Skip to content

Commit

Permalink
Update README.md (#580)
Browse files Browse the repository at this point in the history 
* Update README.md

* Some cleanup
  • Loading branch information
@gfs
gfs authored May 25, 2021
1 parent d9b0457 commit 9aa8b4e
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 73 deletions.
93 changes: 29 additions & 64 deletions Lib/Collectors/FileSystemMonitor.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,17 +83,16 @@ public FileSystemMonitor(MonitorCommandOptions opts, Action<FileMonitorObject> c
GatherHashes = options.GatherHashes,
});

foreach (var dir in options?.MonitoredDirectories.Any() is true ? options.MonitoredDirectories : fsc.Roots.ToList())
foreach (var dir in options.MonitoredDirectories.Count > 0 ? options.MonitoredDirectories : fsc.Roots.ToList())
{
foreach (var filter in defaultFiltersList)
{
var watcher = new FileSystemWatcher();

watcher.Path = dir;

watcher.NotifyFilter = filter;

watcher.IncludeSubdirectories = true;
var watcher = new FileSystemWatcher
{
Path = dir,
NotifyFilter = filter,
IncludeSubdirectories = true
};

// Changed, Created and Deleted can share a handler, because they throw the same type of event
watcher.Changed += GetFunctionForFilterType(filter);
Expand All @@ -110,68 +109,34 @@ public FileSystemMonitor(MonitorCommandOptions opts, Action<FileMonitorObject> c

private RenamedEventHandler? GetRenamedFunctionForFilterType(NotifyFilters filter)
{
switch (filter)
return filter switch
{
case NotifyFilters.Attributes:
return WriteAttributesRename;

case NotifyFilters.CreationTime:
return WriteCreationTimeRename;

case NotifyFilters.DirectoryName:
return WriteDirectoryNameRename;

case NotifyFilters.FileName:
return WriteFileNameRename;

case NotifyFilters.LastAccess:
return WriteLastAccessRename;

case NotifyFilters.LastWrite:
return WriteLastWriteRename;

case NotifyFilters.Security:
return WriteSecurityRename;

case NotifyFilters.Size:
return WriteSizeRename;

default:
return null;
}
NotifyFilters.Attributes => WriteAttributesRename,
NotifyFilters.CreationTime => WriteCreationTimeRename,
NotifyFilters.DirectoryName => WriteDirectoryNameRename,
NotifyFilters.FileName => WriteFileNameRename,
NotifyFilters.LastAccess => WriteLastAccessRename,
NotifyFilters.LastWrite => WriteLastWriteRename,
NotifyFilters.Security => WriteSecurityRename,
NotifyFilters.Size => WriteSizeRename,
_ => null,
};
}

private FileSystemEventHandler? GetFunctionForFilterType(NotifyFilters filter)
{
switch (filter)
return filter switch
{
case NotifyFilters.Attributes:
return WriteAttributesChange;

case NotifyFilters.CreationTime:
return WriteCreationTimeChange;

case NotifyFilters.DirectoryName:
return WriteDirectoryNameChange;

case NotifyFilters.FileName:
return WriteFileNameChange;

case NotifyFilters.LastAccess:
return WriteLastAccessChange;

case NotifyFilters.LastWrite:
return WriteLastWriteChange;

case NotifyFilters.Security:
return WriteSecurityChange;

case NotifyFilters.Size:
return WriteSizeChange;

default:
return null;
}
NotifyFilters.Attributes => WriteAttributesChange,
NotifyFilters.CreationTime => WriteCreationTimeChange,
NotifyFilters.DirectoryName => WriteDirectoryNameChange,
NotifyFilters.FileName => WriteFileNameChange,
NotifyFilters.LastAccess => WriteLastAccessChange,
NotifyFilters.LastWrite => WriteLastWriteChange,
NotifyFilters.Security => WriteSecurityChange,
NotifyFilters.Size => WriteSizeChange,
_ => null,
};
}

public bool IsRunning()
Expand Down
20 changes: 11 additions & 9 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,12 @@ Documentation is available on the [Wiki](https://github.com/Microsoft/AttackSurf

Documentation for the [API](https://microsoft.github.io/AttackSurfaceAnalyzer/api/) is available on GitHub Pages.

## New Features in 2.2
## New Features in 2.3

- Expanded analysis engine allowing users to define arbitrary boolean expressions across clauses and access sub properties of objects. See [Authoring Rules](https://github.com/microsoft/AttackSurfaceAnalyzer/wiki/Authoring-Analysis-Rules) on the wiki for more information on creating rules.
- Significantly improved collection and analysis performance.
- MacOS binary signature checking
- Support for C# 8 [nullable reference types](https://docs.microsoft.com/en-us/dotnet/csharp/nullable-references)
- Improved database independent API
- Updated [API documentation](https://microsoft.github.io/AttackSurfaceAnalyzer/api/index.html) and [Developer guide](https://github.com/microsoft/AttackSurfaceAnalyzer/wiki/Using-AsaLib)
- New Blazor GUI with Rule Authoring and Testing Sandbox
- New Collectors
- Improved collection and analysis performance.
- Support for C# 9/.NET 5

## Overview

Expand All @@ -49,6 +47,10 @@ Attack Surface Analyzer currently reports on changes to the following operating
- COM Objects
- Event Logs
- Firewall Settings
- Wifi Networks
- Cryptographic Keys
- Processes
- TPM Information

All data collected is stored in a set of local SQLite databases.

Expand All @@ -74,9 +76,9 @@ Detailed information on how to use Attack Surface Analyzer can be found on our
To build Attack Surface Analyzer, see [BUILD](https://github.com/Microsoft/AttackSurfaceAnalyzer/blob/main/BUILD.md).

## Versions
The latest stable version of Attack Surface Analyzer is 2.2 (see [Release\v2.2](https://github.com/Microsoft/AttackSurfaceAnalyzer/tree/release/v2.2)).
The latest public version of Attack Surface Analyzer with public builds is 2.3 (see [Release\v2.3](https://github.com/Microsoft/AttackSurfaceAnalyzer/tree/release/v2.3)).

2.3 is now in development on the `main` branch. You can see the features coming [here](https://github.com/microsoft/attacksurfaceanalyzer/issues?q=is%3Aissue+milestone%3Av2.3+).
2.4 is now in development on the `main` branch. You can see the features coming [here](https://github.com/microsoft/attacksurfaceanalyzer/issues?q=is%3Aissue+milestone%3Av2.4+).

## Contributing

Expand Down

0 comments on commit 9aa8b4e

Please sign in to comment.