creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit - 611 cybersecurity skills across all subdomains

Browse Source
This commit is contained in:
mukul975
2026-02-25 10:47:44 +01:00
commit 22a7ab1462
1765 changed files with 280648 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-disk-encryption-with-bitlocker/scripts/process.py
+176
View File
@@ -0,0 +1,176 @@
#!/usr/bin/env python3
"""
BitLocker Compliance Checker
Checks BitLocker encryption status across endpoints and generates
compliance reports for audit purposes.
"""
import json
import subprocess
import sys
import os
import csv
from datetime import datetime
def check_bitlocker_status() -> dict:
"""Check BitLocker status on local Windows endpoint."""
ps_cmd = """
$volumes = Get-BitLockerVolume
$results = @()
foreach ($vol in $volumes) {
$protectors = @()
foreach ($kp in $vol.KeyProtector) {
$protectors += @{
Type = $kp.KeyProtectorType.ToString()
Id = $kp.KeyProtectorId
}
}
$results += @{
MountPoint = $vol.MountPoint
VolumeStatus = $vol.VolumeStatus.ToString()
ProtectionStatus = $vol.ProtectionStatus.ToString()
EncryptionMethod = $vol.EncryptionMethod.ToString()
EncryptionPercentage = $vol.EncryptionPercentage
VolumeType = $vol.VolumeType.ToString()
KeyProtectors = $protectors
AutoUnlockEnabled = $vol.AutoUnlockEnabled
AutoUnlockKeyStored = $vol.AutoUnlockKeyStored
}
}
$tpm = Get-Tpm
@{
Hostname = $env:COMPUTERNAME
Volumes = $results
TPM = @{
Present = $tpm.TpmPresent
Ready = $tpm.TpmReady
Enabled = $tpm.TpmEnabled
Activated = $tpm.TpmActivated
}
} | ConvertTo-Json -Depth 4
"""
try:
result = subprocess.run(
["powershell", "-NoProfile", "-Command", ps_cmd],
capture_output=True, text=True, timeout=30,
)
if result.returncode == 0 and result.stdout.strip():
return json.loads(result.stdout)
return {"error": result.stderr or "Failed to check BitLocker status"}
except FileNotFoundError:
return {"error": "PowerShell not available (requires Windows)"}
except subprocess.TimeoutExpired:
return {"error": "Command timed out"}
except json.JSONDecodeError as e:
return {"error": f"Parse error: {e}"}
def assess_compliance(status: dict) -> dict:
"""Assess BitLocker compliance against security baseline."""
findings = {
"hostname": status.get("Hostname", "unknown"),
"overall_compliant": True,
"tpm_status": "compliant",
"volume_findings": [],
}
tpm = status.get("TPM", {})
if not tpm.get("Present") or not tpm.get("Ready"):
findings["tpm_status"] = "non-compliant"
findings["overall_compliant"] = False
for vol in status.get("Volumes", []):
vol_finding = {
"mount_point": vol["MountPoint"],
"compliant": True,
"issues": [],
}
if vol["VolumeStatus"] != "FullyEncrypted":
vol_finding["compliant"] = False
vol_finding["issues"].append(f"Not fully encrypted: {vol['VolumeStatus']}")
if vol["ProtectionStatus"] != "On":
vol_finding["compliant"] = False
vol_finding["issues"].append(f"Protection not enabled: {vol['ProtectionStatus']}")
if vol["EncryptionMethod"] not in ("XtsAes256", "XtsAes128"):
vol_finding["issues"].append(f"Weak encryption method: {vol['EncryptionMethod']}")
protector_types = [kp["Type"] for kp in vol.get("KeyProtectors", [])]
has_recovery = "RecoveryPassword" in protector_types or "NumericalPassword" in protector_types
if not has_recovery:
vol_finding["compliant"] = False
vol_finding["issues"].append("No recovery password protector configured")
has_tpm = any(t in protector_types for t in ["Tpm", "TpmPin", "TpmPinStartupKey"])
if vol["VolumeType"] == "OperatingSystem" and not has_tpm:
vol_finding["compliant"] = False
vol_finding["issues"].append("OS volume missing TPM protector")
if not vol_finding["compliant"]:
findings["overall_compliant"] = False
findings["volume_findings"].append(vol_finding)
return findings
def generate_report(status: dict, compliance: dict, output_path: str) -> None:
"""Generate BitLocker compliance report."""
report = {
"report_generated": datetime.utcnow().isoformat() + "Z",
"hostname": status.get("Hostname", "unknown"),
"overall_compliance": "COMPLIANT" if compliance["overall_compliant"] else "NON-COMPLIANT",
"tpm_status": compliance["tpm_status"],
"tpm_details": status.get("TPM", {}),
"volumes": [],
}
for vol, finding in zip(status.get("Volumes", []), compliance["volume_findings"]):
report["volumes"].append({
"mount_point": vol["MountPoint"],
"status": vol["VolumeStatus"],
"protection": vol["ProtectionStatus"],
"encryption_method": vol["EncryptionMethod"],
"encryption_percent": vol["EncryptionPercentage"],
"key_protectors": [kp["Type"] for kp in vol.get("KeyProtectors", [])],
"compliant": finding["compliant"],
"issues": finding["issues"],
})
with open(output_path, "w", encoding="utf-8") as f:
json.dump(report, f, indent=2)
if __name__ == "__main__":
output_dir = sys.argv[1] if len(sys.argv) > 1 else "."
print("Checking BitLocker status...")
status = check_bitlocker_status()
if "error" in status:
print(f"Error: {status['error']}")
print("This tool requires Windows with BitLocker support.")
sys.exit(1)
print("Assessing compliance...")
compliance = assess_compliance(status)
report_path = os.path.join(output_dir, "bitlocker_compliance.json")
generate_report(status, compliance, report_path)
print(f"Compliance report: {report_path}")
print(f"\n--- BitLocker Compliance ---")
print(f"Hostname: {compliance['hostname']}")
print(f"Overall: {'COMPLIANT' if compliance['overall_compliant'] else 'NON-COMPLIANT'}")
print(f"TPM: {compliance['tpm_status']}")
for vf in compliance["volume_findings"]:
status_icon = "PASS" if vf["compliant"] else "FAIL"
print(f"\n [{status_icon}] {vf['mount_point']}")
for issue in vf["issues"]:
print(f" - {issue}")