vms.psm1
|
function GetSecondTuesday([int]$month, [int]$year) { # Calculate the first day of the month $firstDay = Get-Date -Year $year -Month $month -Day 1 # Calculate the day of the week for the first day of the month $firstDayOfWeek = $firstDay.DayOfWeek # Calculate the number of days until the first Tuesday of the month $daysUntilTuesday = [int][System.DayOfWeek]::Tuesday - $firstDayOfWeek if ($daysUntilTuesday -lt 0) {$daysUntilTuesday += 7} # Add 7 days to get the second Tuesday of the month $secondTuesday = $firstDay.AddDays($daysUntilTuesday + 7) # Return the day of the month for the second Tuesday return $secondTuesday } Function Exposure_Score($exposure) { $score = 1 switch($exposure) { "internet-unrestricted" {$score = 4 ; break} "internal-unrestricted" {$score = 3 ; break} "vap" {$score = 3 ; break} "authentication-required" {$score = 2.5 ; break} "local-access-required" {$score = 2.5 ; break} "internal-restricted-hips" {$score = 2 ; break} "internal-restricted-hbfw" {$score = 2 ; break} "internal-restricted" {$score = 1.5 ; break} } return $score } Function Exploitability_Score($cvss) { if ($cvss -like '*(*') { $cvss_value = $cvss.substring(0,$cvss.indexOf('(')-1) $threat_label = $cvss.substring($cvss.indexOf('('),$cvss.indexOf(')')-$cvss.indexOf('(')+1) } else { $threat_label = "" } $score = 1 switch($threat_label) { "(ZERO DAY - WORMABLE)" {$score = 3 ; break} "(ZERO DAY - UNAUTHENTICATED)" {$score = 3 ; break} "(ZERO DAY - REMOTE CODE EXECUTION)" {$score = 3 ; break} "(ZERO DAY)" {$score = 3 ; break} "(CISA EXPLOITED)" {$score = 3 ; break} "(RANSOMWARE - WORMABLE)" {$score = 3 ; break} "(RANSOMWARE - UNAUTHENTICATED)" {$score = 3 ; break} "(RANSOMWARE - REMOTE CODE EXECUTION)" {$score = 3 ; break} "(RANSOMWARE)" {$score = 3 ; break} "(ACTIVE ATTACKS - WORMABLE)" {$score = 3 ; break} "(ACTIVE ATTACKS - UNAUTHENTICATED)" {$score = 3 ; break} "(ACTIVE ATTACKS - REMOTE CODE EXECUTION)" {$score = 3 ; break} "(ACTIVE ATTACKS)" {$score = 3 ; break} "(MALWARE - WORMABLE)" {$score = 3 ; break} "(MALWARE - UNAUTHENTICATED)" {$score = 3 ; break} "(MALWARE - REMOTE CODE EXECUTION)" {$score = 3 ; break} "(MALWARE)" {$score = 3 ; break} "(PUBLIC EXPLOIT - WORMABLE)" {$score = 2.5 ; break} "(PUBLIC EXPLOIT - UNAUTHENTICATED)" {$score = 2.5 ; break} "(PUBLIC EXPLOIT - REMOTE CODE EXECUTION)" {$score = 2.5 ; break} "(PUBLIC EXPLOIT)" {$score = 2.5 ; break} "(WEAK PASSWORD)" {$score = 3 ; break} "(END OF LIFE)" {$score = 1.5 ; break} "(REVISED)" {$score = 1.5 ; break} "" {$score = 1 ; break} } return $score } Function Criticality_Score($tier) { $score = 5 switch($tier) { "FIA (Sensitive)" {$score = 5 ; break} "Platinum (Sensitive)" {$score = 4 ; break} "Platinum (Internal)" {$score = 4 ; break} "Platinum (Public)" {$score = 4 ; break} "Gold (Sensitive)" {$score = 4 ; break} "Silver (Sensitive)" {$score = 4 ; break} "Bronze (Sensitive)" {$score = 4 ; break} "Gold (Internal)" {$score = 3 ; break} "Silver (Internal)" {$score = 3 ; break} "Bronze (Internal)" {$score = 3 ; break} } return $score } Export-ModuleMember -Function GetSecondTuesday Export-ModuleMember -Function Exposure_Score Export-ModuleMember -Function Exploitability_Score Export-ModuleMember -Function Criticality_Score |