v2023.11
November 2023: Sam Leads The Way
October 2023 was super-hectic for the Locksmith core team, so we decided to skip the October release.
That little break was so worth it because it gave @SamErde some time to finalize a new Locksmith feature: a -Scans parameter which can be used to specify exactly which misconfigurations Locksmith should search for. By default, all scan types will run, but if you want to search only for templates that match the definition of ESC1 and ESC3, try Invoke-Locksmith -Scans ESC1,ESC3!
Unsure which scan(s) you want to run? Try Invoke-Locksmith -Scans PromptMe! If you're running Windows Powershell or Powershell Core w/ Microsoft.PowerShell.ConsoleGuiTools installed, running Invoke-Locksmith -Scans PromptMe will give you a GridView window that you can use to select one or more scan types:
Powering the selection window is a dictionary class containing important info about each issue such as name, summary, links, finding code, and fixing code. As Locksmith moves forward, this dictionary will be a vital piece of improving Locksmith's usability.
Improvements:
- New command line parameter:
-Scanswith updated comment-based help explaining its use. - New dictionary containing information about all finding types identified by Locksmith
- Light refactoring results in a much quicker startup time.
- Added support for Editor Config so all developers are using similar VS Code setups.
Known Issues:
- In ESC4/ESC5 checks, when multiple ACEs exist on a PKI object, all ACEs are displayed. ESC4/ESC5 checks should emulate Effective Access in regular mode and list all ACEs in Verbose mode. (Thanks to Robert for bringing this to my attention in person at Blue Team Con!) Maybe next release, Robert!
