WindowsAttackSurfaceAnalyzer

0.4.0-rc1

WindowsAttackSurfaceAnalyzer.psd1

                                #

# Module manifest for module 'WindowsAttackSurfaceAnalyzer'

#

# Generated by: Igor Dunaev / NubleX

# Generated on: 2026-02-20

#

@{

# Script module or binary module file associated with this manifest

RootModule = 'WindowsAttackSurfaceAnalyzer.psm1'

# Version number of this module - keep in sync with the script version

ModuleVersion = '0.4.0'

# Supported PSEditions

CompatiblePSEditions = @('Desktop', 'Core')

# ID used to uniquely identify this module

GUID = 'a3f1c2d4-7e8b-4a9f-b2c3-d4e5f6a7b8c9'

# Author of this module

Author = 'Igor Dunaev'

# Company or vendor of this module

CompanyName = 'NubleX'

# Copyright statement for this module

Copyright = '(c) 2025-2026 Igor Dunaev / NubleX. All rights reserved.'

# Description of the functionality provided by this module

Description = 'Comprehensive Windows security posture analysis and attack surface assessment tool. Covers 23 security categories including hardware security (TPM/VBS/Secure Boot), BitLocker, Microsoft Defender ASR rules, exploit protection, privacy settings, network security, remote access, WSL, PowerShell security, authentication policy, scheduled tasks, and Windows 11-specific features. Generates HTML, JSON, and CSV reports. Designed for home users, IT professionals, and security researchers. Works on Windows 10 and all versions of Windows 11.'

# Minimum version of PowerShell required

PowerShellVersion = '5.1'

# Minimum version of the common language runtime (CLR) required

# ClrVersion = ''

# Processor architecture (None, X86, Amd64) required by this module

# ProcessorArchitecture = ''

# Modules that must be imported into the global environment prior to importing this module

# RequiredModules = @()

# Assemblies that must be loaded prior to importing this module

# RequiredAssemblies = @()

# Script files (.ps1) that are run in the caller's environment prior to importing this module

# ScriptsToProcess = @()

# Type files (.ps1xml) to be loaded when importing this module

# TypesToProcess = @()

# Format files (.ps1xml) to be loaded when importing this module

# FormatsToProcess = @()

# Functions to export from this module

FunctionsToExport = @('Invoke-WindowsAttackSurfaceAnalyzer')

# Cmdlets to export from this module

CmdletsToExport = @()

# Variables to export from this module

VariablesToExport = @()

# Aliases to export from this module

AliasesToExport = @('Invoke-WASA')

# Private data to pass to the module specified in RootModule

PrivateData = @{

    PSData = @{

        # Tags applied to this module for discoverability

        Tags = @(

            'Security',

            'Windows',

            'Windows10',

            'Windows11',

            'AttackSurface',

            'Hardening',

            'Assessment',

            'Defender',

            'BitLocker',

            'TPM',

            'VBS',

            'ASR',

            'PowerShell',

            'Audit',

            'Compliance',

            'CyberSecurity',

            'BlueTeam',

            'DFIR',

            'PSEdition_Desktop',

            'PSEdition_Core',

            'Windows'

        )

        # A URL to the license for this module

        LicenseUri = 'https://github.com/NubleX/Windows-Attack-Surface-Analyzer/blob/main/LICENSE'

        # A URL to the main website for this project

        ProjectUri = 'https://github.com/NubleX/Windows-Attack-Surface-Analyzer'

        # A URL to an icon representing this module

        IconUri = ''

        # ReleaseNotes for this version

        ReleaseNotes = @'

v0.4.0 (Release Candidate)

- Expanded to 23 security categories

- Added per-rule ASR breakdown with friendly names

- Added ASLR, SEHOP, CFG, Heap protection via Get-ProcessMitigation

- Added Privacy Settings: diagnostic data, advertising ID, camera/mic/location permissions

- Added Network Security: IPv6, DNS-over-HTTPS, Wi-Fi authentication type, Bluetooth, VPN

- Added Remote Access: RDP NLA, RDP port, Remote Assistance, WinRM

- Added WSL Security: version, installed distros, network mode

- Added Application Security: Edge SmartScreen, Enhanced Security Mode, browser/Adobe/Java versions

- Added Authentication Policy: autologon, cached credentials, lockout threshold, password policy

- Added System Hardening: driver signing, vulnerable drivers, hosts file tampering, password history

- Added Scheduled Tasks: non-Microsoft tasks, SYSTEM-running tasks, suspicious paths

- Added JSON export (-ExportJson), CSV export (-ExportCsv)

- GitHub Actions CI workflow included

- Graceful degradation on all new checks for Windows 10 and non-admin sessions

v0.3.0

- Extended Defender analysis: Application Guard, scan age, sample submission

- Exploit protection baseline checks

v0.2.0

- Hardware security: TPM, Secure Boot, VBS, HVCI, Credential Guard, Kernel DMA

- BitLocker per-drive with protector type

- Windows 11 features: Smart App Control, Windows Hello, Windows Recall

- PowerShell security: execution policy, script block logging, module logging, language mode

- Live progress bar and risk score

- Run-Analysis.bat launcher with auto-elevation

v0.1.0

- Initial release: 8 core categories (network, services, firewall, shares, features, startup, users, system)

'@

        # Prerelease string for this version (e.g. 'preview', 'rc1')

        Prerelease = 'rc1'

        # Flag to indicate whether the module requires explicit user acceptance for install/update

        RequireLicenseAcceptance = $false

        # External dependent modules of this module

        # ExternalModuleDependencies = @()

    }

}

# HelpInfo URI of this module

HelpInfoUri = 'https://github.com/NubleX/Windows-Attack-Surface-Analyzer/blob/main/README.md'

}