PSScriptAnalyzer: SAST Tool for PowerShell Script
PowerShell Script Analyzer, also known as PSScriptAnalyzer, is a static code analysis tool (SAST tool), which examines the PowerShell written code and evaluates it for various machine-measurable best practices. The module accomplishes this through rules, each of which defines a best practice and tells the engine how to scan for it. However, the rules can be customized and can be used to test for best scripting practices and Secure code review.
1- Open the CMD on windows with administrator access and type PowerShell.
2- To get started, you first need to install and import the required PowerShell module. Type the below-mentioned commands.
Install-Module -Name PSScriptAnalyzer
Import-Module -Name PSScriptAnalyzer
3- To check the In-built rules available in PSScriptAnalyzer.
Get-ScriptAnalyzerRule | Select-Object RuleName
4- To check the description of any mentioned rules
Get-ScriptAnalyzerRule -Name “RuleName”
Invoke-ScriptAnalyzer .\Sample.ps1
6- To arrange the results in systematic format.
Invoke-ScriptAnalyzer .\Script_Tags.ps1 | Select-Object Severity, Line, Message, RuleName | Format-List
Security Auditing for PowerShell Scripts:
1- Copy and Paste the following command to install this package “InjectionHunter” (https://www.powershellgallery.com/packages/InjectionHunter/1.0.0 )
Install-Module -Name InjectionHunter
2- Check the path where InjectionHunter is deployed.
Get-Module InjectionHunter -List | Foreach-Object Path
3- Invoke the Analyzer + InjectionHunter with the below mentioned command.
Invoke-ScriptAnalyzer .\Script_Tags.ps1 -CustomRulePath (Get-Module InjectionHunter -List | % Path) -v
This is just an introduction to the SAST analysis with PSScriptAnalyzer, there is much more customization you can perform with this tool like creating your custom rules, perform security testing and so on. Feel free to navigate through the documentation of the tool.
(Reference URL: https://learn.microsoft.com/en-us/powershell/module/psscriptanalyzer/?view=ps-modules )
Stay Curious Stay Protected!!
