{"id":27629281,"url":"https://github.com/soyuz43/ftype-audit-safe","last_synced_at":"2026-04-25T21:34:07.230Z","repository":{"id":288319210,"uuid":"967628761","full_name":"soyuz43/ftype-audit-safe","owner":"soyuz43","description":"Safe PowerShell tool for auditing and repairing Windows file type associations with backup, dry-run, and signature support.","archived":false,"fork":false,"pushed_at":"2025-07-28T00:50:57.000Z","size":106,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-28T02:30:31.704Z","etag":null,"topics":["audit","automation","code-signing","file-association","infosec","powershell","registry","secure-scripting","windows"],"latest_commit_sha":null,"homepage":"https://soyuz43.github.io/ftype-audit-safe/","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/soyuz43.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"docs/roadmap.md","authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-16T18:44:02.000Z","updated_at":"2025-07-28T00:51:01.000Z","dependencies_parsed_at":"2025-06-04T03:21:27.332Z","dependency_job_id":"daf848c0-fd3f-4896-8478-9c4625211cad","html_url":"https://github.com/soyuz43/ftype-audit-safe","commit_stats":null,"previous_names":["soyuz43/ftype-audit-safe"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/soyuz43/ftype-audit-safe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soyuz43%2Fftype-audit-safe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soyuz43%2Fftype-audit-safe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soyuz43%2Fftype-audit-safe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soyuz43%2Fftype-audit-safe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/soyuz43","download_url":"https://codeload.github.com/soyuz43/ftype-audit-safe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soyuz43%2Fftype-audit-safe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32278249,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-25T18:29:39.964Z","status":"ssl_error","status_checked_at":"2026-04-25T18:29:32.149Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","automation","code-signing","file-association","infosec","powershell","registry","secure-scripting","windows"],"created_at":"2025-04-23T15:15:59.563Z","updated_at":"2026-04-25T21:34:07.219Z","avatar_url":"https://github.com/soyuz43.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 🔍 FtypeAudit — Safe File Association Analyzer\n\nFtypeAudit is a hardened, security-aware PowerShell utility for **auditing**, **explaining**, and **repairing** Windows file association conflicts. It maps the semantic layers of the registry (UserChoice, SystemDefault, MRUList) while enforcing safety-first principles with optional backup and dry-run modes.\n\n---\n\n##  Features\n\n- **Audit file type handlers** using a structured `SafeAssociationProfile` model\n- **Safe registry mutation** with dry-run simulation and optional `.reg` backup\n- **Explain mode** interprets conflicts in user vs. system behavior\n- **Literal mode** gives you raw technical diagnostic data\n- **Force mode** enables controlled registry repair (with backup or preview)\n\n---\n\n\n## 🛠 Usage\n\n### Basic Audit\n\n```powershell\n.\\ftype-audit.ps1 .json\n```\n\n\nDry Run (No Changes)\n```\n.\\ftype-audit.ps1 .txt -DryRun\n```\nBackup Before Repair\n```\n.\\ftype-audit.ps1 .docx -Backup -Clean\n```\nTechnical Report\n```\n.\\ftype-audit.ps1 .html -Literal\n```\nExplanation of Layers\n```\n.\\ftype-audit.ps1 .html -Explain\n```\n#### Parameters\n\n| Parameter           | Description                                                   |\n|---------------------|---------------------------------------------------------------|\n| `-Path`             | File or extension to analyze (e.g., `.txt`, `C:\\file.pdf`)    |\n| `-DryRun`           | Preview changes without writing to registry                   |\n| `-Backup`           | Create `.reg` backup before making any changes                |\n| `-BackupPath`       | Custom path for registry backup file                        |\n| `-Clean`            | Perform safe cleanup of file association entries              |\n| `-SkipConfirmation` | Skip interactive confirmation prompts (affects -Clean, -DryRun)|\n| `-Explain`          | Display analysis of file association conflicts                |\n| `-Literal`          | Output raw technical details only                             |\n| `-IsExtension`      | Treat input Path explicitly as an extension (bypass file-exists check) |\n| `-AuditPython`      | Run Python residue audit and exit                             |\n| `-Help`             | Show detailed help screen                                       |\n\n#### 🧾 **Example Output**\n\nWhen analyzing a file association using the `-Explain` flag, you'll see a human-readable summary:\n\n```plaintext\n[EXPLAINED VIEW: .TXT]\nTimestamp: 2025-06-24 12:45\n\nCORE STATUS:\n[+] Configuration Valid\n\nREGISTRY ANALYSIS:\nUser Choice:    txtfile\nSystem Default: txtfile\nValid Handlers: 1\nMRU Integrity:  Intact\n````\n\nFor raw technical data, use the `-Literal` flag:\n\n```plaintext\nAssociation Health Report: .txt\nCaptured at: 2025-06-24 12:45:21\n\n[Evidence]\n  @{State=BrokenHandlerPath; Message=Handler resolution failed: Code.exe}\n  @{State=CorruptMRUOrder; Message=MRU references invalid handlers: a,e,b}\n```\n\nTo preview repairs without modifying the registry, use `-DryRun`:\n\n```plaintext\n.txt    : [+]\n[\u003e] Simulated repair operations:\n    would fix: @{State=BrokenHandlerPath; Message=Handler resolution failed: Code.exe}\n    would fix: @{State=CorruptMRUOrder; Message=MRU references invalid handlers: a,e,b}\n```\n\u003e 🛑 Use `-Clean` to apply changes. Elevation required.\n\nNote: `-DryRun` flags MRU entries as they exist in the registry, whereas `-Explain` shows MRU integrity after resolving only valid handlers—so a corrupt raw MRU can appear fixed once invalid handlers are filtered out.\n\n\n\n\n\n#### 🔐 Security \u0026 Signing\n\nThis script supports safe execution in locked-down environments:\n\n    Complies with AllSigned policies if digitally signed\n\n    Use your enterprise code-signing certificate:\n```\n$cert = Get-ChildItem -Path Cert:\\CurrentUser\\My -CodeSigningCert\nSet-AuthenticodeSignature -FilePath .\\ftype-audit.ps1 -Certificate $cert\n```\n#### Module Packaging\n\nTo install as a reusable module:\n\n- Rename script to `FtypeAudit.psm1`\n\n    + Create a manifest:\n```\nNew-ModuleManifest -Path .\\FtypeAudit.psd1 `\n    -RootModule 'FtypeAudit.psm1' `\n    -FunctionsToExport '*' `\n    -Author 'Your Name' `\n    -Description 'Safe file association analyzer and repair tool'\n```\n- Import as needed:\n```\nImport-Module .\\FtypeAudit.psd1\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoyuz43%2Fftype-audit-safe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsoyuz43%2Fftype-audit-safe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoyuz43%2Fftype-audit-safe/lists"}