├── README.md └── SASv2.py /README.md: -------------------------------------------------------------------------------- 1 | # SecurityAuditScript 2 | My security audit script with a user friendly GUI, decreases time wasted on obtaining audit information and returns it into a textfile. It then opens the text file ready to be analysed. 3 | It was written and compiled in Python 3.10.5. 4 | Some features require admin priviledges. 5 | Some features added as a bonus that dont need to be there. 6 | Remember to change the names of AV and VPN. 7 | 8 | What it does: 9 | Checks for installed AV&VPN, 10 | User accounts for the device, 11 | Users with admin privileges, 12 | Remote connection apps, 13 | status of AV, sysinfo, running services, firewall settings for public profile, bitlocker status, 14 | Installed software list, 15 | AV scan (optional) 16 | 17 | 18 | You can use Nuitka to convert this into a portable .exe. I have this saved on my USB stick, ready for auditing. Remember to make a copy of the output for multiple 19 | devices, as the output.txt file will be overwritten everytime. 20 | Heres a guide I used to convert https://www.youtube.com/watch?v=YdZd7LolWm0 21 | 22 | -------------------------------------------------------------------------------- /SASv2.py: -------------------------------------------------------------------------------- 1 | import os 2 | import winapps 3 | import subprocess 4 | 5 | outputfile = 'output.txt' #output file 6 | 7 | #Labels and formats 8 | Start_label = '=== is new section,\n--- is new command in the section\n### is info type\n\n===============================================================================\n ############## AV&VPN ##############\n===============================================================================' 9 | Label_format = '===============================================================================\n ############## {} ##############\n===============================================================================\n' 10 | CMD_Break = '-------------------------------------------------------------------------------\n' 11 | 12 | #Label Variables 13 | Users = 'Users' 14 | RDP = 'Remote Connections' 15 | anydesk = 'Anydesk' 16 | TV = 'Team Viewer' 17 | AV = 'Anti Virus Status' 18 | FW = 'Firewall Status' 19 | Sinfo = 'System Info' 20 | IP = 'IP Config' 21 | BL = 'Bit Locker' 22 | SRV = 'Services' 23 | SFT = 'Software' 24 | AVname = 'AV Example' #Change the variable to your AV name 25 | VPN_NAME = 'VPN Example' #Change the variable to your VPN name 26 | 27 | 28 | #PowerShell Commands Variables 29 | NUCMD = 'net user' 30 | AdminCMD = 'net localgroup administrators' 31 | RDPCMD = 'get-service "remote desktop services" | select Displayname,Status,ServiceName,Can*' 32 | AVCMD = 'Get-MpComputerStatus' 33 | SinfoCMD = 'systeminfo' 34 | FWCMD = 'netsh advfirewall show Publicprofile' 35 | FWCMD2 = 'netsh advfirewall show privateprofile' 36 | IPCMD = 'ipconfig /all' 37 | BLCMD = 'manage-bde -status' 38 | SRVCMD = """Get-Service | Select StartType, Status, Name, DisplayName | Where-Object {$_.Status -eq 'Running'} | Format-Table -AutoSize""" 39 | 40 | 41 | 42 | #Label Format Function 43 | def formatlabel(variable): 44 | 45 | return Label_format.format(variable) 46 | 47 | 48 | 49 | #Write Function 50 | def write(text): 51 | with open(outputfile, 'a') as f: 52 | f.write(text) 53 | f.flush() 54 | 55 | #Software Search Function 56 | def search (name): 57 | search1 = list(winapps.search_installed(name)) 58 | if search1: 59 | write(f"\n {name} is installed\n") 60 | else: 61 | write(f"\n-----------------------------------\n|!!!!! {name} not found !!!!!|\n-----------------------------------\n") 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | #Run PowerShellCMD Function 70 | def run_PSCMD(input): 71 | 72 | test = subprocess.run(['powershell.exe',input], shell=True, stdout=subprocess.PIPE, text=True) 73 | 74 | write(test.stdout) 75 | 76 | #Installed Software Format Function 77 | def installed_software(): 78 | output = subprocess.run( 79 | ["powershell.exe", "-Command", 'wmic product get name'], 80 | shell = True, 81 | stdout = subprocess.PIPE, 82 | encoding = "UTF-8") 83 | # Split the output into lines 84 | lines = output.stdout.split("\n") 85 | # Write only the non-empty lines to the file 86 | for line in lines: 87 | if line.strip(): 88 | write(line + "\n") 89 | 90 | #The Script Main 91 | def main(): 92 | 93 | write(Start_label) 94 | 95 | search(AVname) 96 | search(VPN_NAME) 97 | 98 | write(formatlabel(Users)) 99 | 100 | run_PSCMD(NUCMD) 101 | 102 | write(CMD_Break) 103 | 104 | run_PSCMD(AdminCMD) 105 | 106 | 107 | write(formatlabel(RDP)) 108 | run_PSCMD(RDPCMD) 109 | write(CMD_Break) 110 | search(anydesk) 111 | write(CMD_Break) 112 | search(TV) 113 | 114 | write(formatlabel(AV)) 115 | run_PSCMD(AVCMD) 116 | 117 | write(formatlabel(Sinfo)) 118 | run_PSCMD(SinfoCMD) 119 | 120 | write(formatlabel(FW)) 121 | run_PSCMD(FWCMD) 122 | write(CMD_Break) 123 | run_PSCMD(FWCMD2) 124 | 125 | write(formatlabel(IP)) 126 | run_PSCMD(IPCMD) 127 | 128 | write(formatlabel(BL)) 129 | run_PSCMD(BLCMD) 130 | 131 | write(formatlabel(SRV)) 132 | run_PSCMD(SRVCMD) 133 | 134 | write(formatlabel(SFT)) 135 | installed_software() 136 | 137 | 138 | 139 | if __name__ == "__main__": 140 | main() 141 | 142 | 143 | # Star the file automatically 144 | os.startfile(outputfile) 145 | 146 | 147 | #FEATURE ENABLED BY DELETING '#' before the px, requires admin 148 | #p6 = subprocess.run('sfc /scannow', stdout=f, text=True) # System File Checker in case new drives needed 149 | #p7 = subprocess.call('powershell.exe Start-MpScan', shell=True, stdout=f, text=True) # start AV scan 150 | --------------------------------------------------------------------------------