Created
February 12, 2018 02:33
-
-
Save anthonygrees/79bd8afd3e0871fee3dab3ab2048b307 to your computer and use it in GitHub Desktop.
Windows InSpec Default Tests
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # # encoding: utf-8 | |
| # Inspec test for recipe windows_kitchen::default | |
| # The Inspec reference, with examples and extensive documentation, can be | |
| # found at http://inspec.io/docs/reference/resources/ | |
| ## service example | |
| describe service('DHCP Client') do | |
| it { should be_installed } | |
| it { should be_running } | |
| end | |
| ## package example | |
| describe package('Oracle VM VirtualBox Guest Additions 5.1.2') do | |
| it { should be_installed } | |
| its('version') { should eq '5.1.2.0' } | |
| end | |
| describe package('telnetd') do | |
| it { should_not be_installed } | |
| end | |
| ## Windows Hotfix patches | |
| describe windows_hotfix('KB4012213') do | |
| it { should be_installed } | |
| end | |
| describe windows_hotfix('KB9999999') do | |
| it { should_not be_installed } | |
| end | |
| ## Looping example WannaCry Vulnerability Check | |
| hotfixes = %w{ KB4012598 KB4042895 KB4041693 KB4041691 KB4041690 KB4041689 KB4041681 KB4039396 KB4038803 KB4038801 KB4038799 KB4038797 KB4038792 KB4038783 KB4038782 KB4038781 KB4038777 KB4038774 KB4038220 KB4034681 KB4034670 KB4034668 KB4034665 KB4034664 KB4034663 KB4034661 KB4034660 KB4034659 KB4034658 KB4032695 KB4032693 KB4025344 KB4025341 KB4025340 KB4025339 KB4025338 KB4025336 KB4025335 KB4025334 KB4025332 KB4025331 KB4022724 KB4022723 KB4022722 KB4022721 KB4022720 KB4022719 KB4022718 KB4022717 KB4022168 KB4019474 KB4019473 KB4019472 KB4019265 KB4019264 KB4019263 KB4019218 KB4019217 KB4019216 KB4019215 KB4019214 KB4019213 KB4016637 KB4016636 KB4016635 KB4015554 KB4015553 KB4015552 KB4015551 KB4015550 KB4015549 KB4015221 KB4015219 KB4015217 KB4013429 KB4013198 KB4012606 KB4012220 KB4012219 KB4012218 KB4012217 KB4012216 KB4012215 KB4012214 KB4012213 KB4012212 } | |
| describe.one do | |
| hotfixes.each do |hotfix| | |
| describe windows_hotfix(hotfix) do | |
| it { should_not be_installed } | |
| end | |
| end | |
| end | |
| ## A file should exist | |
| describe file('C:/Windows/explorer.exe') do | |
| it { should exist } | |
| it { should be_file } | |
| end | |
| ## User examples | |
| describe user('Administrator') do | |
| it { should exist } | |
| end | |
| # look for all administrators: SID: S-1-5-21domain-500 | |
| describe users.where { uid =~ /S\-1\-5\-21\-\d+\-\d+\-\d+\-500/ } do | |
| it { should exist } | |
| end | |
| describe windows_task('\Microsoft\Windows\AppID\PolicyConverter') do | |
| it { should exist } | |
| it { should be_disabled } | |
| its('logon_mode') { should eq 'Interactive/Background' } | |
| its('last_result') { should cmp 1 } | |
| its('task_to_run') { should cmp '%Windir%\system32\appidpolicyconverter.exe' } | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment