├── .devcontainer └── devcontainer.json ├── .github ├── ISSUE_TEMPLATE │ ├── Bug_report.yaml │ ├── Feature_request.yaml │ └── config.yml └── workflows │ ├── pester.yml │ └── release.yml ├── .gitignore ├── .vscode ├── launch.json ├── settings.json └── tasks.json ├── LICENSE ├── README.md ├── images ├── Convert-SentinelARArmToYaml-Multiple.gif └── banner.png ├── src ├── SentinelARConverter.psd1 ├── SentinelARConverter.psm1 ├── private │ ├── Invoke-SortJSONObject.ps1 │ ├── Test-MITRETactic.ps1 │ └── Test-MITRETechnique.ps1 └── public │ ├── Convert-SentinelARArmToYaml.ps1 │ └── Convert-SentinelARYamlToArm.ps1 └── tests ├── Convert-SentinelARArmToYaml.tests.ps1 ├── Convert-SentinelARYamlToArm.tests.ps1 ├── Indented.ScriptAnalyzerRules ├── Indented.ScriptAnalyzerRules.psd1 ├── Indented.ScriptAnalyzerRules.psm1 ├── LICENSE └── public │ ├── helper │ ├── Get-FunctionInfo.ps1 │ ├── Invoke-CustomScriptAnalyzerRule.ps1 │ └── Resolve-ParameterSet.ps1 │ └── rules │ ├── AvoidCreatingObjectsFromAnEmptyString.ps1 │ ├── AvoidDashCharacters.ps1 │ ├── AvoidEmptyNamedBlocks.ps1 │ ├── AvoidFilter.ps1 │ ├── AvoidHelpMessage.ps1 │ ├── AvoidNestedFunctions.ps1 │ ├── AvoidNewObjectToCreatePSObject.ps1 │ ├── AvoidParameterAttributeDefaultValues.ps1 │ ├── AvoidProcessWithoutPipeline.ps1 │ ├── AvoidRedirectionOperator.ps1 │ ├── AvoidReturnAtEndOfNamedBlock.ps1 │ ├── AvoidSmartQuotes.ps1 │ ├── AvoidThrowOutsideOfTry.ps1 │ ├── AvoidWriteErrorStop.ps1 │ ├── AvoidWriteOutput.ps1 │ ├── UseExpressionlessArgumentsInTheParameterAttribute.ps1 │ └── UseSyntacticallyCorrectExamples.ps1 ├── ScriptAnalyzerSettings.psd1 └── examples ├── IncidentConfigurationMissing.yaml ├── MicrosoftSecurityIncidentCreation.json ├── NRT.json ├── NRT.yaml ├── Scheduled.json ├── Scheduled.yaml ├── ScheduledBadGuid.json ├── ScheduledBadGuid.yaml ├── ScheduledMultiple.json ├── ScheduledNRTMultiple.json ├── ScheduledParam.params.yaml ├── ScheduledParam.yaml ├── TTPWithTacticsNTechniques.json └── TTPWithTacticsNTechniques.yaml /.devcontainer/devcontainer.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.devcontainer/devcontainer.json -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Bug_report.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.github/ISSUE_TEMPLATE/Bug_report.yaml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Feature_request.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.github/ISSUE_TEMPLATE/Feature_request.yaml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: false -------------------------------------------------------------------------------- /.github/workflows/pester.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.github/workflows/pester.yml -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | publish 2 | testResults.xml -------------------------------------------------------------------------------- /.vscode/launch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.vscode/launch.json -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.vscode/settings.json -------------------------------------------------------------------------------- /.vscode/tasks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/.vscode/tasks.json -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/README.md -------------------------------------------------------------------------------- /images/Convert-SentinelARArmToYaml-Multiple.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/images/Convert-SentinelARArmToYaml-Multiple.gif -------------------------------------------------------------------------------- /images/banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/images/banner.png -------------------------------------------------------------------------------- /src/SentinelARConverter.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/SentinelARConverter.psd1 -------------------------------------------------------------------------------- /src/SentinelARConverter.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/SentinelARConverter.psm1 -------------------------------------------------------------------------------- /src/private/Invoke-SortJSONObject.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/private/Invoke-SortJSONObject.ps1 -------------------------------------------------------------------------------- /src/private/Test-MITRETactic.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/private/Test-MITRETactic.ps1 -------------------------------------------------------------------------------- /src/private/Test-MITRETechnique.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/private/Test-MITRETechnique.ps1 -------------------------------------------------------------------------------- /src/public/Convert-SentinelARArmToYaml.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/public/Convert-SentinelARArmToYaml.ps1 -------------------------------------------------------------------------------- /src/public/Convert-SentinelARYamlToArm.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/src/public/Convert-SentinelARYamlToArm.ps1 -------------------------------------------------------------------------------- /tests/Convert-SentinelARArmToYaml.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Convert-SentinelARArmToYaml.tests.ps1 -------------------------------------------------------------------------------- /tests/Convert-SentinelARYamlToArm.tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Convert-SentinelARYamlToArm.tests.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/Indented.ScriptAnalyzerRules.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/Indented.ScriptAnalyzerRules.psd1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/Indented.ScriptAnalyzerRules.psm1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/Indented.ScriptAnalyzerRules.psm1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/LICENSE -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/helper/Get-FunctionInfo.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/helper/Get-FunctionInfo.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/helper/Invoke-CustomScriptAnalyzerRule.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/helper/Invoke-CustomScriptAnalyzerRule.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/helper/Resolve-ParameterSet.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/helper/Resolve-ParameterSet.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidCreatingObjectsFromAnEmptyString.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidCreatingObjectsFromAnEmptyString.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidDashCharacters.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidDashCharacters.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidEmptyNamedBlocks.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidEmptyNamedBlocks.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidFilter.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidFilter.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidHelpMessage.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidHelpMessage.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidNestedFunctions.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidNestedFunctions.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidNewObjectToCreatePSObject.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidNewObjectToCreatePSObject.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidParameterAttributeDefaultValues.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidParameterAttributeDefaultValues.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidProcessWithoutPipeline.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidProcessWithoutPipeline.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidRedirectionOperator.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidRedirectionOperator.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidReturnAtEndOfNamedBlock.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidReturnAtEndOfNamedBlock.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidSmartQuotes.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidSmartQuotes.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidThrowOutsideOfTry.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidThrowOutsideOfTry.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidWriteErrorStop.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidWriteErrorStop.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/AvoidWriteOutput.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/AvoidWriteOutput.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/UseExpressionlessArgumentsInTheParameterAttribute.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/UseExpressionlessArgumentsInTheParameterAttribute.ps1 -------------------------------------------------------------------------------- /tests/Indented.ScriptAnalyzerRules/public/rules/UseSyntacticallyCorrectExamples.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/Indented.ScriptAnalyzerRules/public/rules/UseSyntacticallyCorrectExamples.ps1 -------------------------------------------------------------------------------- /tests/ScriptAnalyzerSettings.psd1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/ScriptAnalyzerSettings.psd1 -------------------------------------------------------------------------------- /tests/examples/IncidentConfigurationMissing.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/IncidentConfigurationMissing.yaml -------------------------------------------------------------------------------- /tests/examples/MicrosoftSecurityIncidentCreation.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/MicrosoftSecurityIncidentCreation.json -------------------------------------------------------------------------------- /tests/examples/NRT.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/NRT.json -------------------------------------------------------------------------------- /tests/examples/NRT.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/NRT.yaml -------------------------------------------------------------------------------- /tests/examples/Scheduled.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/Scheduled.json -------------------------------------------------------------------------------- /tests/examples/Scheduled.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/Scheduled.yaml -------------------------------------------------------------------------------- /tests/examples/ScheduledBadGuid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledBadGuid.json -------------------------------------------------------------------------------- /tests/examples/ScheduledBadGuid.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledBadGuid.yaml -------------------------------------------------------------------------------- /tests/examples/ScheduledMultiple.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledMultiple.json -------------------------------------------------------------------------------- /tests/examples/ScheduledNRTMultiple.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledNRTMultiple.json -------------------------------------------------------------------------------- /tests/examples/ScheduledParam.params.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledParam.params.yaml -------------------------------------------------------------------------------- /tests/examples/ScheduledParam.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/ScheduledParam.yaml -------------------------------------------------------------------------------- /tests/examples/TTPWithTacticsNTechniques.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/TTPWithTacticsNTechniques.json -------------------------------------------------------------------------------- /tests/examples/TTPWithTacticsNTechniques.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/f-bader/SentinelARConverter/HEAD/tests/examples/TTPWithTacticsNTechniques.yaml --------------------------------------------------------------------------------