public WindowsDefenderDTO(WindowsDefenderSettings localSettings, WindowsDefenderSettings groupPolicySettings)
{
LocalSettings = localSettings;
GroupPolicySettings = groupPolicySettings;
}
void DisplayDefenderSettings(WindowsDefenderSettings settings)
{
var pathExclusions = settings.PathExclusions;
var processExclusions = settings.ProcessExclusions;
var extensionExclusions = settings.ExtensionExclusions;
var asrSettings = settings.AsrSettings;
if (pathExclusions.Count != 0)
{
WriteLine("\n Path Exclusions:");
foreach (var path in pathExclusions)
{
WriteLine($" {path}");
}
}
if (pathExclusions.Count != 0)
{
WriteLine("\n PolicyManagerPathExclusions:");
foreach (var path in pathExclusions)
{
WriteLine($" {path}");
}
}
if (processExclusions.Count != 0)
{
WriteLine("\n Process Exclusions");
foreach (var process in processExclusions)
{
WriteLine($" {process}");
}
}
if (extensionExclusions.Count != 0)
{
WriteLine("\n Extension Exclusions");
foreach (var ext in extensionExclusions)
{
WriteLine($" {ext}");
}
}
if (asrSettings.Enabled)
{
WriteLine("\n Attack Surface Reduction Rules:\n");
WriteLine($" {"State",-10} Rule\n");
foreach (var rule in asrSettings.Rules)
{
string state;
if (rule.State == 0)
{
state = "Disabled";
}
else if (rule.State == 1)
{
state = "Blocked";
}
else if (rule.State == 2)
{
state = "Audited";
}
else
{
state = $"{rule.State} - Unknown";
}
var asrRule = _AsrGuids.ContainsKey(rule.Rule.ToString())
? _AsrGuids[rule.Rule.ToString()]
: $"{rule.Rule} - Please report this";
WriteLine($" {state,-10} {asrRule}");
}
if (asrSettings.Exclusions.Count > 0)
{
WriteLine("\n ASR Exclusions:");
foreach (var exclusion in asrSettings.Exclusions)
{
WriteLine($" {exclusion}");
}
}
}
}