modularized

MHaggis · Nov 29, 2023 · 4cb6901 · 4cb6901
1 parent 4c9df8e
commit 4cb6901
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 35 deletions.
diff --git a/Attack_Surface_Reduction.py b/Attack_Surface_Reduction.py
@@ -1,6 +1,6 @@
 import streamlit as st
 from streamlit.components.v1 import html
-
+from asr import html_code
 
 
 # Set page title
@@ -38,8 +38,5 @@
 
 st.sidebar.image("assets/logo.png", width=300)
 
-html_code = """
-<iframe srcdoc="<script type='text/javascript' src='https://storage.ko-fi.com/cdn/widget/Widget_2.js'></script><script type='text/javascript'>kofiwidget2.init('Support Me on Ko-fi', '#29abe0', 'P5P61I35A');kofiwidget2.draw();</script>" width="100%" height="300" style="border:0" allowtransparency="true" loading="lazy"></iframe>
-"""
 st.sidebar.markdown(html_code, unsafe_allow_html=True)
 
diff --git a/asr.py b/asr.py
@@ -0,0 +1,24 @@
+asr_rules = {
+"Block abuse of exploited vulnerable signed drivers": "56A863A9-875E-4185-98A7-B882C64B5CE5",
+"Block Adobe Reader from creating child processes": "7674BA52-37EB-4A4F-A9A1-F0F9A1619A2C",
+"Block all Office applications from creating child processes": "D4F940AB-401B-4EFC-AADC-AD5F3C50688A",
+"Block credential stealing from the Windows local security authority subsystem (lsass.exe)": "9E6C4E1F-7D60-472F-BA1A-A39EF669E4B2",
+"Block executable content from email client and webmail": "BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550",
+"Block executable files from running unless they meet a prevalence, age, or trusted list criterion": "01443614-CD74-433A-B99E-2ECDC07BFC25",
+"Block execution of potentially obfuscated scripts": "5BEB7EFE-FD9A-4556-801D-275E5FFC04CC",
+"Block JavaScript or VBScript from launching downloaded executable content": "D3E037E1-3EB8-44C8-A917-57927947596D",
+"Block Office applications from creating executable content": "3B576869-A4EC-4529-8536-B80A7769E899",
+"Block Office applications from injecting code into other processes": "75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84",
+"Block Office communication application from creating child processes": "26190899-1602-49E8-8B27-EB1D0A1CE869",
+"Block persistence through WMI event subscription": "E6DB77E5-3DF2-4CF1-B95A-636979351E5B",
+"Block process creations originating from PSExec and WMI commands": "D1E49AAC-8F56-4280-B9BA-993A6D77406C",
+"Block untrusted and unsigned processes that run from USB": "B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4",
+"Block Win32 API calls from Office macros": "92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B",
+"Use advanced protection against ransomware": "C1DB55AB-C21A-4637-BB3F-A12568109D35",
+"Block Webshell creation for Servers": "A8F5898E-1DC8-49A9-9878-85004B8A61E6"
+}
+
+html_code = """
+<iframe srcdoc="<script type='text/javascript' src='https://storage.ko-fi.com/cdn/widget/Widget_2.js'></script><script type='text/javascript'>kofiwidget2.init('Support Me on Ko-fi', '#29abe0', 'P5P61I35A');kofiwidget2.draw();</script>" width="100%" height="50" style="border:0" allowtransparency="true" loading="lazy"></iframe>
+<iframe src="https://github.com/sponsors/MHaggis/button" title="Sponsor MHaggis" height="32" width="114" style="border: 0; border-radius: 6px;"></iframe>
+"""
diff --git a/pages/1_ASR_Configurator.py b/pages/1_ASR_Configurator.py
@@ -1,28 +1,9 @@
 import streamlit as st
 from streamlit.components.v1 import html
+from asr import asr_rules, html_code
 
 st.set_page_config(page_title="ASR Configurator", layout="wide")
 
-asr_rules = {
-    "Block abuse of exploited vulnerable signed drivers": "56A863A9-875E-4185-98A7-B882C64B5CE5",
-    "Block Adobe Reader from creating child processes": "7674BA52-37EB-4A4F-A9A1-F0F9A1619A2C",
-    "Block all Office applications from creating child processes": "D4F940AB-401B-4EFC-AADC-AD5F3C50688A",
-    "Block credential stealing from the Windows local security authority subsystem (lsass.exe)": "9E6C4E1F-7D60-472F-BA1A-A39EF669E4B2",
-    "Block executable content from email client and webmail": "BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550",
-    "Block executable files from running unless they meet a prevalence, age, or trusted list criterion": "01443614-CD74-433A-B99E-2ECDC07BFC25",
-    "Block execution of potentially obfuscated scripts": "5BEB7EFE-FD9A-4556-801D-275E5FFC04CC",
-    "Block JavaScript or VBScript from launching downloaded executable content": "D3E037E1-3EB8-44C8-A917-57927947596D",
-    "Block Office applications from creating executable content": "3B576869-A4EC-4529-8536-B80A7769E899",
-    "Block Office applications from injecting code into other processes": "75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84",
-    "Block Office communication application from creating child processes": "26190899-1602-49E8-8B27-EB1D0A1CE869",
-    "Block persistence through WMI event subscription": "E6DB77E5-3DF2-4CF1-B95A-636979351E5B",
-    "Block process creations originating from PSExec and WMI commands": "D1E49AAC-8F56-4280-B9BA-993A6D77406C",
-    "Block untrusted and unsigned processes that run from USB": "B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4",
-    "Block Win32 API calls from Office macros": "92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B",
-    "Use advanced protection against ransomware": "C1DB55AB-C21A-4637-BB3F-A12568109D35",
-    "Block Webshell creation for Servers": "A8F5898E-1DC8-49A9-9878-85004B8A61E6"
-}
-
 st.title("Attack Surface Configurator")
 st.markdown("This tool will help you configure the Attack Surface Reduction rules in Microsoft Defender for Endpoint.")
 user_inputs = {}
@@ -128,7 +109,4 @@
 
 st.sidebar.image("assets/logo.png", width=300)
 
-html_code = """
-<iframe srcdoc="<script type='text/javascript' src='https://storage.ko-fi.com/cdn/widget/Widget_2.js'></script><script type='text/javascript'>kofiwidget2.init('Support Me on Ko-fi', '#29abe0', 'P5P61I35A');kofiwidget2.draw();</script>" width="100%" height="300" style="border:0" allowtransparency="true" loading="lazy"></iframe>
-"""
 st.sidebar.markdown(html_code, unsafe_allow_html=True)
diff --git a/pages/2_ASR Essentials.py b/pages/2_ASR Essentials.py
@@ -2,7 +2,7 @@
 from streamlit.components.v1 import html
 from streamlit_js_eval import streamlit_js_eval
 from time import sleep
-
+from asr import html_code
 
 st.set_page_config(page_title="ASR Essentials", layout="wide")
 
@@ -420,7 +420,4 @@ def mermaid(code: str, font_size: int = 18) -> None:
 
 st.sidebar.image("assets/logo.png", width=300)
 
-html_code = """
-<iframe srcdoc="<script type='text/javascript' src='https://storage.ko-fi.com/cdn/widget/Widget_2.js'></script><script type='text/javascript'>kofiwidget2.init('Support Me on Ko-fi', '#29abe0', 'P5P61I35A');kofiwidget2.draw();</script>" width="100%" height="300" style="border:0" allowtransparency="true" loading="lazy"></iframe>
-"""
-st.sidebar.markdown(html_code, unsafe_allow_html=True)
+st.sidebar.markdown(html_code, unsafe_allow_html=True)
diff --git a/pages/3_ASR Atomic Testing.py b/pages/3_ASR Atomic Testing.py
@@ -1,5 +1,6 @@
 import streamlit as st
 from streamlit.components.v1 import html
+from asr import html_code
 
 st.set_page_config(page_title="ASR Atomic Testing", layout="wide")
 
@@ -468,7 +469,4 @@ def determine_file_extension(script):
 
 st.sidebar.image("assets/logo.png", width=300)
 
-html_code = """
-<iframe srcdoc="<script type='text/javascript' src='https://storage.ko-fi.com/cdn/widget/Widget_2.js'></script><script type='text/javascript'>kofiwidget2.init('Support Me on Ko-fi', '#29abe0', 'P5P61I35A');kofiwidget2.draw();</script>" width="100%" height="300" style="border:0" allowtransparency="true" loading="lazy"></iframe>
-"""
 st.sidebar.markdown(html_code, unsafe_allow_html=True)