PSSecRules

1.1.0

Security-focused custom PSScriptAnalyzer rules for PowerShell codebases (OWASP/CWE mapped).

Minimum PowerShell version

3.0

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PSSecRules

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name PSSecRules

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) PSSecRules Maintainers. All rights reserved.

Package Details

Author(s)

  • PSSecRules Maintainers

Tags

PSScriptAnalyzer PSSec CWE-259 CWE-798 CWE-89 CWE-22 CWE-79 CWE-502 CWE-326 CWE-327 CWE-328 CWE-611 CWE-613 CWE-776 CWE-918 CWE-117 CWE-90 CWE-209 CWE-643 CWE-601 CWE-15 CWE-1035 CWE-1352 CWE-1333 CWE-943 CWE-641 CWE-99 CWE-507 CWE-113 CWE-134 CWE-269 CWE-336 CWE-337 OWASP-6.3.1 OWASP-6.2.2 CWE-346 CWE-942 CWE-1391 CWE-521 CWE-377 CWE-379 CWE-1051 CWE-540 OWASP-A05 OWASP-A07 CWE-319 CWE-312 CWE-290

Functions

Measure-HardcodedCredential Measure-SqlInjection Measure-PathTraversal Measure-Xss Measure-InsecureDeserialization Measure-OldTlsProtocol Measure-OutdatedCrypto Measure-Xxe Measure-Xee Measure-SessionTimeout Measure-Ssrf Measure-LogInjection Measure-LdapInjection Measure-SensitiveErrorExposure Measure-XPathInjection Measure-OpenRedirect Measure-TaintedConfig Measure-VulnerablePackage Measure-ReDoS Measure-NoSqlInjection Measure-ZipSlip Measure-InvisibleCharacter Measure-CookieInjection Measure-ExternallyControlledFormatString Measure-ExcessiveFilePermission Measure-PredictableRandomSeed Measure-CustomCryptographicAlgorithm Measure-UnrestrictedPosixPermission Measure-InsecureCorsWildcardOrigin Measure-EmptyDbPassword Measure-NonAtomicTempFileCreation Measure-HardcodedIpAddress Measure-UnencryptedCommunicationChannel Measure-SensitiveCredentialPattern Measure-AuthenticationBypassSpoofing

Dependencies

Release Notes

1.0.0: Initial public release with custom PSScriptAnalyzer security rules covering OWASP/CWE scenarios including injection, traversal, crypto/TLS, XML, redirect, SSRF, logging, and format-string risks.

FileList

Version History

Version Downloads Last updated
1.1.0 (current version) 9 3/11/2026
1.0.0 7 3/5/2026