Skip to content

FBPro Audit Test Automation Package allows you to create compliance reports for your systems. The resulting HTML-reports provide a transparent overview of your devices' security configuration compared to international security standards and hardening guides.

License

Notifications You must be signed in to change notification settings

fbprogmbh/Audit-Test-Automation

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Audit Test Automation Package

Powershell Gallery Direct download

ATAPAuditor:
atapauditorshield

ATAPHtmlReport:
ataphtmlreportshield

ATAP

Table of contents

Overview

The Audit Test Automation Package (AuditTAP or ATAP) offers a comprehensive overview of your systems' compliance with established hardening guidelines. This package includes a variety of industry standards and hardening guides authored by leading organizations (e.g., Microsoft, CIS, BSI), enabling a robust assessment of security adherence.

Generated HTML reports provide a transparent and detailed summary of compliance status for each relevant setting and configuration specified in the selected standards.

AuditTAP consists of the following PowerShell modules:

  • ATAPHtmlReport – generates comprehensive HTML compliance reports.
  • ATAPAuditor – audits configurations against established hardening guidelines.

Installation

There are several ways to install and use ATAP. Choose the method that best fits your environment:

  • Installation via PSGallery – Install ATAP directly from the PowerShell Gallery.
  • Manual installation – For systems without internet access, follow the manual installation steps. This option is useful for isolated environments, such as certain datacenter setups.
  • Installer option – Use our installer to install or update ATAP easily.

Prerequisites

Before proceeding with the installation, please ensure the following prerequisites are met:

Windows

  • PowerShell version 5.1 - To check your PowerShell version, run the following command:
$PSVersionTable.PSVersion
  • Administrative permissions on the system to be audited - Administrative permissions are required to query certain system information. Please note that the tool only generates a report and does not make any changes to the system.

Linux

A PowerShell installation is required for usage on Linux systems. The installation steps vary by Linux distribution and are documented here.

Installation from PS Gallery

Installing from the PowerShell Gallery is simple and straightforward. Run the following command:

Install-Module -Name ATAPAuditor

Note: Ensure you are running PowerShell with administrative privileges to install the module successfully.

Video tutorial for manual installation

We’ve created a brief video tutorial (approximately 3 minutes long) to illustrate the installation process.

  • First Part: A step-by-step guide for manual installation.
  • Second Part: Demonstration of installation via the PowerShell Gallery.

Use this video as a helpful resource to ensure a smooth installation!

See the Installing a PowerShell module guide for more specific instructions.

  1. Download the most recent release
  2. If your system's security configuration prevents direct execution or access to internet based ("untrusted") files, you may need to "unblock" the file first to allow execution.
Unblock-File -Path .\Audit-Test-Automation-5.10.1.zip -Verbose

The following screenshot shows the expected output:

grafik

  1. Extract the archive using PowerShell (adjust the version number as needed) or your preferred unzipping toolset.
Expand-Archive -Path ".\Audit-Test-Automation-5.10.1.zip" -DestinationPath "AuditTAP"
  1. Copy the ATAPAuditor and ATAPHtmlReport modules into one of the directories listed in $env:PSModulePath to make them accessible in PowerShell. Use the $env:PSModulePath command to view available directories.

Installer

Download the installer from the releases page. The installation wizard will guide you through the steps, including installing the necessary modules and creating a convenient Start menu shortcut.

Usage

Optionally, you can import ATAPAuditor module:

Import-Module -Name ATAPAuditor

By default the module creates a new report in Documents\ATAPReports folder. If you wish to specify a different output folder, you can use the -Path parameter.

A list of all available reports can be found in this table further down in this document. Just substitute ReportName with the name of the benchmark.

ATAP is only compatible with PowerShell 5.1. If you run it in a different PowerShell version, you will be prompted to open a PowerShell 5 console or stop the script. :exclamation:

Examples:

Save-ATAPHtmlReport -ReportName "Microsoft Windows 11 Stand-alone" -RiskScore -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 10" -RiskScore -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 11" -Path C:\Temp\report.html
Save-ATAPHtmlReport -ReportName "Microsoft Windows 10 BSI" -RiskScore -Path C:\Temp
Save-ATAPHtmlReport -ReportName "Microsoft Windows Server 2022" -Path C:\Temp
Save-ATAPHtmlReport -ReportName "Google Chrome"
Save-ATAPHtmlReport -ReportName "Ubuntu 20.04"

Pro-Tip: After typing Save-ATAPHtmlReport -ReportName, use the keyboard shortcut <ctrl> + <space> to display all available parameters. You can then select the desired report using the arrow keys. This feature is available once the module is imported.

The ATAPAuditor module also provides a simple menu-based runner for reports. It can be found in ATAPAuditor\Helpers\Menu.ps1. When using the Windows based installer, a shortcut can be found in the start menu.

How to Update

If you already have AuditTAP installed and want to update it, you can find detailed instructions in our Wiki, along with other useful and interesting information.

Reports

ATAPAuditor contains reports based on the following benchmarks including the version number. How to read the table below:

  • The entries in the DISA column specify the version of the DISA STIG that is used.
  • The entries in the CIS column specify the version of the CIS benchmark that is used.
  • The entries in the MS column specify the version of the Microsoft security baseline that is used.
  • The entries in the BSI column specify the version of the BSI benchmark that is used.
  • The entries in the ACSC column specify the version of the ACSC benchmark that is used.

We currently support the following reports, based on these topics:

Microsoft OS

Report DISA CIS Microsoft BSI ACSC
Microsoft Windows 7 - 3.1.0 - - -
Microsoft Windows 10 V1R23 2.0.0 21H1 SiSyPHuS 1.3 21H1
Microsoft Windows 10 GDPR - - 16082019 V1.1 -
Microsoft Windows 10 BSI - - - SiSyPHuS 1.3 -
Microsoft Windows 10 Stand-alone - Stand-alone 2.0.0 - SiSyPHuS 1.3 (Stand-alone) -
Microsoft Windows 11 Stand-alone - Stand-alone 2.0.0 - SiSyPHuS 1.3 (Stand-alone) -
Microsoft Windows 11 - 3.0.0 22H2 SiSyPHuS 1.3 -
Microsoft Windows Server 2012 2.19 2.6.0 - - -
Microsoft Windows Server 2016 1.12 2.0.0 FINAL - -
Microsoft Windows Server 2019 1.5 2.0.0 FINAL - -
Microsoft Windows Server 2022 V1R1 2.0.0 FINAL - -

The report Microsoft Windows 10 BSI aggregates the results of all BSI recommendations for Microsoft Windows 10 reports.

Unix OS

Report DISA CIS Microsoft BSI ACSC FB Pro
Debian 10 - - - - - Base
Debian 11 - 1.0.0 - - - -
Fedora 35 - - - - - Base
Red Hat Enterprise Linux 9 - 1.0.0 - - - -
SUSE Linux Enterprise 15 - 1.1.1 - - - -
Ubuntu 20.04 - 1.1.0 - - - -
Ubuntu 22.04 - 1.0.0 - - - -

Application

Report DISA CIS Microsoft BSI ACSC
Google Chrome V1R15 2.0.0 - - -
Mozilla Firefox V4R24 1.0.0 - - -
Microsoft Edge - 2.0.0 117 - -
Microsoft Internet Explorer 11 V1R16 1.0.0 2004 - -
Microsoft IIS10 - 1.1.1 - - -
Microsoft Office 2016 Excel V1R2 - - - -
Microsoft Office 2016 Outlook V1R2 - - - -
Microsoft Office 2016 PowerPoint V1R1 - - - -
Microsoft Office 2016 SkypeForBusiness V1R1 - - - -
Microsoft Office 2016 Word V1R1 - - - -
Microsoft Office 2016 V1R1, V1R2 1.1.0 - - -
Microsoft SQL Server 2016 - 1.3.0 - - -

The report Microsoft Office 2016 aggregates the results of all Microsoft Office 2016 <Product> reports.

Questions, issues or project support

Please check the FAQ-section first before opening an issue or contacting us.

  • For questions or issues regarding AuditTAP please use GitHub issue tracker.
  • For questions regarding project support please write a short mail to [email protected]

Related links

AuditTAP information

Hardening recommendations in general

About

FBPro Audit Test Automation Package allows you to create compliance reports for your systems. The resulting HTML-reports provide a transparent overview of your devices' security configuration compared to international security standards and hardening guides.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages