-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDomainSecurityAuditor.psm1
More file actions
75 lines (66 loc) · 2.83 KB
/
DomainSecurityAuditor.psm1
File metadata and controls
75 lines (66 loc) · 2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<#
.SYNOPSIS
Domain Security Auditor module orchestrates domain and email security baseline validation.
.DESCRIPTION
DomainSecurityAuditor builds on DomainDetective and Pester with native PowerShell HTML rendering to collect DNS posture data, execute repeatable compliance tests, and emit machine-readable artifacts for CI/CD pipelines.
.REQUIRES
Modules: DomainDetective, Pester, PSScriptAnalyzer
.NOTES
Module: DomainSecurityAuditor
Author: Travis McDade
Date: 11/16/2025
Version: 0.2.0
Requestor: DomainSecurityAuditor Stakeholders
Purpose: Provide a structured baseline for automated domain and email security evidence collection.
Release Notes:
0.2.0 - 11/22/2025 - BREAKING: Rename entry point to Invoke-DomainSecurityAuditor and align report naming (timestamp after report name).
0.1.2 - 11/21/2025 - BREAKING: Default output writes summary by default; add -PassThru; capture DomainDetective warnings.
0.1.1 - 11/20/2025 - Added CSV and CLI classification overrides with validation.
0.1.0 - 11/16/2025 - Initial scaffolding with dependency enforcement and entry-point stub.
Resources:
- https://github.com/EvotecIT/DomainDetective
- https://github.com/pester/Pester
#>
Set-StrictMode -Version Latest
$ErrorActionPreference = 'Stop'
#region ModuleInitialization
$script:ModuleRoot = Split-Path -Parent $MyInvocation.MyCommand.Path
$script:ConfigRoot = Join-Path -Path $script:ModuleRoot -ChildPath 'Configs'
$script:DSAMinDkimKeyLength = 1024
$script:DSAConditionDefinitions = $null
$script:DSADomainDetectiveLoaded = $false
$script:DSAKnownReferenceLinks = @{}
#endregion ModuleInitialization
#region PrivateHelpers
$privatePath = Join-Path -Path $script:ModuleRoot -ChildPath 'Private'
if (Test-Path -Path $privatePath) {
$privateFiles = @(Get-ChildItem -Path $privatePath -Filter '*.ps1' -File | Sort-Object -Property Name)
$valueHelpers = @($privateFiles | Where-Object { $_.BaseName -eq 'DSA.ValueHelpers' })
$remaining = @($privateFiles | Where-Object { $_.BaseName -ne 'DSA.ValueHelpers' })
foreach ($file in $valueHelpers + $remaining) {
. $file.FullName
}
}
# Pre-warm condition definitions cache to avoid lazy initialization overhead during first domain run.
$null = Get-DSAConditionDefinitions
#endregion PrivateHelpers
#region PublicFunctions
$publicPath = Join-Path -Path $script:ModuleRoot -ChildPath 'Public'
$publicFunctions = @()
if (Test-Path -Path $publicPath) {
$publicFunctions = @(
Get-ChildItem -Path $publicPath -Filter '*.ps1' -File |
Sort-Object -Property Name |
ForEach-Object {
. $_.FullName
$_.BaseName
}
)
}
if ($publicFunctions.Count -gt 0) {
Export-ModuleMember -Function $publicFunctions
}
else {
Export-ModuleMember -Function @()
}
#endregion PublicFunctions