Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mhaggis/asrgen

ASR Configurator, Essentials and Atomic Testing
https://github.com/mhaggis/asrgen

asr attack-surface-reduction defender-for-endpoint windows

Last synced: 22 days ago
JSON representation

ASR Configurator, Essentials and Atomic Testing

Host: GitHub
URL: https://github.com/mhaggis/asrgen
Owner: MHaggis
License: apache-2.0
Created: 2023-11-16T02:15:22.000Z (12 months ago)
Default Branch: main
Last Pushed: 2024-08-23T03:25:53.000Z (3 months ago)
Last Synced: 2024-08-23T04:34:34.445Z (2 months ago)
Topics: asr, attack-surface-reduction, defender-for-endpoint, windows
Language: Python
Homepage:
Size: 1.11 MB
Stars: 32
Watchers: 2
Forks: 4
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# ASRGEN

> _now BETA_

Access ASRGEN here on https://asrgen.streamlit.app/

### Project Overview

This repository contains code and resources related to Attack Surface Reduction (ASR) rules in Windows Defender. The primary goal of this project is to provide a comprehensive understanding of ASR rules, their configuration, and their impact on system security.

### Disclaimer

The content in this repository is intended for research and educational purposes only. It should be used responsibly and ethically. Any scripts or code that simulate potentially harmful actions are provided for the purpose of understanding and mitigating security threats with ASR. They should only be run in a controlled, secure environment for testing or educational purposes.

### Getting Started

1. Clone the repository to your local machine.
2. Ensure you have the necessary dependencies installed. This project primarily uses Python and PowerShell.
3. Navigate through the codebase and familiarize yourself with the structure and content.

### Code Structure

The codebase is organized into several Python scripts. Here's a brief overview of some key files:

The project consists of the following key components:

- 1️⃣ ASR Configurator 🛠️: A tool for configuring ASR rules and generating the corresponding PowerShell commands. 📝

- 2️⃣ ASR Essentials 📚: A guide to the basics of ASR, including how to use ASR on the command line, how to list ASR rules, and how to understand ASR event codes. 🤓

- 3️⃣ ASR Atomic Testing 🧪: A collection of scripts for testing the effectiveness of ASR rules. 🔬

- 4️⃣ ASR PwSh Group Policy Generator 🛠️: A tool for generating Group Policy Objects (GPO) with PowerShell. 📝

- 5️⃣ ASR .pol File Reader 📖: A tool for reading and displaying the contents of GPO .pol files. 📝

- 6️⃣ `asr.ps1`: This PowerShell script provides a command-line interface for managing ASR rules.

### Contributing

We welcome contributions to this project. If you have a suggestion, bug report, or want to add to the codebase, please open an issue or submit a pull request.

### License

This project is licensed under the terms of the Apache license.