public/Get-NexposeVulnerabilityCheck.ps1
|
Function Get-NexposeVulnerabilityCheck { <# .SYNOPSIS Returns vulnerability checks. .DESCRIPTION Returns vulnerability checks. Optional search and filtering parameters may be supplied to refine the results. Searching allows full text search of the vulnerability details a check is related to. .PARAMETER Id The identifier of the category .PARAMETER Search Vulnerability search term to find vulnerability checks for .PARAMETER ShowSafeToRun Whether to return vulnerability checks that are considered "safe" to run. Defaults to return safe and unsafe checks .PARAMETER ShowPotential Whether to only return checks that result in potentially vulnerable results. Defaults to return all checks .PARAMETER ShowCredentialsRequired Whether to only return checks that require credentials in order to successfully execute. Defaults to return all checks .PARAMETER ShowUnique Whether to only return checks that guarantee to be executed once-and-only once on a host resulting in a unique result. False returns checks that can result in multiple occurrences of the same vulnerability on a host .PARAMETER Type The type of vulnerability checks to return. See "Get-NexposeVulnerabilityCheckType" for all available types .EXAMPLE Get-NexposeVulnerabilityCheck -Id '7-zip-cve-2008-6536-4_5_7' .EXAMPLE Get-NexposeVulnerabilityCheck -Type 'Microsoft hotfix' -Safe .EXAMPLE Get-NexposeVulnerabilityCheck -Search 'Linux' -ShowCredentialsRequired .NOTES For additional information please see my GitHub wiki page .FUNCTIONALITY GET: vulnerability_checks GET: vulnerability_checks/{id} .LINK https://github.com/My-Random-Thoughts/Rapid7Nexpose #> [CmdletBinding(DefaultParameterSetName = 'byId')] [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingPlainTextForPassword', 'ShowCredentialsRequired')] Param ( [Parameter(Mandatory = $true, ParameterSetName = 'byId')] [string]$Id, [Parameter(ParameterSetName = 'bySearch')] [string]$Search, [Parameter(ParameterSetName = 'bySearch')] [validateSet('All','True','False')] [string]$ShowSafeToRun = 'All', [Parameter(ParameterSetName = 'bySearch')] [validateSet('All','True','False')] [string]$ShowPotential = 'All', [Parameter(ParameterSetName = 'bySearch')] [validateSet('All','True','False')] [string]$ShowCredentialsRequired = 'All', [Parameter(ParameterSetName = 'bySearch')] [validateSet('All','True','False')] [string]$ShowUnique = 'All' ) DynamicParam { $dynParam = (New-Object -Type 'System.Management.Automation.RuntimeDefinedParameterDictionary') New-DynamicParameter -Dictionary $dynParam -Name 'Type' -Type 'string' -ParameterSetName 'bySearch' -ValidateSet @(Get-NexposeVulnerabilityCheckType) Return $dynParam } Begin { # Define variables for dynamic parameters [string]$Type = $($PSBoundParameters.Type) } Process { Switch ($PSCmdlet.ParameterSetName) { 'byId' { # We are not going to "Show All" as there are about 410,000 entries and growing Write-Output (Invoke-NexposeQuery -UrlFunction "vulnerability_checks/$Id" -RestMethod Get) } 'bySearch' { [hashtable]$apiQuery = @{} If ($ShowSafeToRun -ne 'All') { $apiQuery += @{ safe = $ShowSafeToRun }} If ($ShowPotential -ne 'All') { $apiQuery += @{ potential = $ShowPotential }} If ($ShowRequiresCredentials -ne 'All') { $apiQuery += @{ requiresCredentials = $ShowRequiresCredentials }} If ($ShowUnique -ne 'All') { $apiQuery += @{ unique = $ShowUnique }} If ([string]::IsNullOrEmpty($Search) -eq $false) { $apiQuery += @{ search = $search }} If ([string]::IsNullOrEmpty($Type) -eq $false) { $apiQuery += @{ type = $type }} Write-Output (Invoke-NexposeQuery -UrlFunction "vulnerability_checks/$Id" -ApiQuery $apiQuery -RestMethod Get) } } } End { } } |