
# 14.8.0: Fri 27 Feb 2026 11:31:09 AEDT
# Added Azure Key Vault Certificates audit module
# 14.8.1: Fri 27 Feb 2026 11:32:09 AEDT
# Added Azure Key Vault Secrets audit module
# 14.8.2: Fri 27 Feb 2026 11:33:09 AEDT
# Updates and improvements
# 14.8.3: Fri 27 Feb 2026 12:41:09 AEDT
# Added Azure App Service ASE audit module
# 14.8.4: Fri 27 Feb 2026 12:42:09 AEDT
# Added Azure App Service ASE function
# 14.8.5: Fri 27 Feb 2026 12:43:09 AEDT
# Added Azure App Service ASE check for internal load balancing mode
# 14.8.6: Fri 27 Feb 2026 12:50:11 AEDT
# Added Azure App Service ASE check for ASE version
# 14.8.7: Fri 27 Feb 2026 12:51:11 AEDT
# Added Azure App Service ASE check for internal encryption
# 14.8.8: Fri 27 Feb 2026 12:52:11 AEDT
# Added Azure App Service ASE check for TLS 1.0 and 1.1 disabled
# 14.8.9: Fri 27 Feb 2026 12:53:11 AEDT
# Added Azure App Service ASE check for TLS cipher suite ordering configured
# 14.9.0: Fri 27 Feb 2026 15:32:11 AEDT
# Added Azure Container Instances audit module
# 14.9.1: Fri 27 Feb 2026 15:33:11 AEDT
# Added Azure Container Instances function
# 14.9.2: Fri 27 Feb 2026 15:34:11 AEDT
# Added Azure Container Instances check for Private Virtual Networks
# 14.9.3: Fri 27 Feb 2026 15:35:11 AEDT
# Added Azure Container Instances check for Managed Identity
# 14.9.4: Fri 27 Feb 2026 16:05:11 AEDT
# Added Azure CycleCloud audit module
# 14.9.5: Fri 27 Feb 2026 16:22:11 AEDT
# Added Azure Batch audit module
# 14.9.6: Fri 27 Feb 2026 16:23:11 AEDT
# Added Azure Batch function
# 14.9.7: Fri 27 Feb 2026 16:24:11 AEDT
# Added Azure Batch check for customer managed keys
# 14.9.8: Fri 27 Feb 2026 16:25:11 AEDT
# Added Azure Batch check for pool disk encryption
# 14.9.9: Fri 27 Feb 2026 18:06:48 AEDT
# Added Azure Batch check for local authentication methods
# 15.0.0: Fri 27 Feb 2026 18:07:48 AEDT
# Added Azure Batch check for private endpoints
# 15.0.1: Fri 27 Feb 2026 18:08:48 AEDT
# Added Azure Batch check for public network access
# 15.0.2: Fri 27 Feb 2026 20:10:48 AEDT
# Updates and improvements
# 15.0.3: Sat 28 Feb 2026 11:47:48 AEDT
# Added Azure Virtual Machines audit module
# 15.0.4: Sat 28 Feb 2026 11:48:48 AEDT
# Added Azure Virtual Machines function
# 15.0.5: Sat 28 Feb 2026 11:49:48 AEDT
# Updates and improvements
# 15.0.6: Sat 28 Feb 2026 21:31:31 AEDT
# Formatting fixes
# 15.0.7: Mon 2 Mar 2026 11:44:44 AEDT
# Formatting fixes
# 15.0.8: Mon 2 Mar 2026 20:45:44 AEDT
# Formatting fixes
# 15.0.9: Wed 04 Mar 2026 17:28:10 AEDT
# More formatting fixes
# 15.1.0: Tue 10 Mar 2026 14:49:52 AEDT
# Added switch value checking
# 15.1.1: Tue 10 Mar 2026 16:38:52 AEDT
# Improved Azure CLI extension checking
# 15.1.2: Wed 11 Mar 2026 15:27:06 AEDT
# Improved module listing
# 15.1.3: Wed 11 Mar 2026 16:35:06 AEDT
# Formatting fixes
# 15.1.4: Thu 12 Mar 2026 08:06:53 AEDT
# Typo fixes
# 15.1.5: Thu 12 Mar 2026 13:08:36 AEDT
# Formatting fixes
# 15.1.6: Thu 12 Mar 2026 15:50:28 AEDT
# Shellcheck fixes
# 15.1.7: Thu 12 Mar 2026 17:29:28 AEDT
# Formatting fixes
# 15.1.8: Fri 13 Mar 2026 12:45:28 AEDT
# Split out Azure WebApps Java version check
# 15.1.9: Fri 13 Mar 2026 12:46:28 AEDT
# Updated Azure WebApps value check
# 15.2.0: Fri 13 Mar 2026 13:21:28 AEDT
# Split out Azure WebApps Python version check
# 15.2.1: Fri 13 Mar 2026 13:26:28 AEDT
# Split out Azure WebApps PHP version check
# 15.2.2: Fri 13 Mar 2026 13:27:28 AEDT
# Split out Azure WebApps FTP state check
# 15.2.3: Fri 13 Mar 2026 15:14:28 AEDT
# Split out Azure WebApps Basic Authentication Publishing Credentials check
# 15.2.4: Fri 13 Mar 2026 15:15:28 AEDT
# Fixed Azure WebApps Basic Authentication Publishing Credentials check
# 15.2.5: Fri 13 Mar 2026 16:36:28 AEDT
# Split out Azure WebApps HTTP values check
# 15.2.6: Fri 13 Mar 2026 16:57:28 AEDT
# Split out Azure WebApps TLS values check
# 15.2.7: Fri 13 Mar 2026 17:23:28 AEDT
# Split out Azure WebApps Remote Debugging check
# 15.2.8: Fri 13 Mar 2026 17:36:28 AEDT
# Split out Azure WebApps Client Certificates check
# 15.2.9: Fri 13 Mar 2026 17:43:28 AEDT
# Split out Azure WebApps Authentication check
# 15.3.0: Fri 13 Mar 2026 17:46:28 AEDT
# Split out Azure WebApps Managed Identities check
# 15.3.1: Fri 13 Mar 2026 17:54:28 AEDT
# Split out Azure WebApps Public Network Access check
# 15.3.2: Fri 13 Mar 2026 17:58:28 AEDT
# Split out Azure WebApps Private DNS Zones check
# 15.3.3: Fri 13 Mar 2026 18:14:28 AEDT
# Split out Azure WebApps Virtual Network Integration check
# 15.3.4: Fri 13 Mar 2026 18:22:28 AEDT
# Split out Azure WebApps VNet checks
# 15.3.5: Fri 13 Mar 2026 18:43:28 AEDT
# Split out Azure WebApps CORS check
# 15.3.6: Fri 13 Mar 2026 18:44:28 AEDT
# Split out Azure WebApps Private Endpoint check
# 15.3.7: Fri 13 Mar 2026 18:45:28 AEDT
# Fixed Azure Private Endpoint check
# 15.3.8: Fri 13 Mar 2026 20:46:28 AEDT
# Fixed Azure App Service Plan SKU check
# 15.3.9: Fri 13 Mar 2026 20:47:28 AEDT
# Split out Azure App Service Plan SKU check
# 15.4.0: Mon 16 Mar 2026 12:38:14 AEDT
# Split out Azure App Service Deployment Slot Java version check
# 15.4.1: Mon 16 Mar 2026 13:47:02 AEDT
# Split azure directories into sub directories
# 15.4.2: Mon 16 Mar 2026 14:43:03 AEDT
# Split out Azure App Service Deployment Slot Python version check
# 15.4.3: Mon 16 Mar 2026 15:14:03 AEDT
# Split out Azure App Service Deployment Slot PHP version check
# 15.4.4: Mon 16 Mar 2026 15:15:03 AEDT
# Split out Azure App Service Deployment Slot Basic Auth check
# 15.4.5: Mon 16 Mar 2026 15:31:03 AEDT
# Split out Azure App Service Deployment Slot FTP State check
# 15.4.6: Mon 16 Mar 2026 15:52:03 AEDT
# Split out Azure App Service Deployment Slot HTTP Version check
# 15.4.7: Mon 16 Mar 2026 15:59:11 AEDT
# Split out Azure App Service Deployment Slot HTTPS Only check
# 15.4.8: Mon 16 Mar 2026 16:07:11 AEDT
# Split out Azure App Service Deployment Slot TLS values check
# 15.4.9: Mon 16 Mar 2026 16:51:41 AEDT
# Split out Azure App Service Deployment Slot Remote Debugging check
# 15.5.0: Mon 16 Mar 2026 16:56:41 AEDT
# Split out Azure App Service Deployment Slot Client Certificates check
# 15.5.1: Mon 16 Mar 2026 17:04:41 AEDT
# Split out Azure App Service Deployment Slot Managed Identities check
# 15.5.2: Mon 16 Mar 2026 17:08:41 AEDT
# Split out Azure App Service Deployment Slot Public Network Access check
# 15.5.3: Mon 16 Mar 2026 17:12:41 AEDT
# Split out Azure App Service Deployment Slot Virtual Network Integration check
# 15.5.4: Mon 16 Mar 2026 17:15:41 AEDT
# Split out Azure App Service Deployment Slot VNet Image Pull check
# 15.5.5: Mon 16 Mar 2026 17:16:41 AEDT
# Split out Azure App Service Deployment Slot VNet Content Share check
# 15.5.6: Mon 16 Mar 2026 17:22:25 AEDT
# Split out Azure App Service Deployment Slot CORS check
# 15.5.7: Mon 16 Mar 2026 17:27:25 AEDT
# Split out Azure App Service Deployment Slot Private Endpoints check
# 15.5.8: Mon 16 Mar 2026 19:31:25 AEDT
# Split out Azure Function App Deployment Slots Java version check
# 15.5.9: Mon 16 Mar 2026 19:55:25 AEDT
# Split out Azure Function App Deployment Slots Python version check
# 15.6.0: Mon 16 Mar 2026 20:09:13 AEDT
# Split out Azure Function App Deployment Slots Basic Authentication Publishing Credentials check
# 15.6.1: Mon 16 Mar 2026 20:15:13 AEDT
# Split out Azure Function App Deployment Slots FTP State check
# 15.6.2: Mon 16 Mar 2026 20:20:13 AEDT
# Split out Azure Function App Deployment Slots HTTP Version and HTTPS Only check
# 15.6.3: Mon 16 Mar 2026 21:43:13 AEDT
# Split out Azure Function App Deployment Slots TLS values check
# 15.6.4: Mon 16 Mar 2026 21:44:13 AEDT
# Formatting fixes for Azure Function App Deployment Slots
# 15.6.5: Mon 17 Mar 2026 22:20:13 AEDT
# Formatting fixes for Azure App Service Deployment Slots
# 15.6.6: Mon 17 Mar 2026 22:28:13 AEDT
# Split out Azure Function App Deployment Slots Remote Debugging check
# 15.6.7: Mon 17 Mar 2026 22:32:13 AEDT
# Split out Azure Function App Deployment Slots Client Certificates check
# 15.6.8: Mon 17 Mar 2026 22:36:13 AEDT
# Split out Azure Function App Deployment Slots Managed Identities check
# 15.6.9: Mon 17 Mar 2026 22:40:13 AEDT
# Split out Azure Function App Deployment Slots Public Network Access check
# 15.7.0: Mon 17 Mar 2026 22:44:13 AEDT
# Split out Azure Function App Deployment Slots Virtual Network Integration and VNet check
# 15.7.1: Mon 17 Mar 2026 22:48:13 AEDT
# Split out Azure Function App Deployment Slots CORS check
# 15.7.2: Mon 17 Mar 2026 22:52:13 AEDT
# Split out Azure Function App Deployment Slots Private Endpoints check
# 15.7.3: Mon 17 Mar 2026 22:56:13 AEDT
# Directory structure clean up
# 15.7.4: Tue 17 Mar 2026 11:00:33 AEDT
# Split out Azure Function App Java versions check
# 15.7.5: Tue 17 Mar 2026 11:02:33 AEDT
# Split out Azure Function App Python versions check
# 15.7.6: Tue 17 Mar 2026 13:35:33 AEDT
# Split out Azure Function App Basic Authentication Publishing Credentials check
# 15.7.7: Tue 17 Mar 2026 13:46:33 AEDT
# Split out Azure Function App FTP State check
# 15.7.8: Tue 17 Mar 2026 14:30:13 AEDT
# Split out Azure Function App HTTP values check
# 15.7.9: Tue 17 Mar 2026 14:37:13 AEDT
# Split out Azure Function App TLS values check
# 15.8.0: Wed 18 Mar 2026 15:13:13 AEDT
# Split out Azure Function App Remote Debugging check
# 15.8.1: Wed 18 Mar 2026 15:17:40 AEDT
# Split out Azure Function App Client Certificates check
# 15.8.2: Wed 18 Mar 2026 15:35:40 AEDT
# Split out Azure Function App Service Authentication check
# 15.8.3: Wed 18 Mar 2026 15:52:40 AEDT
# Split out Azure Function App Managed Identities check
# 15.8.4: Wed 18 Mar 2026 15:57:40 AEDT
# Split out Azure Function App Public Network Access check
# 15.8.5: Wed 18 Mar 2026 16:09:40 AEDT
# Split out Azure Function App Virtual Network Integration and VNet checks
# 15.8.6: Wed 18 Mar 2026 16:13:40 AEDT
# Split out Azure Function App Cross-Origin Resource Sharing check
# 15.8.7: Wed 18 Mar 2026 16:31:40 AEDT
# Function name cleanup
# 15.8.8: Thu 19 Mar 2026 14:04:02 AEDT
# Cleaned up AWS module directory structure
# 15.8.9: Thu 19 Mar 2026 17:34:02 AEDT
# Added platform check to XD/NX Support check
# 15.9.0: Thu 19 Mar 2026 18:06:02 AEDT
# Added percentage calculation to print_info
# 15.9.1: Thu 19 Mar 2026 21:21:45 AEDT
# Fixed Bluetooth check
================================================
FILE: docker-compose.yml
================================================
version: '3'
services:
test-shell:
image: "${OS_NAME}:${OS_VERSION}"
volumes:
- ".:/lunar"
command: "/bin/bash"
test-audit:
image: "${OS_NAME}:${OS_VERSION}"
volumes:
- ".:/lunar"
command: bash -c "/lunar/lunar.sh -a"
================================================
FILE: functions/aix/check_auditctl.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_auditctl
#
# Check whether a executable, file or directory is being audited
#.
check_auditctl () {
check_file="${1}"
audit_tag="${2}"
print_function "check_auditctl"
if [ "${os_name}" = "Linux" ]; then
if [ "${audit_mode}" != 2 ]; then
secure_string="Auditing is enabled on file \"${check_file}\""
insecure_string="Auditing is not enabled on file \"${check_file}\""
check_message "${secure_string}"
get_command="auditctl -l | grep ${check_file}"
set_command="auditctl -w ${file} -p wa -k ${audit_tag}"
if [ -e "${check_file}" ]; then
check=$( auditctl -l | grep "${check_file}" )
if [ -z "${check}" ]; then
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="auditctl_file_check_${ansible_counter}"
echo ""
echo "- name: Checking ${secure_string}"
echo " command: sh -c \"${get_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Enable Auditing for ${file}"
echo " command: sh -c \"${set_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
inc_insecure "${insecure_string}"
lock_command="${set_command}"
lock_message="${secure_string}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
inc_secure "${secure_string}"
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_chsec.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_chsec
#
# Function to check sec under AIX
#.
check_chsec() {
if [ "${os_name}" = "AIX" ]; then
sec_file="${1}"
sec_stanza="${2}"
parameter_name="${3}"
correct_value="${4}"
print_function "check_chsec"
log_file="${sec_file}_${sec_stanza}_${parameter_name}.log"
get_command="lssec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name} |awk '{print \$2}' |cut -f2 -d="
set_command="chsec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name}=${correct_value}"
if [ "${audit_mode}" != 2 ]; then
string="Security Policy for \"${parameter_name}\" is set to \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="check_chsec_${ansible_counter}"
echo ""
echo "- name: Checking ${string}"
echo " command: sh -c \"${get_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Fixing ${string}"
echo " command: sh -c \"${set_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
actual_value=$( eval "${get_command}" )
if [ "${actual_value}" != "${correct_value}" ]; then
update_log "${log_file}" "chsec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name}=${actual_value}"
inc_insecure "Security Policy for \"${parameter_name}\" is not set to \"${correct_value}\""
lock_command="chsec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name}=${correct_value}"
lock_message="Security Policy for \"${parameter_name}\" to \"${correct_value}\""
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
inc_secure "Password Policy for \"${parameter_name}\" is set to \"${correct_value}\""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cut -f2 -d= "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message="Restoring: Password Policy for \"${parameter_name}\" to \"${previous_value}\""
restore_command="sh < ${log_file}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_chuser.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_chuser
#
# Function to check sec under AIX
#.
check_chuser() {
if [ "${os_name}" = "AIX" ]; then
sec_file="${1}"
parameter_name="${2}"
correct_value="${3}"
group_name="${4}"
group_value="${5}"
user_name="${6}"
print_function "check_chuser"
log_file="${sec_file}_${parameter_name}_${group_name}.log"
get_command="lssec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name} |awk '{print \$2}' |cut -f2 -d="
set_command="chsec -f ${sec_file} -s ${sec_stanza} -a ${parameter_name}=${correct_value}"
if [ "${audit_mode}" != 2 ]; then
string="Security Policy for \"${parameter_name}\" is set to \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="check_chuser_${ansible_counter}"
echo ""
echo "- name: Checking ${string}"
echo " command: sh -c \"${get_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Fixing ${string}"
echo " command: sh -c \"${set_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
actual_value=$( eval "${get_command}" )
if [ "${actual_value}" != "${correct_value}" ]; then
update_log "${log_file}" "chuser ${parameter_name}=${correct_value} ${group_name}=${group_value} ${user_name}"
inc_insecure "Security Policy for \"${parameter_name}\" is not set to \"${correct_value}\" for \"${user_name}\""
lock_command="chuser ${parameter_name}=${correct_value} ${group_name}=${group_value} ${user_name}"
lock_message="Security Policy for \"${parameter_name}\" to \"${correct_value}\""
run_lockdown "${lock_command}" "${lock_message}"
else
inc_secure "Security Policy for \"${parameter_name}\" is set to \"${correct_value}\" for \"${user_name}\""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cut -f2 -d= "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message="Restoring: Password Policy for \"${parameter_name}\" to \"${previous_value}\""
restore_command="sh < ${log_file}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_itab.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# shellcheck disable=SC2086
# check_itab
#
# Function to check inittab under AIX
#.
check_itab() {
if [ "${os_name}" = "AIX" ]; then
service_name="${1}"
correct_value="${2}"
print_function "check_itab"
log_file="${service_name}.log"
actual_value=$( lsitab "${service_name}" | cut -f1 -d: )
if [ "${correct_value}" = "off" ]; then
if [ "${actual_status}" != "${service_name}" ]; then
actual_value="off"
fi
fi
if [ "${audit_mode}" != 2 ]; then
string="Service \"${service_name}\" is not \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
echo ""
echo "- name: Checking ${string}"
echo " aix_inittab:"
echo " namw: ${service_name}"
echo " state: ${correct_value}"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
if [ "${actual_value}" != "${correct_value}" ]; then
if [ "${audit_mode}" = 1 ]; then
inc_insecure "Service \"${service_name}\" is \"${correct_value}\""
if [ "${correct_value}" = "off" ]; then
fix_message "rmitab $( lsitab | grep \"^${service_name}\" )"
else
fix_message "chitab \"${correct_value}\""
fi
fi
if [ "${audit_mode}" = 0 ]; then
log_file="${work_dir}/${log_file}"
lock_message="Service \"${service_name}\" to \"${correct_value}\""
if [ "${correct_value}" = "off" ]; then
update_log "${log_file}" "${actual_value}"
lock_command="rmitab ${service_name}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
if [ "${actual_value}" = "off" ]; then
update_log "${log_file}" "off"
lock_command="mkitab ${correct_value}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
update_log "${log_file}" "${actual_value}"
lock_command="chitab ${correct_value}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
fi
fi
fi
else
inc_secure "Service \"${service_name}\" is \"${correct_value}\""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cat "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message="Service \"${service_name}\" to \"${previous_value}\""
if [ "${previous_value}" = "off" ]; then
restore_command="rmitab ${service_name}"
else
if [ "${actual_status}" = "off" ]; then
restore_command="mkitab ${service_name} ${previous_value}"
else
restore_command="chitab ${service_name} ${previous_value}"
fi
fi
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_lslpp.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_lslpp
#
# Check if an AIX package is installed, if so install_check will be be set with
# name of rpm, otherwise it will be empty
#.
check_lslpp () {
package_name="${1}"
print_function "check_lslpp"
if [ "${os_name}" = "AIX" ]; then
lslpp_check="lslpp -L |grep \"${package_name}\""
fi
}
================================================
FILE: functions/aix/check_no.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_no
#
# Function to check no under AIX
#.
check_no() {
if [ "${os_name}" = "AIX" ]; then
parameter_name="${1}"
correct_value="${2}"
print_function "check_no"
log_file="${parameter_name}.log"
get_command="no -a |grep '${parameter_name} ' |cut -f2 -d= |sed 's/ //g' |grep '${correct_value}'"
set_command="no -p -o ${parameter_name}=${correct_value}"
actual_value=$( eval "${get_command}" )
if [ "${audit_mode}" != 2 ]; then
string="Parameter \"${parameter_name}\" is \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="check_no_${ansible_counter}"
echo ""
echo "- name: Checking ${string}"
echo " command: sh -c \"${get_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Fixing ${string}"
echo " command: sh -c \"${set_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
if [ "${actual_value}" != "${correct_value}" ]; then
inc_insecure "Parameter \"${parameter_name}\" is not \"${correct_value}\""
update_log "${log_file}" "${actual_value}"
lock_command="no -p -o ${parameter_name}=${correct_value}"
lock_message="Parameter \"${parameter_name}\" to \"${correct_value}\""
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
inc_secure "Parameter \"${parameter_name}\" is \"${correct_value}\""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cat "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message="Parameter \"${parameter_name}\" to \"${previous_value}\""
restore_command="no -p -o ${parameter_name}=${previous_value}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_pwpolicy.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_pwpolicy
#
# Function to check pwpolicy output under OS X
#.
check_pwpolicy() {
if [ "${os_name}" = "Darwin" ]; then
parameter_name="${1}"
correct_value="${2}"
print_function "check_pwpolicy"
log_file="${parameter_name}.log"
if [ "${audit_mode}" != 2 ]; then
string="Password Policy for \"${parameter_name}\" is set to \"${correct_value}\""
check_message "${string}"
if [ "${os_version}" -ge 12 ]; then
policy_command="pwpolicy -getglobalpolicy |tr ' ' '\\\n' |grep ${parameter_name} |cut -f2 -d="
else
if [ "${managed_node}" = "Error" ]; then
policy_command="sudo pwpolicy -n /Local/Default -getglobalpolicy ${parameter_name} 2>&1 |cut -f2 -d="
else
policy_command="sudo pwpolicy -n -getglobalpolicy ${parameter_name} 2>&1 |cut -f2 -d="
fi
fi
actual_value=$( eval "${policy_command}" )
if [ "${actual_value}" != "${correct_value}" ]; then
lock_message="Password Policy for \"${parameter_name}\" to \"${correct_value}\""
inc_insecure "Password Policy for \"${parameter_name}\" is not set to \"${correct_value}\""
if [ "${os_version}" -ge 12 ]; then
lock_command="sudo pwpolicy -setglobalpolicy ${parameter_name}=${correct_value}"
update_log "${log_file}" "${actual_value}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
if [ "${managed_node}" = "Error" ]; then
lock_command="pwpolicy -n /Local/Default -setglobalpolicy ${parameter_name}=${correct_value}"
update_log "${log_file}" "${actual_value}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
lock_command="pwpolicy -n -setglobalpolicy ${parameter_name}=${correct_value}"
update_log "${log_file}" "${actual_value}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
fi
fi
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="check_pwpolicy_${ansible_counter}"
echo ""
echo "- name: Checking ${string}"
echo " command: sh -c \"${policy_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Fixing ${string}"
echo " command: sh -c \"${lock_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
else
if [ "${audit_mode}" = 1 ]; then
inc_secure "Password Policy for \"${parameter_name}\" is set to \"${correct_value}\""
fi
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cat "${log_file}" )
restore_message="Password Policy for \"${parameter_name}\" to \"${previous_value}\""
if [ "${previous_value}" != "${actual_value}" ]; then
if [ "${os_version}" -ge 12 ]; then
restore_command="pwpolicy -setglobalpolicy ${parameter_name}=${previous_value}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
else
if [ "${managed_node}" = "Error" ]; then
restore_command="pwpolicy -n /Local/Default -setglobalpolicy ${parameter_name}=${previous_value}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
else
restore_command="pwpolicy -n -setglobalpolicy ${parameter_name}=${previous_value}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_rctcp.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_rctcp
#
# Function to check rctcp under AIX
#.
check_rctcp() {
if [ "${os_name}" = "AIX" ]; then
service_name="${1}"
correct_value="${2}"
print_function "check_rctcp"
if [ "${correct_value}" = "off" ]; then
status_value="disabled"
else
status_value="enabled"
fi
log_file="${service_name}.log"
actual_value=$( lssrc -a | grep "${service_name} " | awk '{print $4}' )
if [ "${actual_value}" = "active" ]; then
actual_value="off"
else
actual_value="on"
fi
if [ "${audit_mode}" != 2 ]; then
string="Service \"${service_name}\" is \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
echo ""
echo "- name: Checking ${string}"
echo " service:"
echo " name: ${service_name}"
echo " enabled: ${status_value}"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
if [ "${actual_value}" != "${correct_value}" ]; then
if [ "${audit_mode}" = 1 ]; then
inc_insecure "Service \"${service_name}\" is not \"${correct_value}\""
if [ "${correct_value}" = "off" ]; then
fix_message "chrctcp -d ${service_name}"
fix_message "stopsrc -s ${service_name}"
fix_message "sed \"/${service_name} /s/^/#/g\" < /etc/rc.tcpip > ${temp_file}"
fix_message "cat ${temp_file} > /etc/rc.tcpip"
fix_message "rm ${temp_file}"
else
fix_message "chrctcp -a ${service_name}"
fix_message "startsrc -s ${service_name}"
fix_message "sed \"/${service_name} /s/^#.//g\" < /etc/rc.tcpip > ${temp_file}"
fix_message "cat ${temp_file} > /etc/rc.tcpip"
fix_message "rm ${temp_file}"
fi
fi
if [ "${audit_mode}" = 0 ]; then
log_file="${work_dir}/${log_file}"
set_message "Service \"${service_name}\" to \"${correct_value}\""
echo "${actual_value}" > "${log_file}"
if [ "${correct_value}" = "off" ]; then
chrctcp -d "${service_name}"
stopsrc -s "${service_name}"
sed "/${service_name} /s/^/#/g" < /etc/rc.tcpip > "${temp_file}"
cat "${temp_file}" > /etc/rc.tcpip
rm "${temp_file}"
else
chrctcp -a "${service_name}"
startsrc -s "${service_name}"
sed "/${service_name} /s/^#.//g" < /etc/rc.tcpip > "${temp_file}"
cat "${temp_file}" > /etc/rc.tcpip
rm "${temp_file}"
fi
fi
else
if [ "${audit_mode}" = 1 ]; then
inc_secure "Service \"${service_name}\" is \"${correct_value}\""
fi
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cat "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message "Service \"${service_name}\" to \"${previous_value}\""
if [ "${previous_value}" = "off" ]; then
chrctcp -d "${service_name}"
stopsrc -s "${service_name}"
sed "/${service_name} /s/^/#/g" < /etc/rc.tcpip > "${temp_file}"
cat "${temp_file}" > /etc/rc.tcpip
rm "${temp_file}"
else
chrctcp -a "${service_name}"
startsrc -s "${service_name}"
sed "/${service_name} /s/^#.//g" < /etc/rc.tcpip > "${temp_file}"
cat "${temp_file}" > /etc/rc.tcpip
rm "${temp_file}"
fi
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_subserver.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_subserver
#
# Function to check subserver under AIX
#.
check_subserver() {
if [ "${os_name}" = "AIX" ]; then
service_name="${1}"
protocol_name="${2}"
correct_value="${3}"
print_function "check_subserver"
log_file="${service_name}.log"
actual_value=$( grep "${service_name} " /etc/inetd.conf | grep "${protocol_name} " | grep -v "^#" | awk "{print $1}" )
if [ "${actual_value}" != "${service_name}" ]; then
actual_value="off"
else
actual_value="on"
fi
if [ "${audit_mode}" != 2 ]; then
string="Service \"${service_name}\" Protocol \"${protocol_name}\" is \"${correct_value}\""
check_message "${string}"
if [ "${ansible_mode}" = 1 ]; then
echo ""
echo "- name: Checking ${string}"
echo " service:"
echo " name: ${service_name}"
echo " enabled: ${enabled}"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
if [ "${actual_value}" != "${service_name}" ]; then
if [ "${audit_mode}" = 1 ]; then
inc_insecure "Service \"${service_name}\" Protocol \"${protocol_name}\" is not \"${correct_value}\""
if [ "${correct_value}" = "off" ]; then
fix_command="chsubserver -r inetd -C /etc/inetd.conf -d -v \"${service_name}\" -p \"${protocol_name}\""
fix_message "${fix_command}"
else
fix_command="chsubserver -r inetd -C /etc/inetd.conf -a -v \"${service_name}\" -p \"${protocol_name}\""
fix_message "${fix_command}"
fi
fi
if [ "${audit_mode}" = 0 ]; then
update_log "${log_file}" "${actual_value}"
lock_message="Service \"${service_name}\" Protocol \"${protocol_name}\" to \"${correct_value}\""
if [ "${correct_value}" = "off" ]; then
lock_command="chsubserver -r inetd -C /etc/inetd.conf -d -v ${service_name} -p ${protocol_name}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
lock_command="chsubserver -r inetd -C /etc/inetd.conf -a -v ${service_name} -p ${protocol_name}"
run_lockdown "${lock_command}" "${lock_message}" "sudo"
fi
fi
else
inc_secure "Service \"${service_name}\" Protocol \"${protocol_name}\" is \"${correct_value}\""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cat "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_message="Service \"${service_name}\" Protocol \"${protocol_name}\" to \"${previous_value}\""
if [ "${previous_value}" = "off" ]; then
restore_command="chsubserver -r inetd -C /etc/inetd.conf -d -v ${service_name} -p ${protocol_name}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
else
restore_command="chsubserver -r inetd -C /etc/inetd.conf -a -v ${service_name} -p ${protocol_name}"
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
fi
}
================================================
FILE: functions/aix/check_trust.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_trust
#
# Function to check trustchk under AIX
#.
check_trust() {
if [ "${os_name}" = "AIX" ]; then
parameter_name="${1}"
correct_value="${2}"
print_function "check_trust"
log_file="trustchk_${parameter_name}.log"
actual_value=$( trustchk -p "${parameter_name}" | cut -f2 -d= )
policy_command="trustchk -p ${parameter_name} | cut -f2 -d= | grep ${correct_value}"
lock_command="trustchk -p ${parameter_name}=${correct_value}"
if [ "${audit_mode}" != 2 ]; then
string="Trusted Execution setting for \"${parameter_name}\" is set to \"${correct_value}\""
check_message "${string}"
if [ "${actual_value}" != "${correct_value}" ]; then
inc_insecure "Trusted Execution setting for \"${parameter_name}\" is not set to \"${correct_value}\""
update_log "${log_file}" "trustchk-p ${parameter_name}=${actual_value}"
lock_message="Trusted Execution setting for \"${parameter_name}\" to \"${correct_value}\""
run_lockdown "${lock_command}" "${lock_message}" "sudo"
else
inc_secure "Password Policy for \"${parameter_name}\" is set to \"${correct_value}\""
fi
if [ "${ansible_mode}" = 1 ]; then
ansible_counter=$((ansible_counter+1))
ansible_value="check_trust_${ansible_counter}"
echo ""
echo "- name: Checking ${string}"
echo " command: sh -c \"${policy_command}\""
echo " register: ${ansible_value}"
echo " failed_when: ${ansible_value} == 1"
echo " changed_when: false"
echo " ignore_errors: true"
echo " when: ansible_facts['ansible_system'] == '${os_name}'"
echo ""
echo "- name: Fixing ${string}"
echo " command: sh -c \"${lock_command}\""
echo " when: ${ansible_value}.rc == 1 and ansible_facts['ansible_system'] == '${os_name}'"
echo ""
fi
else
log_file="${restore_dir}/${log_file}"
if [ -f "${log_file}" ]; then
previous_value=$( cut -f2 -d= "${log_file}" )
if [ "${previous_value}" != "${actual_value}" ]; then
restore_command="sh < ${log_file}"
restore_message="Password Policy for \"${parameter_name}\" to \"${previous_value}\""
execute_restore "${restore_command}" "${restore_message}" "sudo"
fi
fi
fi
fi
}
================================================
FILE: functions/aws/audit_aws.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# funct_audit_aws
#
# Audit AWS
#.
funct_audit_aws () {
audit_mode="${1}"
print_function "funct_audit_aws"
check_environment
check_aws
audit_aws_all
print_results
}
# funct_audit_aws
#
# Audit AWS REC
#.
funct_audit_aws_rec () {
audit_mode="${1}"
print_function "funct_audit_aws_rec"
check_environment
check_aws
audit_aws_rec_all
print_results
}
# audit_aws_all
#
# Audit AWS all
#
# Run various AWS audit tests
#
# This requires the AWS CLI to be installed and configured
#.
audit_aws_all () {
print_function "audit_aws_all"
audit_aws_iam
audit_aws_mfa
audit_aws_access_keys
audit_aws_creds
audit_aws_iam_policies
audit_aws_password_policy
audit_aws_support_role
audit_aws_monitoring
audit_aws_logging
audit_aws_keys
audit_aws_config
audit_aws_sns
audit_aws_vpcs
audit_aws_sgs
audit_aws_certs
audit_aws_dns
audit_aws_ec2
audit_aws_es
audit_aws_elb
audit_aws_s3
audit_aws_ses
audit_aws_rds
audit_aws_cf
audit_aws_ec
audit_aws_cdn
audit_aws_redshift
audit_aws_inspector
}
================================================
FILE: functions/aws/audit_aws_rec_all.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# Audit AWS
#
# Run various AWS audit recommended tests
#
# This comes from sources like Cloud Conformity
#
# https://www.cloudconformity.com/conformity-rules/
#
# This requires the AWS CLI to be installed and configured
#.
audit_aws_rec_all () {
print_function "audit_aws_rec_all"
audit_aws_rec_ec2
audit_aws_rec_es
audit_aws_rec_dynamodb
audit_aws_rec_elb
audit_aws_rec_vpcs
audit_aws_rec_rds
audit_aws_rec_ec
audit_aws_rec_monitoring
audit_aws_rec_redshift
audit_aws_rec_inspector
}
================================================
FILE: functions/aws/check_aws_open_port.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_aws_open_port
#
# Check AWS Security Groups for open ports, i.e. CIDR of 0.0.0.0/0
#
# This requires the AWS CLI to be installed and configured
#.
check_aws_open_port () {
sg="${1}"
port="${2}"
protocol="${3}"
service="${4}"
app="${5}"
instance="${6}"
print_function "check_aws_open_port"
command="aws ec2 describe-security-groups --region \"${aws_region}\" --group-ids \"${sg}\" --filters \"Name=ip-permission.to-port,Values=${port}\" \"Name=ip-permission.cidr,Values=0.0.0.0/0\" \"Name=ip-permission.protocol,Values=${protocol}\" --output text"
command_message "${command}"
open_port=$( eval "${command}" )
if [ "${app}" = "none" ]; then
string="Security Group \"${sg}\" does not have service \"${service}\" on port \"${port}\" open to the world"
else
string="Application \"${app}\" with instance \"${instance}\" with Security Group \"${sg}\" does not have \"${service}\" on port \"${port}\" open to the world"
fi
check_message "${string}"
if [ ! "${open_port}" ]; then
inc_secure "${string}"
else
if [ "${app}" = "none" ]; then
string="Security Group \"${sg}\" has service \"${service}\" on port \"${port}\" open to the world"
else
string="Application \"$app\" with instance \"${instance}\" with Security Group \"${sg}\" has \"${service}\" on port \"${port}\" open to the world"
fi
inc_insecure "${string}"
lock_command="aws ec2 revoke-security-group-ingress --region ${aws_region} --group-name ${sg} --protocol ${protocol} --port ${port} --cidr 0.0.0.0/0"
lock_message="${string}"
run_lockdown "${lock_command}" "${lock_message}"
fi
}
================================================
FILE: functions/aws/check_aws_password_policy.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_aws_password_policy
#
# Check AWS Password Policy
#
# This requires the AWS CLI to be installed and configured
#.
check_aws_password_policy () {
param="${1}"
value="${2}"
switch="${3}"
print_function "check_aws_password_policy"
command="aws iam get-account-password-policy 2> /dev/null | grep \"${param}\""
command_message "${command}"
policy=$( eval "${command}" )
cli_fix="aws iam update-account-password-policy ${switch}"
command="grep \"${param}\" \"${policy}\" | cut -f2 -d: | sed \"s/ //g\" | sed \"s/,//g\""
command_message "${command}"
check=$( eval "${command}" )
secure_string="The password policy has \"${param}\" set to \"${value}\""
insecure_string="The password policy does not has \"${param}\" set to \"${value}\""
verbose_message "${secure_string}" "check"
if [ "${check}" = "${value}" ]; then
inc_secure "${secure_string}"
else
inc_insecure "${insecure_string}"
lock_command="${cli_fix}"
lock_message="IAM Account password policy parameter \"${param}\" to \"${value}\""
run_lockdown "${lock_command}" "${lock_message}"
fi
}
================================================
FILE: functions/azure/compute/batch/check_azure_batch_pool_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_batch_pool_value
#
# Check Azure Batch Pool value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_batch_pool_value () {
description="${1}"
pool_id="${2}"
query_string="${4}"
function="${5}"
correct_value="${6}"
set_name="${7}"
set_value="${8}"
print_function "check_azure_batch_pool_value"
if [ "${set_value}" = "" ]; then
set_value="${correct_value}"
fi
check_message "${description} for Batch Pool \"${pool_id}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
command="az batch pool show --id ${pool_id} --query '${query_string}' --output tsv 2> /dev/null"
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${actual_value}" = "${correct_value}" ]; then
secure_message "${description} for Batch Pool \"${pool_id}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
else
insecure_message "${description} for Batch Pool \"${pool_id}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
if [ ! "${set_name}" = "" ]; then
fix_message "az batch pool set --id \"${pool_id}\" ${set_name} \"${set_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/batch/check_azure_batch_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_batch_value
#
# Check Azure Batch value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_batch_value () {
description="${1}"
batch_name="${2}"
resource_group="${3}"
query_string="${4}"
function="${5}"
correct_value="${6}"
set_name="${7}"
set_value="${8}"
print_function "check_azure_batch_value"
if [ "${set_value}" = "" ]; then
set_value="${correct_value}"
fi
check_message "${description} for Batch Account \"${batch_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
command="az batch account show --name ${batch_name} --resource-group ${resource_group} --query '${query_string}' --output tsv 2> /dev/null"
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${actual_value}" = "${correct_value}" ]; then
secure_message "${description} for Batch Account \"${batch_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
else
insecure_message "${description} for Batch Account \"${batch_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
if [ ! "${set_name}" = "" ]; then
fix_message "az batch account set --name \"${batch_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/container/check_azure_container_instance_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_container_instance_value
#
# Check Azure Container Instance value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_container_instance_value () {
description="${1}"
container_name="${2}"
resource_group="${3}"
query_string="${4}"
function="${5}"
correct_value="${6}"
print_function "check_azure_container_instance_value"
check_message "${description} for Container Instance \"${container_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
command="az container show --name ${container_name} --resource-group ${resource_group} --query '${query_string}' --output tsv 2> /dev/null"
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${actual_value}" = "${correct_value}" ]; then
secure_message "${description} for Container Instance \"${container_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
else
insecure_message "${description} for Container Instance \"${container_name}\" in resource group \"${resource_group}\" has parameter \"${query_string}\" \"${function}\" to \"${correct_value}\""
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
fix_message "az container update --name \"${container_name}\" --resource-group \"${resource_group}\" ${set_name} \"${correct_value}\""
;;
*)
fix_message "az container update --name \"${container_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${correct_value}\""
;;
esac
fi
fi
}
================================================
FILE: functions/azure/compute/function/check_azure_function_app_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_function_app_value
#
# Check Azure Function App value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_function_app_value () {
description="${1}"
app_id="${2}"
resource_group="${3}"
sub_function="${4}"
resource_type="${5}"
resource_name="${6}"
query_string="${7}"
function="${8}"
correct_value="${9}"
set_name="${10}"
set_value="${11}"
print_function "check_azure_function_app_value"
if [ "${set_value}" = "" ]; then
set_value="${correct_value}"
fi
app_name=$( basename "${app_id}" )
check_message "Azure Function App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
if [ "${sub_function}" = "auth" ]; then
command="az webapp auth show --name \"${app_name}\" --resource-group \"${resource_group}\" --query \"${query_string}\" --output tsv 2> /dev/null"
else
command="az functionapp show --id \"${app_id}\" --query \"${query_string}\" --output tsv 2> /dev/null"
fi
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${function}" = "eq" ]; then
if [ "${actual_value}" = "${correct_value}" ]; then
inc_secure "Azure Function App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
else
inc_insecure "Azure Function App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az functionapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-group \"${resource_group}\" --name \"${resource_name}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp auth update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az functionapp identity assign --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az functionapp config set --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-group \"${resource_group}\" --name \"${resource_name}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp auth update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az functionapp identity assign --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az functionapp config set --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
fi
else
if [ "${actual_value}" = "${correct_value}" ]; then
inc_insecure "Azure Function App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az functionapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-group \"${resource_group}\" --name \"${resource_name}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp auth update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az functionapp identity assign --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az functionapp config set --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-group \"${resource_group}\" --name \"${resource_name}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp auth update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az functionapp identity assign --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az functionapp config set --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
else
inc_secure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${set_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/function/check_azure_function_deployment_slot_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_function_deployment_slot_value
#
# Check Azure Function Deployment Slot value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_function_deployment_slot_value () {
description="${1}"
slot_id="${2}"
app_name="${3}"
resource_group="${4}"
resource_type="${5}"
resource_name="${6}"
namespace_name="${7}"
query_string="${8}"
function="${9}"
correct_value="${10}"
set_name="${11}"
set_value="${12}"
print_function "check_azure_function_deployment_slot_value"
if [ "${set_value}" = "" ]; then
set_value="${correct_value}"
fi
slot_name=$( basename "${slot_id}" )
check_message "Azure Function Deployment Slot ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
command="az resource show --name \"${resource_name}\" --resource-group \"${resource_group}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}/slots/${slot_name}\" --query \"${query_string}\" --output tsv 2> /dev/null"
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${function}" = "eq" ]; then
if [ "${actual_value}" = "${correct_value}" ]; then
inc_secure "Azure Function Deployment Slot ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
else
inc_insecure "Azure Function Deployment Slot ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az webapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --name \"${resource_name}\" --resource-group \"${resource_group}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}/slots/${slot_name}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --name \"${resource_name}\" --resource-group \"${resource_group}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}/slots/${slot_name}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
fi
else
if [ "${actual_value}" = "${correct_value}" ]; then
inc_insecure "Azure App Service Deployment Slot ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az webapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --name \"${resource_name}\" --resource-group \"${resource_group}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}/slots/${slot_name}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --name \"${resource_name}\" --resource-group \"${resource_group}\" --namespace \"${namespace_name}\" --resource-type \"${resource_type}\" --parent \"sites/${app_name}/slots/${slot_name}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
else
inc_secure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${set_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/vm/check_azure_vm_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_vm_value
#
# Check Azure VM value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_vm_value () {
description="${1}"
vm_name="${2}"
resource_group="${3}"
parameter_name="${4}"
function="${5}"
correct_value="${6}"
print_function "check_azure_vnet_value"
check_message "Azure VM \"${vm_name}\" in Resource Group \"${resource_group}\" has \"${parameter_name}\" ${function} to \"${correct_value}\""
command="az vm show --name \"${vm_name}\" --resource-group \"${resource_group}\" --query \"${parameter_name}\" --output tsv 2> /dev/null"
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${function}" = "ne" ]; then
if [ "${actual_value}" = "${correct_value}" ]; then
inc_insecure "Azure VM \"${vm_name}\" in Resource Group \"${resource_group}\" does not have \"${parameter_name}\" ${function} to \"${correct_value}\""
else
inc_secure "Azure VM \"${vm_name}\" in Resource Group \"${resource_group}\" has \"${parameter_name}\" ${function} to \"${correct_value}\""
fi
else
if [ "${actual_value}" = "${correct_value}" ]; then
inc_secure "Azure VM \"${vm_name}\" in Resource Group \"${resource_group}\" has \"${parameter_name}\" ${function} to \"${correct_value}\""
else
inc_insecure "Azure VM \"${vm_name}\" in Resource Group \"${resource_group}\" does not have \"${parameter_name}\" ${function} to \"${correct_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/webapp/check_azure_app_service_app_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_app_service_app_value
#
# Check Azure App Service App value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_app_service_app_value () {
description="${1}"
app_id="${2}"
app_name="${3}"
resource_group="${4}"
resource_type="${5}"
query_string="${6}"
function="${7}"
correct_value="${8}"
set_name="${9}"
set_value="${10}"
print_function "check_azure_app_service_app_value"
if [ "${set_value}" = "" ]; then
set_value="${correct_value}"
fi
check_message "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
case "${resource_type}" in
"auth|identity")
command="az webapp ${resource_type} show --id \"${app_id}\" --query \"${query_string}\" --output tsv 2> /dev/null"
;;
*)
command="az webapp show --id \"${app_id}\" --query \"${query_string}\" --output tsv 2> /dev/null"
;;
esac
command_message "${command}"
actual_value=$( eval "${command}" )
if [ "${actual_value}" = "" ]; then
case "${query_string}" in
*Version)
inc_secure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not set"
return
;;
esac
fi
if [ "${function}" = "eq" ]; then
if [ "${actual_value}" = "${correct_value}" ]; then
inc_secure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${correct_value}\""
else
inc_insecure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${actual_value}\" and not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az webapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-type \"${resource_type}\" --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --id \"${app_id}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --id \"${app_id}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-type \"${resource_type}\" --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --id \"${app_id}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --id \"${app_id}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
fi
else
if [ "${actual_value}" = "${correct_value}" ]; then
inc_insecure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is not \"${function}\" to \"${correct_value}\""
if [ "${query_string}" = "virtualNetworkSubnetId" ]; then
fix_message "az webapp vnet-integration add --resource-group <resource-group-name> --name <app-name> --vnet <virtual-network-name> --subnet <subnet-name>"
fi
if [ ! "${set_name}" = "" ]; then
case "${set_name}" in
"--"*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-type \"${resource_type}\" --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --id \"${app_id}\" ${set_name} \"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --id \"${app_id}\" ${set_name} \"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" ${set_name} \"${set_value}\""
;;
esac
;;
*)
case "${resource_type}" in
"Microsoft.Web/sites")
fix_message "az resource update --resource-type \"${resource_type}\" --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
"auth")
fix_message "az webapp ${resource_type} update --id \"${app_id}\" --set \"${set_name}\"=\"${set_value}\""
;;
"identity")
fix_message "az webapp ${resource_type} assign --id \"${app_id}\" --set \"${set_name}\"=\"${set_value}\""
;;
*)
fix_message "az webapp update --name \"${app_name}\" --resource-group \"${resource_group}\" --set \"${set_name}\"=\"${set_value}\""
;;
esac
;;
esac
fi
else
inc_secure "Azure App Service App ${description} for app \"${app_name}\" with resource group \"${resource_group}\" and parameter \"${query_string}\" is \"${function}\" to \"${set_value}\""
fi
fi
}
================================================
FILE: functions/azure/compute/webapp/check_azure_app_service_ase_value.sh
================================================
#!/bin/sh
# shellcheck disable=SC1090
# shellcheck disable=SC2034
# shellcheck disable=SC2154
# check_azure_app_service_ase_value
#
# Check Azure App Service ASE value
#
# This requires the Azure CLI to be installed and configured
#.
check_azure_app_service_ase_value () {
description="${1}"
ase_name="${2}"
sub_name="${3}"
parameter_name="${4}"
function="${5}"
correct_value="${6}"
print_function "check_azure_app_service_ase_value"
check_message "${description} for App Service ASE ${ase_name} parameter ${parameter_name} is ${function} to ${correct_
gitextract_oer0oofz/
├── README.md
├── aws/
│ ├── account-creation-policy.json
│ ├── iam-manager-policy.json
│ ├── iam-master-policy.json
│ └── server-access-logging.json
├── changelog
├── docker-compose.yml
├── functions/
│ ├── aix/
│ │ ├── check_auditctl.sh
│ │ ├── check_chsec.sh
│ │ ├── check_chuser.sh
│ │ ├── check_itab.sh
│ │ ├── check_lslpp.sh
│ │ ├── check_no.sh
│ │ ├── check_pwpolicy.sh
│ │ ├── check_rctcp.sh
│ │ ├── check_subserver.sh
│ │ └── check_trust.sh
│ ├── aws/
│ │ ├── audit_aws.sh
│ │ ├── audit_aws_rec_all.sh
│ │ ├── check_aws_open_port.sh
│ │ └── check_aws_password_policy.sh
│ ├── azure/
│ │ ├── compute/
│ │ │ ├── batch/
│ │ │ │ ├── check_azure_batch_pool_value.sh
│ │ │ │ └── check_azure_batch_value.sh
│ │ │ ├── container/
│ │ │ │ └── check_azure_container_instance_value.sh
│ │ │ ├── function/
│ │ │ │ ├── check_azure_function_app_value.sh
│ │ │ │ └── check_azure_function_deployment_slot_value.sh
│ │ │ ├── vm/
│ │ │ │ └── check_azure_vm_value.sh
│ │ │ └── webapp/
│ │ │ ├── check_azure_app_service_app_value.sh
│ │ │ ├── check_azure_app_service_ase_value.sh
│ │ │ ├── check_azure_app_service_deployment_slot_value.sh
│ │ │ └── check_azure_app_service_plan_value.sh
│ │ ├── database/
│ │ │ ├── check_azure_cosmos_db_value.sh
│ │ │ ├── check_azure_mysql_db_value.sh
│ │ │ ├── check_azure_postgresql_db_value.sh
│ │ │ ├── check_azure_redis_cache_value.sh
│ │ │ ├── check_azure_redis_enterprise_cache_value.sh
│ │ │ └── check_azure_sql_db_value.sh
│ │ ├── logging/
│ │ │ ├── check_azure_activity_log_alert_value.sh
│ │ │ ├── check_azure_monitor_value.sh
│ │ │ ├── check_azure_monitoring_diagnostics_value.sh
│ │ │ ├── check_azure_network_watcher_flow_log_value.sh
│ │ │ ├── check_azure_network_watcher_value.sh
│ │ │ └── check_azure_storage_logging_value.sh
│ │ ├── network/
│ │ │ ├── check_azure_network_private_endpoint_value.sh
│ │ │ ├── check_azure_public_ip_value.sh
│ │ │ └── check_azure_vnet_value.sh
│ │ ├── other/
│ │ │ └── audit_azure.sh
│ │ ├── security/
│ │ │ ├── check_azure_basic_authentication_publishing_credential_value.sh
│ │ │ ├── check_azure_lock_value.sh
│ │ │ ├── check_azure_microsoft_defender_value.sh
│ │ │ ├── check_azure_network_security_perimeter_value.sh
│ │ │ ├── check_azure_nsg_security_rule_value.sh
│ │ │ ├── check_azure_resource_manager_lock.sh
│ │ │ ├── check_azure_security_contact_value.sh
│ │ │ ├── check_azure_security_setting.sh
│ │ │ └── check_azure_waf_value.sh
│ │ ├── storage/
│ │ │ ├── check_azure_backup_policy_value.sh
│ │ │ ├── check_azure_data_factory_value.sh
│ │ │ ├── check_azure_databox_value.sh
│ │ │ ├── check_azure_databricks_value.sh
│ │ │ ├── check_azure_elastic_san_value.sh
│ │ │ ├── check_azure_file_share_value.sh
│ │ │ ├── check_azure_netapp_file_value.sh
│ │ │ ├── check_azure_storage_account_container_value.sh
│ │ │ ├── check_azure_storage_account_keys_rotation.sh
│ │ │ ├── check_azure_storage_account_value.sh
│ │ │ ├── check_azure_storage_blob_policy_value.sh
│ │ │ ├── check_azure_storage_blob_value.sh
│ │ │ ├── check_azure_storage_container_value.sh
│ │ │ └── check_azure_storage_fs_value.sh
│ │ └── vaults/
│ │ ├── check_azure_backup_vault_value.sh
│ │ ├── check_azure_key_vault_key_value.sh
│ │ ├── check_azure_key_vault_value.sh
│ │ └── check_azure_recovery_services_vault_value.sh
│ ├── command/
│ │ ├── check_command_output.sh
│ │ └── check_command_value.sh
│ ├── darwin/
│ │ ├── check_dscl.sh
│ │ ├── check_launchctl_service.sh
│ │ ├── check_osx_defaults.sh
│ │ ├── check_osx_systemsetup.sh
│ │ ├── check_pmset.sh
│ │ └── check_sysadminctl.sh
│ ├── docker/
│ │ ├── audit_docker.sh
│ │ └── check_dockerd.sh
│ ├── file/
│ │ ├── audit_search_fs.sh
│ │ ├── audit_select.sh
│ │ ├── audit_test_subset.sh
│ │ ├── backup_file.sh
│ │ ├── check_append_file.sh
│ │ ├── check_file_comment.sh
│ │ ├── check_file_exists.sh
│ │ ├── check_file_perms.sh
│ │ ├── check_file_value.sh
│ │ ├── disable_value.sh
│ │ ├── replace_file_value.sh
│ │ ├── restore_file.sh
│ │ └── update_log_file.sh
│ ├── kubernetes/
│ │ └── audit_kubernetes.sh
│ ├── linux/
│ │ ├── check_ausearch.sh
│ │ ├── check_chkconfig_service.sh
│ │ ├── check_debian_package.sh
│ │ ├── check_gsettings_value.sh
│ │ ├── check_linux_package.sh
│ │ ├── check_linux_service.sh
│ │ ├── check_systemctl_service.sh
│ │ └── check_xinetd_service.sh
│ ├── packages/
│ │ └── check_package.sh
│ ├── services/
│ │ └── check_inetd_service.sh
│ └── sunos/
│ ├── audit_system.sh
│ ├── audit_system_sparc.sh
│ ├── audit_system_x86.sh
│ ├── check_initd_service.sh
│ ├── check_service.sh
│ ├── check_solaris_package.sh
│ ├── check_sunos_service.sh
│ ├── check_svcadm_service.sh
│ └── create_ndd_script.sh
├── lunar.sh
├── main/
│ ├── check_environment.sh
│ ├── check_os_release.sh
│ ├── check_shellcheck.sh
│ ├── get_info.sh
│ └── print_info.sh
└── modules/
├── accounting/
│ ├── audit_filesystem_partitions.sh
│ ├── audit_kernel_accounting.sh
│ ├── audit_process_accounting.sh
│ ├── audit_sar_accounting.sh
│ ├── audit_system_accounting.sh
│ ├── audit_system_accounts.sh
│ ├── audit_system_auth.sh
│ ├── audit_system_auth_account_reset.sh
│ ├── audit_system_auth_no_magic_root.sh
│ ├── audit_system_auth_nullok.sh
│ ├── audit_system_auth_unlock_time.sh
│ ├── audit_system_auth_use_uid.sh
│ └── audit_system_integrity.sh
├── aix/
│ ├── audit_i4ls.sh
│ └── audit_writesrv.sh
├── apache/
│ └── audit_apache.sh
├── audit/
│ └── audit_auditd.sh
├── aws/
│ ├── compute/
│ │ ├── audit_aws_ec2.sh
│ │ ├── audit_aws_elb.sh
│ │ ├── audit_aws_es.sh
│ │ ├── audit_aws_rec_ec2.sh
│ │ ├── audit_aws_rec_elb.sh
│ │ ├── audit_aws_rec_es.sh
│ │ └── audit_aws_ses.sh
│ ├── config/
│ │ ├── audit_aws_cf.sh
│ │ ├── audit_aws_config.sh
│ │ └── audit_aws_support_role.sh
│ ├── database/
│ │ ├── audit_aws_ec.sh
│ │ ├── audit_aws_rds.sh
│ │ ├── audit_aws_rec_dynamodb.sh
│ │ ├── audit_aws_rec_ec.sh
│ │ ├── audit_aws_rec_rds.sh
│ │ ├── audit_aws_rec_redshift.sh
│ │ └── audit_aws_redshift.sh
│ ├── logging/
│ │ ├── audit_aws_inspector.sh
│ │ ├── audit_aws_logging.sh
│ │ ├── audit_aws_monitoring.sh
│ │ ├── audit_aws_rec_inspector.sh
│ │ ├── audit_aws_rec_monitoring.sh
│ │ └── audit_aws_sns.sh
│ ├── network/
│ │ ├── audit_aws_dns.sh
│ │ ├── audit_aws_rec_vpcs.sh
│ │ └── audit_aws_vpcs.sh
│ ├── security/
│ │ ├── audit_aws_access_keys.sh
│ │ ├── audit_aws_certs.sh
│ │ ├── audit_aws_creds.sh
│ │ ├── audit_aws_iam.sh
│ │ ├── audit_aws_keys.sh
│ │ ├── audit_aws_mfa.sh
│ │ ├── audit_aws_password_policy.sh
│ │ └── audit_aws_sgs.sh
│ └── storage/
│ ├── audit_aws_cdn.sh
│ └── audit_aws_s3.sh
├── azure/
│ ├── compute/
│ │ ├── batch/
│ │ │ └── audit_azure_batch.sh
│ │ ├── container/
│ │ │ └── audit_azure_container_instances.sh
│ │ ├── cycle/
│ │ │ └── audit_azure_cycle_cloud.sh
│ │ ├── function/
│ │ │ ├── apps/
│ │ │ │ ├── audit_azure_function_app_basic_authentication_publishing_credentials.sh
│ │ │ │ ├── audit_azure_function_app_client_certificates.sh
│ │ │ │ ├── audit_azure_function_app_cross_origin_resource_sharing.sh
│ │ │ │ ├── audit_azure_function_app_ftp_states.sh
│ │ │ │ ├── audit_azure_function_app_http_values.sh
│ │ │ │ ├── audit_azure_function_app_java_versions.sh
│ │ │ │ ├── audit_azure_function_app_managed_identities.sh
│ │ │ │ ├── audit_azure_function_app_public_network_access.sh
│ │ │ │ ├── audit_azure_function_app_python_versions.sh
│ │ │ │ ├── audit_azure_function_app_remote_debugging.sh
│ │ │ │ ├── audit_azure_function_app_service_authentication.sh
│ │ │ │ ├── audit_azure_function_app_tls_values.sh
│ │ │ │ ├── audit_azure_function_app_virtual_network_integration.sh
│ │ │ │ └── audit_azure_function_apps.sh
│ │ │ └── slots/
│ │ │ ├── audit_azure_function_deployment_slots.sh
│ │ │ ├── audit_azure_function_deployment_slots_basic_authentication_publishing_credentials.sh
│ │ │ ├── audit_azure_function_deployment_slots_client_certificates.sh
│ │ │ ├── audit_azure_function_deployment_slots_cross_origin_resource_sharing.sh
│ │ │ ├── audit_azure_function_deployment_slots_ftp_states.sh
│ │ │ ├── audit_azure_function_deployment_slots_http_values.sh
│ │ │ ├── audit_azure_function_deployment_slots_java_versions.sh
│ │ │ ├── audit_azure_function_deployment_slots_managed_identities.sh
│ │ │ ├── audit_azure_function_deployment_slots_private_endpoints.sh
│ │ │ ├── audit_azure_function_deployment_slots_public_network_access.sh
│ │ │ ├── audit_azure_function_deployment_slots_python_versions.sh
│ │ │ ├── audit_azure_function_deployment_slots_remote_debugging.sh
│ │ │ ├── audit_azure_function_deployment_slots_tls_values.sh
│ │ │ └── audit_azure_function_deployment_slots_virtual_network_integration.sh
│ │ ├── main/
│ │ │ └── audit_azure_compute_services.sh
│ │ ├── vm/
│ │ │ └── audit_azure_vms.sh
│ │ └── webapp/
│ │ ├── apps/
│ │ │ ├── audit_azure_app_service_apps.sh
│ │ │ ├── audit_azure_app_service_ases.sh
│ │ │ ├── audit_azure_app_service_authentication.sh
│ │ │ ├── audit_azure_app_service_basic_authentication_publishing_credential_values.sh
│ │ │ ├── audit_azure_app_service_client_certificates.sh
│ │ │ ├── audit_azure_app_service_cross_origin_resource_sharing.sh
│ │ │ ├── audit_azure_app_service_ftp_states.sh
│ │ │ ├── audit_azure_app_service_http_logs.sh
│ │ │ ├── audit_azure_app_service_http_values.sh
│ │ │ ├── audit_azure_app_service_java_versions.sh
│ │ │ ├── audit_azure_app_service_managed_identies.sh
│ │ │ ├── audit_azure_app_service_php_versions.sh
│ │ │ ├── audit_azure_app_service_plans.sh
│ │ │ ├── audit_azure_app_service_private_dns_zones.sh
│ │ │ ├── audit_azure_app_service_private_endpoints.sh
│ │ │ ├── audit_azure_app_service_public_network_access.sh
│ │ │ ├── audit_azure_app_service_python_versions.sh
│ │ │ ├── audit_azure_app_service_remote_debugging.sh
│ │ │ ├── audit_azure_app_service_tls_values.sh
│ │ │ ├── audit_azure_app_service_virtual_network_integration.sh
│ │ │ └── audit_azure_app_service_vnets.sh
│ │ └── slots/
│ │ ├── audit_azure_app_service_deployment_slots.sh
│ │ ├── audit_azure_app_service_deployment_slots_basic_authentication_publishing_credentials.sh
│ │ ├── audit_azure_app_service_deployment_slots_client_certificates.sh
│ │ ├── audit_azure_app_service_deployment_slots_cross_origin_resource_sharing.sh
│ │ ├── audit_azure_app_service_deployment_slots_ftp_states.sh
│ │ ├── audit_azure_app_service_deployment_slots_http_values.sh
│ │ ├── audit_azure_app_service_deployment_slots_java_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_managed_identities.sh
│ │ ├── audit_azure_app_service_deployment_slots_php_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_private_endpoints.sh
│ │ ├── audit_azure_app_service_deployment_slots_public_network_access.sh
│ │ ├── audit_azure_app_service_deployment_slots_python_versions.sh
│ │ ├── audit_azure_app_service_deployment_slots_remote_debugging.sh
│ │ ├── audit_azure_app_service_deployment_slots_tls_values.sh
│ │ └── audit_azure_app_service_deployment_slots_virtual_network_integration.sh
│ ├── database/
│ │ ├── audit_azure_cosmos_db.sh
│ │ ├── audit_azure_mysql_db.sh
│ │ ├── audit_azure_postgresql_db.sh
│ │ ├── audit_azure_redis_cache.sh
│ │ └── audit_azure_sql_db.sh
│ ├── logging/
│ │ ├── audit_azure_activity_log_alerts.sh
│ │ ├── audit_azure_activity_logs_cmk.sh
│ │ ├── audit_azure_application_insights.sh
│ │ ├── audit_azure_diagnostic_setting_categories.sh
│ │ ├── audit_azure_entra_diagnostic_settings.sh
│ │ ├── audit_azure_graph_diagnostic_settings.sh
│ │ ├── audit_azure_intune_logs.sh
│ │ ├── audit_azure_logging_and_monitoring.sh
│ │ ├── audit_azure_resource_logging.sh
│ │ └── audit_azure_subscription_diagnostic_settings.sh
│ ├── main/
│ │ ├── audit_azure_custom_subscription_admin_roles.sh
│ │ ├── audit_azure_extensions.sh
│ │ ├── audit_azure_sku_basic_consumption.sh
│ │ ├── audit_azure_subscription_owners.sh
│ │ └── audit_azure_survey.sh
│ ├── network/
│ │ ├── audit_azure_network_private_endpoints.sh
│ │ ├── audit_azure_network_security_perimeter.sh
│ │ ├── audit_azure_network_watcher.sh
│ │ ├── audit_azure_network_watcher_flow_logs.sh
│ │ ├── audit_azure_networking_services.sh
│ │ ├── audit_azure_public_ips.sh
│ │ ├── audit_azure_virtual_network_flow_logs.sh
│ │ └── audit_azure_vnets.sh
│ ├── security/
│ │ ├── audit_azure_authentication_type.sh
│ │ ├── audit_azure_guest_users.sh
│ │ ├── audit_azure_identity_services.sh
│ │ ├── audit_azure_locks.sh
│ │ ├── audit_azure_microsoft_defender.sh
│ │ ├── audit_azure_nsg_flow_logs.sh
│ │ ├── audit_azure_nsg_security_rules.sh
│ │ ├── audit_azure_security_contacts.sh
│ │ ├── audit_azure_security_services.sh
│ │ ├── audit_azure_user_access_admin_role.sh
│ │ ├── audit_azure_waf.sh
│ │ ├── audit_azure_waf_inspection_policy.sh
│ │ └── audit_azure_waf_ssl_policy.sh
│ ├── storage/
│ │ ├── audit_azure_blob_storage.sh
│ │ ├── audit_azure_data_factory.sh
│ │ ├── audit_azure_database_services.sh
│ │ ├── audit_azure_databox.sh
│ │ ├── audit_azure_databricks.sh
│ │ ├── audit_azure_elastic_san.sh
│ │ ├── audit_azure_file_shares.sh
│ │ ├── audit_azure_managed_lustre.sh
│ │ ├── audit_azure_netapp_files.sh
│ │ ├── audit_azure_storage_account_locks.sh
│ │ ├── audit_azure_storage_accounts.sh
│ │ ├── audit_azure_storage_logging.sh
│ │ └── audit_azure_storage_services.sh
│ └── vaults/
│ ├── audit_azure_backup_vaults.sh
│ ├── audit_azure_key_vault_certificates.sh
│ ├── audit_azure_key_vault_keys.sh
│ ├── audit_azure_key_vault_logging.sh
│ ├── audit_azure_key_vault_private_endpoints.sh
│ ├── audit_azure_key_vault_public_network_access.sh
│ ├── audit_azure_key_vault_purge_protection.sh
│ ├── audit_azure_key_vault_rbac.sh
│ ├── audit_azure_key_vault_secrets.sh
│ └── audit_azure_recovery_services_vaults.sh
├── bluetooth/
│ └── audit_bluetooth.sh
├── boot/
│ ├── audit_boot_server.sh
│ ├── audit_bootparams.sh
│ └── audit_grub_security.sh
├── core/
│ ├── audit_core_dumps.sh
│ ├── audit_core_limit.sh
│ └── audit_core_storage.sh
├── cron/
│ ├── audit_cron.sh
│ ├── audit_cron_allow.sh
│ ├── audit_cron_logging.sh
│ └── audit_cron_perms.sh
├── darwin/
│ ├── audit_account_lockout.sh
│ ├── audit_account_switching.sh
│ ├── audit_ad_tracking.sh
│ ├── audit_air_drop.sh
│ ├── audit_air_play.sh
│ ├── audit_amfi.sh
│ ├── audit_apfs.sh
│ ├── audit_app_perms.sh
│ ├── audit_asl.sh
│ ├── audit_asset_cache.sh
│ ├── audit_auto_login.sh
│ ├── audit_auto_logout.sh
│ ├── audit_bonjour_advertising.sh
│ ├── audit_cd_sharing.sh
│ ├── audit_file_sharing.sh
│ ├── audit_file_vault.sh
│ ├── audit_gate_keeper.sh
│ ├── audit_guest_sharing.sh
│ ├── audit_icloud_drive.sh
│ ├── audit_infrared_remote.sh
│ ├── audit_internet_sharing.sh
│ ├── audit_java.sh
│ ├── audit_keychain_lock.sh
│ ├── audit_keychain_sync.sh
│ ├── audit_location_services.sh
│ ├── audit_lockdown.sh
│ ├── audit_media_sharing.sh
│ ├── audit_remote_apple_events.sh
│ ├── audit_safari_allow_popups.sh
│ ├── audit_safari_auto_fill.sh
│ ├── audit_safari_auto_run.sh
│ ├── audit_safari_history.sh
│ ├── audit_safari_javascript.sh
│ ├── audit_safari_show_statusbar.sh
│ ├── audit_safari_tracking.sh
│ ├── audit_safari_warn.sh
│ ├── audit_safe_downloads.sh
│ ├── audit_screen_corner.sh
│ ├── audit_screen_lock.sh
│ ├── audit_screen_sharing.sh
│ ├── audit_siri.sh
│ ├── audit_sleep.sh
│ ├── audit_software_update.sh
│ ├── audit_sys_suspend.sh
│ ├── audit_system_preferences.sh
│ ├── audit_time_machine.sh
│ ├── audit_touch_id.sh
│ ├── audit_universal_control.sh
│ ├── audit_usage_data.sh
│ ├── audit_wake_on_lan.sh
│ ├── audit_web_sharing.sh
│ └── audit_wireless.sh
├── dhcp/
│ ├── audit_dhcp_server.sh
│ ├── audit_dhcpcd.sh
│ ├── audit_dhcprd.sh
│ └── audit_dhcpsd.sh
├── dns/
│ ├── audit_dns_client.sh
│ └── audit_dns_server.sh
├── docker/
│ ├── audit_docker_daemon.sh
│ ├── audit_docker_logging.sh
│ ├── audit_docker_monitoring.sh
│ ├── audit_docker_network.sh
│ ├── audit_docker_security.sh
│ └── audit_docker_users.sh
├── esxi/
│ ├── audit_dcui.sh
│ ├── audit_dvfilter.sh
│ ├── audit_esxi_shell.sh
│ └── audit_mob.sh
├── firewall/
│ ├── audit_firewall_setting.sh
│ ├── audit_ipfilter.sh
│ ├── audit_ipfw.sh
│ ├── audit_ipsec.sh
│ ├── audit_iptables.sh
│ ├── audit_routing_daemons.sh
│ ├── audit_routing_params.sh
│ ├── audit_suse_firewall.sh
│ └── audit_ufw.sh
├── fs/
│ ├── audit_autofs.sh
│ ├── audit_file_extensions.sh
│ ├── audit_file_metadata.sh
│ ├── audit_file_perms.sh
│ ├── audit_hotplug.sh
│ ├── audit_nfs.sh
│ ├── audit_samba.sh
│ ├── audit_setup_file.sh
│ ├── audit_smbconf_perms.sh
│ ├── audit_sticky_bit.sh
│ ├── audit_suid_files.sh
│ ├── audit_unowned_files.sh
│ ├── audit_user_dotfiles.sh
│ ├── audit_user_netrc.sh
│ ├── audit_user_rhosts.sh
│ ├── audit_winbind.sh
│ └── audit_writable_files.sh
├── ftp/
│ ├── audit_ftp_banner.sh
│ ├── audit_ftp_client.sh
│ ├── audit_ftp_conf.sh
│ ├── audit_ftp_logging.sh
│ ├── audit_ftp_server.sh
│ ├── audit_ftp_umask.sh
│ ├── audit_ftp_users.sh
│ ├── audit_tftp_client.sh
│ └── audit_tftp_server.sh
├── full/
│ ├── full_audit_accounting_services.sh
│ ├── full_audit_disk_services.sh
│ ├── full_audit_file_services.sh
│ ├── full_audit_firewall_services.sh
│ ├── full_audit_ftp_services.sh
│ ├── full_audit_hardware_services.sh
│ ├── full_audit_kernel_services.sh
│ ├── full_audit_log_services.sh
│ ├── full_audit_mail_services.sh
│ ├── full_audit_naming_services.sh
│ ├── full_audit_network_services.sh
│ ├── full_audit_osx_services.sh
│ ├── full_audit_other_daemons.sh
│ ├── full_audit_other_services.sh
│ ├── full_audit_password_services.sh
│ ├── full_audit_power_services.sh
│ ├── full_audit_print_services.sh
│ ├── full_audit_routing_services.sh
│ ├── full_audit_shell_services.sh
│ ├── full_audit_update_services.sh
│ ├── full_audit_user_services.sh
│ ├── full_audit_virtualisation_services.sh
│ ├── full_audit_web_services.sh
│ ├── full_audit_windows_services.sh
│ └── full_audit_x11_services.sh
├── groups/
│ ├── audit_duplicate_groups.sh
│ ├── audit_group_fields.sh
│ ├── audit_groups_exist.sh
│ └── audit_root_primary_group.sh
├── gui/
│ ├── audit_font_server.sh
│ ├── audit_gdm_conf.sh
│ ├── audit_gnome_automount.sh
│ ├── audit_gnome_banner.sh
│ ├── audit_gnome_screen_lock.sh
│ ├── audit_kdm_config.sh
│ ├── audit_opengl.sh
│ └── audit_xwindows_server.sh
├── kerberos/
│ ├── audit_kerberos_tgt.sh
│ └── audit_krb5.sh
├── kernel/
│ ├── audit_kernel_modules.sh
│ └── audit_kernel_params.sh
├── kubernetes/
│ ├── audit_kubernetes_apiserver.sh
│ ├── audit_kubernetes_controller.sh
│ ├── audit_kubernetes_etcd.sh
│ ├── audit_kubernetes_kubelet.sh
│ ├── audit_kubernetes_perms.sh
│ └── audit_kubernetes_scheduler.sh
├── ldap/
│ ├── audit_ldap.sh
│ ├── audit_ldap_cache.sh
│ └── audit_ldap_server.sh
├── linux/
│ ├── audit_aide.sh
│ ├── audit_apparmor.sh
│ ├── audit_apport.sh
│ ├── audit_avahi_conf.sh
│ ├── audit_avahi_server.sh
│ ├── audit_biosdevname.sh
│ ├── audit_execshield.sh
│ ├── audit_linux_logfiles.sh
│ ├── audit_modprobe_conf.sh
│ ├── audit_pae.sh
│ ├── audit_prelink.sh
│ ├── audit_ptrace_scope.sh
│ ├── audit_selinux.sh
│ ├── audit_sysctl.sh
│ ├── audit_virtual_memory.sh
│ ├── audit_xen.sh
│ ├── audit_xinetd.sh
│ ├── audit_xinetd_server.sh
│ └── audit_yum_conf.sh
├── login/
│ ├── audit_console_login.sh
│ ├── audit_failed_logins.sh
│ ├── audit_issue_banner.sh
│ ├── audit_login_delay.sh
│ ├── audit_login_details.sh
│ ├── audit_login_guest.sh
│ ├── audit_login_records.sh
│ ├── audit_login_root.sh
│ ├── audit_login_warning.sh
│ ├── audit_remote_login.sh
│ ├── audit_retry_limit.sh
│ ├── audit_security_banner.sh
│ ├── audit_serial_login.sh
│ ├── audit_sulogin.sh
│ └── audit_xlogin.sh
├── logs/
│ ├── audit_debug_logging.sh
│ ├── audit_inetd_logging.sh
│ ├── audit_logadm_value.sh
│ └── audit_logrotate.sh
├── mail/
│ ├── audit_email_daemons.sh
│ ├── audit_exim.sh
│ ├── audit_postfix_daemon.sh
│ ├── audit_sendmail_aliases.sh
│ ├── audit_sendmail_daemon.sh
│ └── audit_sendmail_greeting.sh
├── mounts/
│ ├── audit_mount_fdi.sh
│ ├── audit_mount_nodev.sh
│ ├── audit_mount_noexec.sh
│ └── audit_mount_setuid.sh
├── nis/
│ ├── audit_crypt_policy.sh
│ ├── audit_disk_encryption.sh
│ ├── audit_encryption_kit.sh
│ ├── audit_nis_client.sh
│ ├── audit_nis_entries.sh
│ ├── audit_nis_server.sh
│ └── audit_nisplus.sh
├── ntp/
│ └── audit_ntp.sh
├── pam/
│ ├── audit_pam_authtok.sh
│ ├── audit_pam_deny.sh
│ ├── audit_pam_gdm_autologin.sh
│ ├── audit_pam_rhosts.sh
│ └── audit_rsa_securid_pam.sh
├── password/
│ ├── audit_pass_req.sh
│ ├── audit_passwd_perms.sh
│ ├── audit_password_expiry.sh
│ ├── audit_password_fields.sh
│ ├── audit_password_hashing.sh
│ ├── audit_password_hints.sh
│ ├── audit_password_history.sh
│ ├── audit_password_lock.sh
│ ├── audit_password_strength.sh
│ ├── audit_shadow_group.sh
│ ├── audit_smbpasswd_perms.sh
│ ├── audit_system_auth_password_hashing.sh
│ ├── audit_system_auth_password_history.sh
│ ├── audit_system_auth_password_policy.sh
│ └── audit_system_auth_password_strength.sh
├── power/
│ └── audit_power_management.sh
├── print/
│ ├── audit_cups.sh
│ ├── audit_ppd_cache.sh
│ ├── audit_print.sh
│ └── audit_printer_sharing.sh
├── remote/
│ ├── audit_remote_consoles.sh
│ ├── audit_remote_info.sh
│ ├── audit_remote_management.sh
│ ├── audit_remote_shell.sh
│ └── audit_vnc.sh
├── rpc/
│ ├── audit_nobody_rpc.sh
│ └── audit_rpc_bind.sh
├── rsh/
│ ├── audit_rsh_client.sh
│ └── audit_rsh_server.sh
├── security/
│ ├── audit_secure_empty_trash.sh
│ ├── audit_secure_keyboard_entry.sh
│ └── audit_secure_swap.sh
├── services/
│ ├── audit_inetd.sh
│ ├── audit_ipmi.sh
│ ├── audit_ipv6.sh
│ ├── audit_iscsi.sh
│ ├── audit_legacy.sh
│ ├── audit_other_daemons.sh
│ ├── audit_postgresql.sh
│ ├── audit_rarp.sh
│ ├── audit_snmp.sh
│ └── audit_unconfined_daemons.sh
├── ssh/
│ ├── audit_root_ssh_keys.sh
│ ├── audit_ssh_config.sh
│ ├── audit_ssh_forwarding.sh
│ └── audit_ssh_perms.sh
├── sudo/
│ ├── audit_sudo_authenticate.sh
│ ├── audit_sudo_logfile.sh
│ ├── audit_sudo_nopassword.sh
│ ├── audit_sudo_perms.sh
│ ├── audit_sudo_timeout.sh
│ ├── audit_sudo_timestamp.sh
│ ├── audit_sudo_usepty.sh
│ └── audit_wheel_sudo.sh
├── sunos/
│ ├── audit_apocd.sh
│ ├── audit_audit_class.sh
│ ├── audit_bpcd.sh
│ ├── audit_bpjava_msvc.sh
│ ├── audit_cde_banner.sh
│ ├── audit_cde_cal.sh
│ ├── audit_cde_print.sh
│ ├── audit_cde_screen_lock.sh
│ ├── audit_cde_spc.sh
│ ├── audit_cde_ttdb.sh
│ ├── audit_create_class.sh
│ ├── audit_dfstab.sh
│ ├── audit_echo.sh
│ ├── audit_eeprom_security.sh
│ ├── audit_extended_attributes.sh
│ ├── audit_gss.sh
│ ├── audit_ipadm_value.sh
│ ├── audit_keyserv.sh
│ ├── audit_labeld.sh
│ ├── audit_ncs.sh
│ ├── audit_ndd_value.sh
│ ├── audit_network_connections.sh
│ ├── audit_ocfserv.sh
│ ├── audit_online_documentation.sh
│ ├── audit_privilege_events.sh
│ ├── audit_service_tags.sh
│ ├── audit_slp.sh
│ ├── audit_solaris_auditing.sh
│ ├── audit_stack_protection.sh
│ ├── audit_svccfg_value.sh
│ ├── audit_svm.sh
│ ├── audit_svm_gui.sh
│ ├── audit_ticotsord.sh
│ ├── audit_tname.sh
│ ├── audit_tnd.sh
│ ├── audit_uucp.sh
│ ├── audit_vnetd.sh
│ ├── audit_volfs.sh
│ ├── audit_vopied.sh
│ ├── audit_wbem.sh
│ ├── audit_webconsole.sh
│ ├── audit_webmin.sh
│ ├── audit_wins.sh
│ └── audit_zones.sh
├── syslog/
│ ├── audit_syslog_auth.sh
│ ├── audit_syslog_conf.sh
│ ├── audit_syslog_perms.sh
│ └── audit_syslog_server.sh
├── talk/
│ ├── audit_talk_client.sh
│ └── audit_talk_server.sh
├── tcp/
│ ├── audit_tcp_strong_iss.sh
│ ├── audit_tcp_syn_cookie.sh
│ └── audit_tcp_wrappers.sh
├── telnet/
│ ├── audit_telnet_banner.sh
│ ├── audit_telnet_client.sh
│ └── audit_telnet_server.sh
├── users/
│ ├── audit_daemon_umask.sh
│ ├── audit_default_umask.sh
│ ├── audit_dot_files.sh
│ ├── audit_duplicate_ids.sh
│ ├── audit_duplicate_users.sh
│ ├── audit_forward_files.sh
│ ├── audit_home_ownership.sh
│ ├── audit_home_perms.sh
│ ├── audit_inactive_users.sh
│ ├── audit_mesgn.sh
│ ├── audit_netrc_files.sh
│ ├── audit_old_users.sh
│ ├── audit_reserved_ids.sh
│ ├── audit_rhosts_files.sh
│ ├── audit_root_access.sh
│ ├── audit_root_home.sh
│ ├── audit_root_path.sh
│ ├── audit_shell_timeout.sh
│ ├── audit_shells.sh
│ └── audit_super_users.sh
└── wheel/
├── audit_pam_wheel.sh
├── audit_wheel_group.sh
├── audit_wheel_su.sh
└── audit_wheel_users.sh
Condensed preview — 668 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (1,754K chars).
[
{
"path": "README.md",
"chars": 8847,
"preview": "\n\nLUNAR\n=====\n\nLockdown UNix Auditing a"
},
{
"path": "aws/account-creation-policy.json",
"chars": 191,
"preview": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"Service\": \"ec"
},
{
"path": "aws/iam-manager-policy.json",
"chars": 1581,
"preview": "{\n\t\"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:AddUserToGrou"
},
{
"path": "aws/iam-master-policy.json",
"chars": 1582,
"preview": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:CreateGroup\""
},
{
"path": "aws/server-access-logging.json",
"chars": 496,
"preview": "{\n \"LoggingEnabled\": {\n \"TargetBucket\": \"webapp-service-reports\",\n \"TargetPrefix\": \"access-logs/\",\n \"TargetGra"
},
{
"path": "changelog",
"chars": 124614,
"preview": "# Changes:\n# 0.0.0 Thursday, 25 October 2012 9:40:54 AM EST\n# Initial version\n# 0.0.1 Thursday, 1 November 2012 2:28:"
},
{
"path": "docker-compose.yml",
"chars": 259,
"preview": "version: '3'\nservices:\n test-shell:\n image: \"${OS_NAME}:${OS_VERSION}\"\n volumes:\n - \".:/lunar\"\n command: "
},
{
"path": "functions/aix/check_auditctl.sh",
"chars": 1877,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_auditctl\n#\n# Che"
},
{
"path": "functions/aix/check_chsec.sh",
"chars": 2628,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_chsec\n#\n# Functi"
},
{
"path": "functions/aix/check_chuser.sh",
"chars": 2728,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_chuser\n#\n# Funct"
},
{
"path": "functions/aix/check_itab.sh",
"chars": 3104,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC20"
},
{
"path": "functions/aix/check_lslpp.sh",
"chars": 404,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_lslpp\n#\n# Check "
},
{
"path": "functions/aix/check_no.sh",
"chars": 2354,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_no\n#\n# Function "
},
{
"path": "functions/aix/check_pwpolicy.sh",
"chars": 4011,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_pwpolicy\n#\n# Fun"
},
{
"path": "functions/aix/check_rctcp.sh",
"chars": 3731,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_rctcp\n#\n# Functi"
},
{
"path": "functions/aix/check_subserver.sh",
"chars": 3256,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_subserver\n#\n# Fu"
},
{
"path": "functions/aix/check_trust.sh",
"chars": 2442,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_trust\n#\n# Functi"
},
{
"path": "functions/aws/audit_aws.sh",
"chars": 1153,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# funct_audit_aws\n#\n# Au"
},
{
"path": "functions/aws/audit_aws_rec_all.sh",
"chars": 607,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# Audit AWS\n#\n# Run vari"
},
{
"path": "functions/aws/check_aws_open_port.sh",
"chars": 1734,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_aws_open_port\n#\n"
},
{
"path": "functions/aws/check_aws_password_policy.sh",
"chars": 1204,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_aws_password_pol"
},
{
"path": "functions/azure/compute/batch/check_azure_batch_pool_value.sh",
"chars": 1318,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_batch_pool"
},
{
"path": "functions/azure/compute/batch/check_azure_batch_value.sh",
"chars": 1553,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_batch_valu"
},
{
"path": "functions/azure/compute/container/check_azure_container_instance_value.sh",
"chars": 1784,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_container_"
},
{
"path": "functions/azure/compute/function/check_azure_function_app_value.sh",
"chars": 6791,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_function_a"
},
{
"path": "functions/azure/compute/function/check_azure_function_deployment_slot_value.sh",
"chars": 6965,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_function_d"
},
{
"path": "functions/azure/compute/vm/check_azure_vm_value.sh",
"chars": 1567,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_vm_value\n#"
},
{
"path": "functions/azure/compute/webapp/check_azure_app_service_app_value.sh",
"chars": 6452,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_app_servic"
},
{
"path": "functions/azure/compute/webapp/check_azure_app_service_ase_value.sh",
"chars": 2218,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_app_servic"
},
{
"path": "functions/azure/compute/webapp/check_azure_app_service_deployment_slot_value.sh",
"chars": 6935,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_app_servic"
},
{
"path": "functions/azure/compute/webapp/check_azure_app_service_plan_value.sh",
"chars": 2660,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_app_servic"
},
{
"path": "functions/azure/database/check_azure_cosmos_db_value.sh",
"chars": 2789,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_cosmos_db_"
},
{
"path": "functions/azure/database/check_azure_mysql_db_value.sh",
"chars": 3012,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_mysql_db_v"
},
{
"path": "functions/azure/database/check_azure_postgresql_db_value.sh",
"chars": 3075,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_postgresql"
},
{
"path": "functions/azure/database/check_azure_redis_cache_value.sh",
"chars": 2685,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_redis_cach"
},
{
"path": "functions/azure/database/check_azure_redis_enterprise_cache_value.sh",
"chars": 2833,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_redis_ente"
},
{
"path": "functions/azure/database/check_azure_sql_db_value.sh",
"chars": 2987,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_sql_db_val"
},
{
"path": "functions/azure/logging/check_azure_activity_log_alert_value.sh",
"chars": 1024,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_activity_l"
},
{
"path": "functions/azure/logging/check_azure_monitor_value.sh",
"chars": 2359,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_monitor_va"
},
{
"path": "functions/azure/logging/check_azure_monitoring_diagnostics_value.sh",
"chars": 1092,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2030\n# shellcheck disable=SC2031\n# shellcheck disable=SC20"
},
{
"path": "functions/azure/logging/check_azure_network_watcher_flow_log_value.sh",
"chars": 1268,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_network_wa"
},
{
"path": "functions/azure/logging/check_azure_network_watcher_value.sh",
"chars": 981,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_network_wa"
},
{
"path": "functions/azure/logging/check_azure_storage_logging_value.sh",
"chars": 2100,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_lo"
},
{
"path": "functions/azure/network/check_azure_network_private_endpoint_value.sh",
"chars": 2383,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_network_pr"
},
{
"path": "functions/azure/network/check_azure_public_ip_value.sh",
"chars": 1498,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_public_ip_"
},
{
"path": "functions/azure/network/check_azure_vnet_value.sh",
"chars": 1771,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_vnet_value"
},
{
"path": "functions/azure/other/audit_azure.sh",
"chars": 760,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_all\n#\n# Au"
},
{
"path": "functions/azure/security/check_azure_basic_authentication_publishing_credential_value.sh",
"chars": 3662,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_basic_auth"
},
{
"path": "functions/azure/security/check_azure_lock_value.sh",
"chars": 1664,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_lock_value"
},
{
"path": "functions/azure/security/check_azure_microsoft_defender_value.sh",
"chars": 2772,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_microsoft_"
},
{
"path": "functions/azure/security/check_azure_network_security_perimeter_value.sh",
"chars": 1415,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_network_se"
},
{
"path": "functions/azure/security/check_azure_nsg_security_rule_value.sh",
"chars": 1670,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_nsg_securi"
},
{
"path": "functions/azure/security/check_azure_resource_manager_lock.sh",
"chars": 1590,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_resource_m"
},
{
"path": "functions/azure/security/check_azure_security_contact_value.sh",
"chars": 2072,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_security_c"
},
{
"path": "functions/azure/security/check_azure_security_setting.sh",
"chars": 1076,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_security_s"
},
{
"path": "functions/azure/security/check_azure_waf_value.sh",
"chars": 4567,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_waf_value\n"
},
{
"path": "functions/azure/storage/check_azure_backup_policy_value.sh",
"chars": 3173,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_backup_pol"
},
{
"path": "functions/azure/storage/check_azure_data_factory_value.sh",
"chars": 2866,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_data_facto"
},
{
"path": "functions/azure/storage/check_azure_databox_value.sh",
"chars": 1703,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_databox_va"
},
{
"path": "functions/azure/storage/check_azure_databricks_value.sh",
"chars": 2314,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_databricks"
},
{
"path": "functions/azure/storage/check_azure_elastic_san_value.sh",
"chars": 4143,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_elastic_sa"
},
{
"path": "functions/azure/storage/check_azure_file_share_value.sh",
"chars": 1981,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_file_share"
},
{
"path": "functions/azure/storage/check_azure_netapp_file_value.sh",
"chars": 2324,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_netapp_fil"
},
{
"path": "functions/azure/storage/check_azure_storage_account_container_value.sh",
"chars": 2757,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_ac"
},
{
"path": "functions/azure/storage/check_azure_storage_account_keys_rotation.sh",
"chars": 1906,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2086\n# shellcheck disable=SC21"
},
{
"path": "functions/azure/storage/check_azure_storage_account_value.sh",
"chars": 4872,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_ac"
},
{
"path": "functions/azure/storage/check_azure_storage_blob_policy_value.sh",
"chars": 2124,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_bl"
},
{
"path": "functions/azure/storage/check_azure_storage_blob_value.sh",
"chars": 2081,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_bl"
},
{
"path": "functions/azure/storage/check_azure_storage_container_value.sh",
"chars": 1923,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_co"
},
{
"path": "functions/azure/storage/check_azure_storage_fs_value.sh",
"chars": 1847,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_storage_fs"
},
{
"path": "functions/azure/vaults/check_azure_backup_vault_value.sh",
"chars": 3637,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_backup_vau"
},
{
"path": "functions/azure/vaults/check_azure_key_vault_key_value.sh",
"chars": 2297,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_key_vault_"
},
{
"path": "functions/azure/vaults/check_azure_key_vault_value.sh",
"chars": 4379,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_key_vault_"
},
{
"path": "functions/azure/vaults/check_azure_recovery_services_vault_value.sh",
"chars": 3832,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_azure_recovery_s"
},
{
"path": "functions/command/check_command_output.sh",
"chars": 3878,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_command_output\n#"
},
{
"path": "functions/command/check_command_value.sh",
"chars": 5036,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_command_value\n#\n"
},
{
"path": "functions/darwin/check_dscl.sh",
"chars": 2410,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_dscl\n#\n# Functio"
},
{
"path": "functions/darwin/check_launchctl_service.sh",
"chars": 2960,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_launchctl_servic"
},
{
"path": "functions/darwin/check_osx_defaults.sh",
"chars": 9209,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_osx_defaults\n#\n#"
},
{
"path": "functions/darwin/check_osx_systemsetup.sh",
"chars": 2645,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_osx_systemsetup\n"
},
{
"path": "functions/darwin/check_pmset.sh",
"chars": 2759,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_pmset\n#\n# Check "
},
{
"path": "functions/darwin/check_sysadminctl.sh",
"chars": 2700,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_sysadminctl\n#\n# "
},
{
"path": "functions/docker/audit_docker.sh",
"chars": 547,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_docker_all\n#\n# A"
},
{
"path": "functions/docker/check_dockerd.sh",
"chars": 9892,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC20"
},
{
"path": "functions/file/audit_search_fs.sh",
"chars": 1044,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_search_fs\n#\n# Au"
},
{
"path": "functions/file/audit_select.sh",
"chars": 1356,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# funct_audit_select\n#\n#"
},
{
"path": "functions/file/audit_test_subset.sh",
"chars": 226,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_test_subset\n#\n# "
},
{
"path": "functions/file/backup_file.sh",
"chars": 1231,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC2034\n# shellcheck disable=SC1090\n# shellcheck disable=SC2154\n\n# backup_file\n#\n# Backup"
},
{
"path": "functions/file/check_append_file.sh",
"chars": 2826,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_append_file\n#\n# "
},
{
"path": "functions/file/check_file_comment.sh",
"chars": 1684,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2012\n# shellcheck disable=SC2028\n# shellcheck disable=SC20"
},
{
"path": "functions/file/check_file_exists.sh",
"chars": 3034,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_file_exists\n#\n# "
},
{
"path": "functions/file/check_file_perms.sh",
"chars": 5325,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC20"
},
{
"path": "functions/file/check_file_value.sh",
"chars": 13678,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2046\n# shellcheck disable=SC20"
},
{
"path": "functions/file/disable_value.sh",
"chars": 2734,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# disable_value\n#\n# Code"
},
{
"path": "functions/file/replace_file_value.sh",
"chars": 2654,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# replace_file_value\n#\n#"
},
{
"path": "functions/file/restore_file.sh",
"chars": 2735,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# restore_file\n#\n# Resto"
},
{
"path": "functions/file/update_log_file.sh",
"chars": 517,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# update_log\n#\n# Update "
},
{
"path": "functions/kubernetes/audit_kubernetes.sh",
"chars": 572,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_kubernetes_all\n#"
},
{
"path": "functions/linux/check_ausearch.sh",
"chars": 2345,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_ausearch\n#\n# Che"
},
{
"path": "functions/linux/check_chkconfig_service.sh",
"chars": 4820,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_chkconfig_servic"
},
{
"path": "functions/linux/check_debian_package.sh",
"chars": 544,
"preview": "#!/bin/sh\n\n# -> Needs checking for install_check\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck d"
},
{
"path": "functions/linux/check_gsettings_value.sh",
"chars": 3375,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_gsettings_value\n"
},
{
"path": "functions/linux/check_linux_package.sh",
"chars": 6446,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_linux_package\n#\n"
},
{
"path": "functions/linux/check_linux_service.sh",
"chars": 950,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_linux_service\n#\n"
},
{
"path": "functions/linux/check_systemctl_service.sh",
"chars": 4697,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_systemctl_servic"
},
{
"path": "functions/linux/check_xinetd_service.sh",
"chars": 3102,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_xinetd_service\n#"
},
{
"path": "functions/packages/check_package.sh",
"chars": 381,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_package\n#\n# Chec"
},
{
"path": "functions/services/check_inetd_service.sh",
"chars": 1898,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC20"
},
{
"path": "functions/sunos/audit_system.sh",
"chars": 2231,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# funct_audit_system\n#\n#"
},
{
"path": "functions/sunos/audit_system_sparc.sh",
"chars": 270,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_sparc\n#\n#"
},
{
"path": "functions/sunos/audit_system_x86.sh",
"chars": 281,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_x86\n#\n# A"
},
{
"path": "functions/sunos/check_initd_service.sh",
"chars": 3406,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2010\n# shellcheck disable=SC2034\n# shellcheck disable=SC21"
},
{
"path": "functions/sunos/check_service.sh",
"chars": 779,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_service\n#\n# Serv"
},
{
"path": "functions/sunos/check_solaris_package.sh",
"chars": 2292,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# funct_check_pkg\n#\n# Ch"
},
{
"path": "functions/sunos/check_sunos_service.sh",
"chars": 1123,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_sunos_service\n#\n"
},
{
"path": "functions/sunos/check_svcadm_service.sh",
"chars": 2509,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_svcadm_service\n#"
},
{
"path": "functions/sunos/create_ndd_script.sh",
"chars": 7275,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC21"
},
{
"path": "lunar.sh",
"chars": 31055,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2029\n# shellcheck disable=SC2034\n# shellcheck disable=SC21"
},
{
"path": "main/check_environment.sh",
"chars": 5660,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n# shellcheck disable=SC30"
},
{
"path": "main/check_os_release.sh",
"chars": 8419,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# get_ubuntu_codename\n#\n"
},
{
"path": "main/check_shellcheck.sh",
"chars": 759,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# check_shellcheck\n# \n# "
},
{
"path": "main/get_info.sh",
"chars": 1199,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# get_service_name_from_"
},
{
"path": "main/print_info.sh",
"chars": 8681,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# print_version\n#\n# Prin"
},
{
"path": "modules/accounting/audit_filesystem_partitions.sh",
"chars": 1769,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_filesystem_parti"
},
{
"path": "modules/accounting/audit_kernel_accounting.sh",
"chars": 2615,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_kernel_accountin"
},
{
"path": "modules/accounting/audit_process_accounting.sh",
"chars": 1459,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_process_accounti"
},
{
"path": "modules/accounting/audit_sar_accounting.sh",
"chars": 2851,
"preview": "#!/bin/sh -\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_sar_accounting"
},
{
"path": "modules/accounting/audit_system_accounting.sh",
"chars": 17222,
"preview": "#!/bin/sh\n\n# -> Needs fixing\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2046\n# shel"
},
{
"path": "modules/accounting/audit_system_accounts.sh",
"chars": 2958,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC2034\n# shellcheck disable=SC1090\n# shellcheck disable=SC2154\n\n# audit_system_accounts\n"
},
{
"path": "modules/accounting/audit_system_auth.sh",
"chars": 4598,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth\n#\n# "
},
{
"path": "modules/accounting/audit_system_auth_account_reset.sh",
"chars": 2829,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth_acco"
},
{
"path": "modules/accounting/audit_system_auth_no_magic_root.sh",
"chars": 2358,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth_no_m"
},
{
"path": "modules/accounting/audit_system_auth_nullok.sh",
"chars": 1848,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth_null"
},
{
"path": "modules/accounting/audit_system_auth_unlock_time.sh",
"chars": 3130,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth_unlo"
},
{
"path": "modules/accounting/audit_system_auth_use_uid.sh",
"chars": 1845,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_auth_use_"
},
{
"path": "modules/accounting/audit_system_integrity.sh",
"chars": 1318,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_system_integrity"
},
{
"path": "modules/aix/audit_i4ls.sh",
"chars": 414,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_i4ls\n#\n# Check L"
},
{
"path": "modules/aix/audit_writesrv.sh",
"chars": 399,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_writesrv\n#\n# Ref"
},
{
"path": "modules/apache/audit_apache.sh",
"chars": 10438,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_apache\n#\n# Check"
},
{
"path": "modules/audit/audit_auditd.sh",
"chars": 7007,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_auditd\n#\n# Check"
},
{
"path": "modules/aws/compute/audit_aws_ec2.sh",
"chars": 3638,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_ec2\n#\n# Chec"
},
{
"path": "modules/aws/compute/audit_aws_elb.sh",
"chars": 3699,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_elb\n#\n# Chec"
},
{
"path": "modules/aws/compute/audit_aws_es.sh",
"chars": 1635,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_es\n#\n# Check"
},
{
"path": "modules/aws/compute/audit_aws_rec_ec2.sh",
"chars": 12479,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_ec2\n#\n# "
},
{
"path": "modules/aws/compute/audit_aws_rec_elb.sh",
"chars": 2910,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_elb\n#\n# "
},
{
"path": "modules/aws/compute/audit_aws_rec_es.sh",
"chars": 2638,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_es\n#\n# C"
},
{
"path": "modules/aws/compute/audit_aws_ses.sh",
"chars": 1162,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_ses\n#\n# Chec"
},
{
"path": "modules/aws/config/audit_aws_cf.sh",
"chars": 1868,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_cf\n#\n# Check"
},
{
"path": "modules/aws/config/audit_aws_config.sh",
"chars": 1006,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_config\n#\n# C"
},
{
"path": "modules/aws/config/audit_aws_support_role.sh",
"chars": 1298,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_support_role"
},
{
"path": "modules/aws/database/audit_aws_ec.sh",
"chars": 1303,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_ec\n#\n# Check"
},
{
"path": "modules/aws/database/audit_aws_rds.sh",
"chars": 5626,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rds\n#\n# Chec"
},
{
"path": "modules/aws/database/audit_aws_rec_dynamodb.sh",
"chars": 971,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_dynamodb"
},
{
"path": "modules/aws/database/audit_aws_rec_ec.sh",
"chars": 2238,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_ec\n#\n# C"
},
{
"path": "modules/aws/database/audit_aws_rec_rds.sh",
"chars": 4394,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_rds\n#\n# "
},
{
"path": "modules/aws/database/audit_aws_rec_redshift.sh",
"chars": 2146,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_redshift"
},
{
"path": "modules/aws/database/audit_aws_redshift.sh",
"chars": 5158,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_redshift\n#\n#"
},
{
"path": "modules/aws/logging/audit_aws_inspector.sh",
"chars": 2075,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_inspector\n#\n"
},
{
"path": "modules/aws/logging/audit_aws_logging.sh",
"chars": 8720,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_logging\n#\n# "
},
{
"path": "modules/aws/logging/audit_aws_monitoring.sh",
"chars": 14878,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_monitoring\n#"
},
{
"path": "modules/aws/logging/audit_aws_rec_inspector.sh",
"chars": 3035,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_inspecto"
},
{
"path": "modules/aws/logging/audit_aws_rec_monitoring.sh",
"chars": 2513,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_monitori"
},
{
"path": "modules/aws/logging/audit_aws_sns.sh",
"chars": 1474,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_sns\n#\n# Chec"
},
{
"path": "modules/aws/network/audit_aws_dns.sh",
"chars": 2929,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_dns\n#\n# Chec"
},
{
"path": "modules/aws/network/audit_aws_rec_vpcs.sh",
"chars": 2367,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_rec_vpcs\n#\n#"
},
{
"path": "modules/aws/network/audit_aws_vpcs.sh",
"chars": 4072,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_vpcs\n#\n# Che"
},
{
"path": "modules/aws/security/audit_aws_access_keys.sh",
"chars": 2176,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_access_keys\n"
},
{
"path": "modules/aws/security/audit_aws_certs.sh",
"chars": 1748,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_certs\n#\n# Ch"
},
{
"path": "modules/aws/security/audit_aws_creds.sh",
"chars": 7540,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_creds\n#\n# Ch"
},
{
"path": "modules/aws/security/audit_aws_iam.sh",
"chars": 4779,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_iam\n#\n# Chec"
},
{
"path": "modules/aws/security/audit_aws_keys.sh",
"chars": 2743,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_keys\n#\n# Che"
},
{
"path": "modules/aws/security/audit_aws_mfa.sh",
"chars": 2461,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_mfa\n#\n# Chec"
},
{
"path": "modules/aws/security/audit_aws_password_policy.sh",
"chars": 2402,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_password_pol"
},
{
"path": "modules/aws/security/audit_aws_sgs.sh",
"chars": 4110,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_sgs\n#\n# Chec"
},
{
"path": "modules/aws/storage/audit_aws_cdn.sh",
"chars": 2798,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_cdn\n#\n# Chec"
},
{
"path": "modules/aws/storage/audit_aws_s3.sh",
"chars": 2409,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_aws_s3\n#\n# Check"
},
{
"path": "modules/azure/compute/batch/audit_azure_batch.sh",
"chars": 3027,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_batch\n#\n# "
},
{
"path": "modules/azure/compute/container/audit_azure_container_instances.sh",
"chars": 1437,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_container_"
},
{
"path": "modules/azure/compute/cycle/audit_azure_cycle_cloud.sh",
"chars": 419,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_cycle_clou"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_basic_authentication_publishing_credentials.sh",
"chars": 1507,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_client_certificates.sh",
"chars": 1183,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_cross_origin_resource_sharing.sh",
"chars": 1231,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_ftp_states.sh",
"chars": 1106,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_http_values.sh",
"chars": 1294,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_java_versions.sh",
"chars": 1339,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_managed_identities.sh",
"chars": 1125,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_public_network_access.sh",
"chars": 1180,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_python_versions.sh",
"chars": 1081,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_remote_debugging.sh",
"chars": 1131,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_service_authentication.sh",
"chars": 1198,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_tls_values.sh",
"chars": 1515,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_app_virtual_network_integration.sh",
"chars": 2016,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/apps/audit_azure_function_apps.sh",
"chars": 3637,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_a"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots.sh",
"chars": 4429,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_basic_authentication_publishing_credentials.sh",
"chars": 2297,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_client_certificates.sh",
"chars": 1775,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_cross_origin_resource_sharing.sh",
"chars": 1823,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_ftp_states.sh",
"chars": 1708,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_http_values.sh",
"chars": 1953,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
},
{
"path": "modules/azure/compute/function/slots/audit_azure_function_deployment_slots_java_versions.sh",
"chars": 1998,
"preview": "#!/bin/sh\n\n# shellcheck disable=SC1090\n# shellcheck disable=SC2034\n# shellcheck disable=SC2154\n\n# audit_azure_function_d"
}
]
// ... and 468 more files (download for full content)
About this extraction
This page contains the full source code of the lateralblast/lunar GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 668 files (1.5 MB), approximately 480.1k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.