Microsoft-Secure-Score-Assessment-Toolkit

2.3.0

Microsoft-Secure-Score-Assessment-Toolkit.psd1

                                #

# Module manifest for module 'Microsoft-Secure-Score-Assessment-Toolkit'

#

# Generated by: Mohammed Siddiqui

#

# Generated on: 2025-11-14

#

@{

# Script module or binary module file associated with this manifest.

RootModule = 'Microsoft-Secure-Score-Assessment-Toolkit.psm1'

# Version number of this module.

ModuleVersion = '2.3.0'

# Supported PSEditions

CompatiblePSEditions = @('Desktop', 'Core')

# ID used to uniquely identify this module

GUID = 'd61fcf0d-d7d1-4d29-a107-a8709c612d47'

# Author of this module

Author = 'Mohammed Siddiqui'

# Company or vendor of this module

CompanyName = 'Community'

# Copyright statement for this module

Copyright = '(c) 2025-present Mohammed Siddiqui. All rights reserved. MIT License.'

# Description of the functionality provided by this module

Description = 'A powerful PowerShell toolkit for assessing Microsoft 365 security posture through the Microsoft Secure Score API. Generate comprehensive, interactive HTML reports with 400+ security controls directly from Microsoft Graph API. Features include real-time data fetching, interactive filtering, floating action buttons, and direct links to configuration portals. Perfect for security assessments, compliance reporting, and continuous security monitoring.'

# Minimum version of the PowerShell engine required by this module

PowerShellVersion = '5.1'

# Name of the PowerShell host required by this module

# PowerShellHostName = ''

# Minimum version of the PowerShell host required by this module

# PowerShellHostVersion = ''

# Minimum version of Microsoft .NET Framework required by this module. This prerequisite is valid for the PowerShell Desktop edition only.

# DotNetFrameworkVersion = ''

# Minimum version of the common language runtime (CLR) required by this module. This prerequisite is valid for the PowerShell Desktop edition only.

# ClrVersion = ''

# Processor architecture (None, X86, Amd64) required by this module

# ProcessorArchitecture = ''

# Modules that must be imported into the global environment prior to importing this module

RequiredModules = @(

    @{ ModuleName = 'Microsoft.Graph.Authentication'; ModuleVersion = '2.28.0' },

    @{ ModuleName = 'Microsoft.Graph.Security'; ModuleVersion = '2.28.0' }

)

# Assemblies that must be loaded prior to importing this module

# RequiredAssemblies = @()

# Script files (.ps1) that are run in the caller's environment prior to importing this module.

# ScriptsToProcess = @()

# Type files (.ps1xml) to be loaded when importing this module

# TypesToProcess = @()

# Format files (.ps1xml) to be loaded when importing this module

# FormatsToProcess = @()

# Modules to import as nested modules of the module specified in RootModule/ModuleToProcess

# NestedModules = @()

# Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export.

FunctionsToExport = @(

    'Connect-MicrosoftSecureScore',

    'Disconnect-MicrosoftSecureScore',

    'Invoke-MicrosoftSecureScore',

    'Get-MicrosoftSecureScoreInfo'

)

# Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.

CmdletsToExport = @()

# Variables to export from this module

VariablesToExport = @()

# Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.

AliasesToExport = @()

# DSC resources to export from this module

# DscResourcesToExport = @()

# List of all modules packaged with this module

# ModuleList = @()

# List of all files packaged with this module

FileList = @(

    'Microsoft-Secure-Score-Assessment-Toolkit.psm1',

    'Microsoft-Secure-Score-Assessment-Toolkit.psd1',

    'powershellnerdlogo.png',

    'Core/GraphApiClient.ps1',

    'Core/Logger.ps1',

    'Core/Models.ps1',

    'Processors/ComplianceProcessor.ps1',

    'Processors/UrlProcessor.ps1',

    'Reports/HtmlReportGenerator.ps1',

    'Config/control-mappings.json',

    'Templates/report-modern-template.html'

)

# Private data to pass to the module specified in RootModule/ModuleToProcess. This may also contain a PSData hashtable with additional module metadata used by PowerShell.

PrivateData = @{

    PSData = @{

        # Tags applied to this module. These help with module discovery in online galleries.

        Tags = @('Microsoft365', 'M365', 'SecureScore', 'Security', 'Compliance', 'Audit', 'Assessment', 'Graph', 'GraphAPI', 'SecurityCompliance', 'SecurityAssessment', 'SecurityPosture', 'CyberSecurity', 'GRC', 'RiskManagement', 'SecurityControls', 'EntraID', 'AzureAD', 'Defender', 'Purview', 'Intune')

        # A URL to the license for this module.

        LicenseUri = 'https://github.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit/blob/main/LICENSE'

        # A URL to the main website for this project.

        ProjectUri = 'https://github.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit'

        # A URL to an icon representing this module.

        IconUri = 'https://raw.githubusercontent.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit/main/.github/icon.png'

        # ReleaseNotes of this module

        ReleaseNotes = @'

v2.3.0 Security Hardening, Performance Fixes, and Portal URL Modernization

BUG FIXES

- Fixed composable filter system: status + risk + search filters now work together

- Added "All" reset button to risk filter group

- Fixed progress bar counting excluded controls incorrectly

- Fixed Get-OrganizationInfo not handling array return from API

- Fixed 2 GitHub controls silently dropped due to non-HTTP ActionUrl validation

- Non-standard ActionUrls now fall back to portal keyword match instead of rejecting the control

PERFORMANCE

- Replaced string concatenation with StringBuilder in HTML report generation

- Replaced O(n*m) nested loop with O(1) hashtable lookup for URL mappings

- Async Google Fonts loading prevents render-blocking in offline environments

SECURITY

- Removed dangerous auto-install with -Force -AllowClobber (supply chain risk)

- Prevented sovereign cloud URLs from being rewritten to commercial domains

- Replaced empty catch block with diagnostic logging

PORTAL URL MODERNIZATION

- Migrated all compliance.microsoft.com URLs to purview.microsoft.com (retired late 2024)

- Added URL rewrite rule to auto-correct API-returned compliance.microsoft.com URLs

- Added 6 new control-to-portal URL mappings (71 total), eliminating all docs-only URLs

- Added "Purview" keyword to compliance fallback rule

MODULE QUALITY

- Declared RequiredModules in manifest (Microsoft.Graph SDK >= 2.28.0)

- Cross-platform paths via Join-Path throughout module loader

- Clean up all module state in Disconnect finally block

- Get-MicrosoftSecureScoreInfo returns PSCustomObject for programmatic access

- Force array context with @() on API collection returns

- Added -ErrorAction to all critical cmdlet calls

Full changelog at https://github.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit/blob/main/CHANGELOG.md

'@

        # Prerelease string of this module

        # Prerelease = ''

        # Flag to indicate whether the module requires explicit user acceptance for install/update/save

        RequireLicenseAcceptance = $false

        # External dependent modules of this module

        # ExternalModuleDependencies = @()

    } # End of PSData hashtable

} # End of PrivateData hashtable

# HelpInfo URI of this module

HelpInfoURI = 'https://github.com/mohammedsiddiqui6872/Microsoft-Secure-Score-Assessment-Toolkit/blob/main/README.md'

# Default prefix for commands exported from this module. Override the default prefix using Import-Module -Prefix.

# DefaultCommandPrefix = ''

}