OptimusSharp.PSSecurity

1.0.0

OptimusSharp.PSSecurity.psm1

                                using namespace System

using namespace System.IO

using namespace System.Security.Cryptography

using namespace System.Collections.Immutable

Set-StrictMode -Version Latest

$env:POWERSHELL_TELEMETRY_OPTOUT = 'true'

#### # OptimusSharp.PSSecurity

####

#### ## Module loader for the OptimusSharp.PSSecurity security toolkit.

####

#### - Sets strict mode, opts out of telemetry, and fixes the hash-index policy at module scope.

#### - Dot-sources the Private helpers and Public functions, gates the Windows-only and Linux-only

#### - surfaces on the host platform, then exports the platform-appropriate public function set.

####

#### ### Output encoding ensures acurrate terminal character parsing

$script:OutputEncoding = [console]::InputEncoding = [console]::OutputEncoding = [System.Text.UTF8Encoding]::new()

#### ### Is Interfactive keeps the shell from executing interactive only functions, e.g. allow AI agents to execute the script normally

$script:IsInteractive = $Host.Name -eq 'ConsoleHost' -and $Host.UI -and $Host.UI.RawUI -and [Environment]::UserInteractive

#### ### Also check to ensure a console is actually attached.

$script:HasConsole = -not [Console]::IsInputRedirected -and -not [Console]::IsOutputRedirected

$script:HashIndexAlgorithm = 'SHA256'

#### ### These are the files we want to include when we builds a HashIndex

$script:HashIndexInclude = @('*.md', '*.ps1', '*.psm1', '*.cs', '*.psd1', '*.ts', '*.sql', '*.json', '*.csv', '*.zip', '*.js', '*.cshtml')

$script:HashIndexExclude = @('bin', 'obj', 'node_modules', '.git')

$here = $PSScriptRoot

#### > Cross-platform surface. Always loaded.

. (Join-Path $here 'Private' 'Integrity.ps1')

. (Join-Path $here 'Public' 'Integrity.ps1')

. (Join-Path $here 'Public' 'Encryption.ps1')

. (Join-Path $here 'Public' 'Random.ps1')

. (Join-Path $here 'Public' 'Backup.ps1')

. (Join-Path $here 'Public' 'Search.ps1')

$publicFunctions = @(

    'Get-Hash'

    'Get-SecureRandom32'

    'Protect-FileWithEncryption'

    'Unprotect-EncryptedFile'

    'Write-DirectoryHashes'

    'Backup-FileParallel'

    'Search-KeywordInFile'

)

#### > Windows-only surface. ACL inspection and repair, UAC policy, local-admin creation, Authenticode audit.

if ($IsWindows) {

    . (Join-Path $here 'Private' 'Admin.ps1')

    . (Join-Path $here 'Private' 'Acl.ps1')

    . (Join-Path $here 'Public' 'Acl.ps1')

    . (Join-Path $here 'Public' 'Uac.ps1')

    . (Join-Path $here 'Public' 'LocalUser.ps1')

    . (Join-Path $here 'Public' 'Signature.ps1')

    $publicFunctions += @(

        'Get-AclItem'

        'Show-AclItem'

        'Get-AclItemOwner'

        'Set-AclItemOwner'

        'Repair-AclItemOwnership'

        'Grant-AclItem'

        'Revoke-AclItem'

        'Copy-AclItem'

        'Set-AclItemInheritance'

        'Get-AclItemAccountUnknown'

        'Show-AclItemAccountUnknown'

        'Get-AclItemAccountAnomalies'

        'Remove-AclItemAccountUnknown'

        'Reset-AclItem'

        'Set-UacRequirePassword'

        'Set-UacConsentOnly'

        'Get-UacConfiguration'

        'New-LocalAdminUser'

        'Get-ApplicationSignatureAudit'

    )

}

Export-ModuleMember -Function $publicFunctions