zaneGittins · April 29, 2021 20:27
diff --git a/ResponderSecurityCheck.ps1 b/ResponderSecurityCheck.ps1
 # Check SMB Signing
 function Get-SMBSigningStatus {
    [CmdletBinding()]
    $SMBSigning = (Get-ItemProperty "HKLM:\System\CurrentControlSet\Services\LanManWorkstation\Parameters" -Name RequireSecuritySignature).RequireSecuritySignature
    $Results = @()

    if($SMBSigning -eq 1) {
        return $true
    } else {
        return $false
    }
 }

 # Check LLMNR
 function Get-LLMNRStatus {
    [CmdletBinding()]
    $LLMNR = (Get-ItemProperty "HKLM:\Software\policies\Microsoft\Windows NT\DNSClient" -Name EnableMulticast).EnableMulticast

    if($LLMNR -eq 0) {
        return $true
    } else {
        return $false
    }
 }

 # Check NetBios
 function Get-NetBiosStatus {
    [CmdletBinding()]
    $NetBiosInterfaces = @()
    $regkey = "HKLM:SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces"
    Get-ChildItem $regkey |foreach { $NetBiosInterfaces += (Get-ItemProperty -Path "$regkey\$($_.pschildname)" -Name NetbiosOptions -Verbose)}

    $AllDisabled = $true
    foreach($Interface in $NetBiosInterfaces) {
        if($Interface.NetbiosOptions -ne 2) {
            $AllDisabled = $false
        }
    }

    if($AllDisabled -eq $true) {
        return $true
    } else {
        return $false
    }
 }

 $SMBSigning = Get-SMBSigningStatus
 $LLMNR = Get-LLMNRStatus
 $NetBios = Get-NetBiosStatus

 if($SMBSigning -eq $false) {
    Write-Host "SMB Signing is disabled."
 }

 if($LLMNR -eq $false) {
    Write-Host "LLMNR is enabled."
 }

 if($NetBios -eq $false) {
    Write-Host "NetBios is enabled."
 }

 if($SMBSigning -eq $true -and $LLMNR -eq $true -and $NetBios -eq $true) {
    Write-Host "Passed all security checks."
 }
	# Check SMB Signing
	function Get-SMBSigningStatus {
	[CmdletBinding()]
	$SMBSigning = (Get-ItemProperty "HKLM:\System\CurrentControlSet\Services\LanManWorkstation\Parameters" -Name RequireSecuritySignature).RequireSecuritySignature
	$Results = @()

	if($SMBSigning -eq 1) {
	return $true
	} else {
	return $false
	}
	}

	# Check LLMNR
	function Get-LLMNRStatus {
	[CmdletBinding()]
	$LLMNR = (Get-ItemProperty "HKLM:\Software\policies\Microsoft\Windows NT\DNSClient" -Name EnableMulticast).EnableMulticast

	if($LLMNR -eq 0) {
	return $true
	} else {
	return $false
	}
	}

	# Check NetBios
	function Get-NetBiosStatus {
	[CmdletBinding()]
	$NetBiosInterfaces = @()
	$regkey = "HKLM:SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces"
	Get-ChildItem $regkey \|foreach { $NetBiosInterfaces += (Get-ItemProperty -Path "$regkey\$($_.pschildname)" -Name NetbiosOptions -Verbose)}

	$AllDisabled = $true
	foreach($Interface in $NetBiosInterfaces) {
	if($Interface.NetbiosOptions -ne 2) {
	$AllDisabled = $false
	}
	}

	if($AllDisabled -eq $true) {
	return $true
	} else {
	return $false
	}
	}

	$SMBSigning = Get-SMBSigningStatus
	$LLMNR = Get-LLMNRStatus
	$NetBios = Get-NetBiosStatus

	if($SMBSigning -eq $false) {
	Write-Host "SMB Signing is disabled."
	}

	if($LLMNR -eq $false) {
	Write-Host "LLMNR is enabled."
	}

	if($NetBios -eq $false) {
	Write-Host "NetBios is enabled."
	}

	if($SMBSigning -eq $true -and $LLMNR -eq $true -and $NetBios -eq $true) {
	Write-Host "Passed all security checks."
	}