Last active
November 27, 2020 05:54
-
-
Save dknell/4bbbb6d031fab3f2bae4fe4534f1f98b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "MACOS": { | |
| "osVersion": { | |
| "description": "What Operating System is running and what is it's version?", | |
| "query": "SELECT name, version, platform FROM os_version", | |
| "isArray": false | |
| }, | |
| "hwSerial": { | |
| "description": "What's the workstations serial number?", | |
| "query": "SELECT hardware_serial FROM system_info", | |
| "isArray": false | |
| }, | |
| "hddEncryptionStatus": { | |
| "description": "Is the hard drive encryption enabled on the workstation?", | |
| "query": "SELECT de.encrypted FROM mounts m JOIN disk_encryption de on de.name=m.device WHERE m.path ='/'", | |
| "isArray": false | |
| }, | |
| "fileVaultEnabled": { | |
| "description": "Is FileVault enabled on this Mac?", | |
| "command": "fdesetup status", | |
| "isArray": false | |
| }, | |
| "appList": { | |
| "description": "Return a list of ALL applications installed on the workstation", | |
| "query": "SELECT name, bundle_short_version, info_string FROM apps", | |
| "isArray": true | |
| }, | |
| "firewallStatus": { | |
| "description": "Is the software firewall enabled on the workstation?", | |
| "query": "SELECT global_state FROM alf", | |
| "isArray": false | |
| }, | |
| "passwordManager": [ | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Firefox", | |
| "query": "SELECT name FROM firefox_addons", | |
| "isArray": true | |
| }, | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Chrome", | |
| "query": "SELECT name FROM chrome_extensions", | |
| "isArray": true | |
| }, | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Apps", | |
| "query": "SELECT name FROM apps", | |
| "isArray": true | |
| } | |
| ], | |
| "macAddress": { | |
| "description": "What is the MAC Address of this machine?", | |
| "query": "SELECT mac FROM interface_details WHERE interface in (SELECT DISTINCT interface FROM interface_addresses WHERE interface in ('en0', 'en1')) LIMIT 1", | |
| "isArray": false | |
| }, | |
| "antivirus": { | |
| "description": "Is there an Antivirus application installed on this machine?", | |
| "query": "SELECT name FROM apps", | |
| "isArray": true | |
| }, | |
| "autoUpdateEnabled": { | |
| "description": "Is auto-update enabled on this machine?", | |
| "query": "SELECT * FROM plist WHERE path = '/Library/Preferences/com.apple.commerce.plist' AND key = 'AutoUpdate'", | |
| "isArray": false | |
| }, | |
| "gateKeeperEnabled": { | |
| "description": "Is Gatekeeper enabled on this Mac?", | |
| "query": "SELECT assessments_enabled FROM gatekeeper", | |
| "isArray": false | |
| }, | |
| "screenLockStatus": [ | |
| { | |
| "description": "Time for screen to lock", | |
| "query": "SELECT value FROM preferences WHERE domain='com.apple.screensaver' AND key='idleTime'", | |
| "isArray": false | |
| }, | |
| { | |
| "description": "Is screenlock enabled?", | |
| "query": "SELECT enabled, grace_period FROM screenlock", | |
| "isArray": false | |
| } | |
| ], | |
| "adminUsers": { | |
| "description": "List of users with administrative privileges", | |
| "query": "SELECT users.uid, users.username FROM user_groups INNER JOIN users ON user_groups.uid = users.uid WHERE user_groups.gid = 80", | |
| "isArray": true | |
| }, | |
| "processor": { | |
| "description": "Processor Information", | |
| "query": "SELECT cpu_type, cpu_brand FROM system_info", | |
| "isArray": false | |
| }, | |
| "memory": { | |
| "description": "Physical Memory (RAM)", | |
| "query": "SELECT physical_memory FROM system_info", | |
| "isArray": false | |
| }, | |
| "hddSize": { | |
| "description": "Hard Disk Storage Capacity in GB", | |
| "query": "SELECT round((blocks * blocks_size * 10e-10), 2) AS hddSize FROM mounts WHERE path='/'", | |
| "isArray": false | |
| } | |
| }, | |
| "WINDOWS": { | |
| "osVersion": { | |
| "description": "Which Operating System (OS) and which version is running?", | |
| "query": "SELECT name, version, platform FROM os_version", | |
| "isArray": false | |
| }, | |
| "hwSerial": { | |
| "description": "What's the workstations serial number?", | |
| "query": "SELECT hardware_serial FROM system_info", | |
| "isArray": false | |
| }, | |
| "hddEncryptionStatus": { | |
| "description": "Is hard drive encryption enabled on the workstation?", | |
| "query": "SELECT * from bitlocker_info", | |
| "isArray": true | |
| }, | |
| "appList": { | |
| "description": "Return a list of ALL applications installed on the workstation", | |
| "query": "SELECT name, version FROM programs", | |
| "isArray": true | |
| }, | |
| "firewallStatus": { | |
| "description": "Is the software firewall enabled on the workstation?", | |
| "query": "SELECT firewall FROM windows_security_center", | |
| "isArray": false | |
| }, | |
| "passwordManager": [ | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Firefox", | |
| "query": "SELECT name FROM firefox_addons", | |
| "isArray": true | |
| }, | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Chrome", | |
| "query": "SELECT name FROM chrome_extensions", | |
| "isArray": true | |
| }, | |
| { | |
| "description": "Is there a password manager application installed on the workstation? - Apps", | |
| "query": "SELECT name FROM programs", | |
| "isArray": true | |
| } | |
| ], | |
| "macAddress": { | |
| "description": "What is the MAC Address of this machine?", | |
| "query": "SELECT mac FROM interface_details WHERE physical_adapter=1", | |
| "isArray": false | |
| }, | |
| "antivirus": { | |
| "description": "Is there an Antivirus application installed on this machine?", | |
| "query": "SELECT name FROM programs", | |
| "isArray": true | |
| }, | |
| "autoUpdateEnabled": { | |
| "description": "Is auto-update enabled on this machine?", | |
| "query": "SELECT autoupdate FROM windows_security_center", | |
| "isArray": false | |
| }, | |
| "screenLockStatus": { | |
| "description": "Time for screen to lock", | |
| "command": "powercfg -attributes SUB_VIDEO VIDEOCONLOCK -ATTRIB_HIDE 2> NUL & powercfg /Q SCHEME_CURRENT SUB_VIDEO VIDEOCONLOCK 2> NUL && powercfg -attributes SUB_NONE CONSOLELOCK -ATTRIB_HIDE 2> NUL & powercfg /Q SCHEME_CURRENT SUB_NONE CONSOLELOCK 2> NUL", | |
| "isArray": false | |
| }, | |
| "adminUsers": { | |
| "description": "List of users with administrative privileges", | |
| "query": "SELECT u.username FROM users u JOIN user_groups ug ON ug.UID = u.UID JOIN groups g ON g.GID = ug.GID WHERE g.GROUPNAME = 'Administrators'", | |
| "isArray": true | |
| }, | |
| "processor": { | |
| "description": "Processor Information", | |
| "query": "SELECT cpu_type, cpu_brand FROM system_info", | |
| "isArray": false | |
| }, | |
| "memory": { | |
| "description": "Physical Memory (RAM)", | |
| "query": "SELECT physical_memory FROM system_info", | |
| "isArray": false | |
| }, | |
| "hddSize": { | |
| "description": "Hard Disk Storage Capacity in GB", | |
| "query": "SELECT round((disk_size * 10e-10), 2) AS hddSize FROM disk_info", | |
| "isArray": false | |
| }, | |
| "graphics": { | |
| "description": "Physical Memory (RAM)", | |
| "query": "SELECT manufacturer, model, series FROM video_info", | |
| "isArray": false | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment