From 33b3fe3cbc65aa095cbe62c723a3a3808a5a32cc Mon Sep 17 00:00:00 2001
From: Jake Hildreth <jakehildreth@trimarcsecurity.com>
Date: Sat, 22 Feb 2025 08:47:47 -0600
Subject: [PATCH] Risk added to Mode 2 CSV Risk, Risk Score, and Risk Score
 Detail added to Mode 3 CSV

---
 Invoke-Locksmith.ps1        | 8 ++++----
 Locksmith.psd1              | 2 +-
 Public/Invoke-Locksmith.ps1 | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/Invoke-Locksmith.ps1 b/Invoke-Locksmith.ps1
index ec1e12d9..a2730ebc 100644
--- a/Invoke-Locksmith.ps1
+++ b/Invoke-Locksmith.ps1
@@ -2795,7 +2795,6 @@ function Set-AdditionalCAProperty {
     )
 
     begin {
-        $CAEnrollmentEndpoint = @()
         if (-not ([System.Management.Automation.PSTypeName]'TrustAllCertsPolicy') ) {
             if ($PSVersionTable.PSEdition -eq 'Desktop') {
                 $code = @"
@@ -2829,6 +2828,7 @@ function Set-AdditionalCAProperty {
 
     process {
         $ADCSObjects | Where-Object objectClass -Match 'pKIEnrollmentService' | ForEach-Object {
+            $CAEnrollmentEndpoint = @()
             #[array]$CAEnrollmentEndpoint = $_.'msPKI-Enrollment-Servers' | Select-String 'http.*' | ForEach-Object { $_.Matches[0].Value }
             foreach ($directory in @("certsrv/", "$($_.Name)_CES_Kerberos/service.svc", "$($_.Name)_CES_Kerberos/service.svc/CES", "ADPolicyProvider_CEP_Kerberos/service.svc", "certsrv/mscep/")) {
                 $URL = "://$($_.dNSHostName)/$directory"
@@ -4381,7 +4381,7 @@ function Invoke-Locksmith {
         [System.Management.Automation.PSCredential]$Credential
     )
 
-    $Version = '2025.1.14'
+    $Version = '2025.2.22'
     $LogoPart1 = @'
     _       _____  _______ _     _ _______ _______ _____ _______ _     _
     |      |     | |       |____/  |______ |  |  |   |      |    |_____|
@@ -4612,7 +4612,7 @@ Invoke-Locksmith -Mode 1
             $Output = Join-Path -Path $OutputPath -ChildPath "$FilePrefix ADCSIssues.CSV"
             Write-Host "Writing AD CS issues to $Output..."
             try {
-                $AllIssues | Select-Object Forest, Technique, Name, Issue | Export-Csv -NoTypeInformation $Output
+                $AllIssues | Select-Object Forest, Technique, Name, Issue, @{l = 'Risk'; e = { $_.RiskName } } | Export-Csv -NoTypeInformation $Output
                 Write-Host "$Output created successfully!`n"
             }
             catch {
@@ -4623,7 +4623,7 @@ Invoke-Locksmith -Mode 1
             $Output = Join-Path -Path $OutputPath -ChildPath "$FilePrefix ADCSRemediation.CSV"
             Write-Host "Writing AD CS issues to $Output..."
             try {
-                $AllIssues | Select-Object Forest, Technique, Name, DistinguishedName, Issue, Fix | Export-Csv -NoTypeInformation $Output
+                $AllIssues | Select-Object Forest, Technique, Name, DistinguishedName, Issue, Fix, @{l = 'Risk'; e = { $_.RiskName } }, @{l = 'Risk Score'; e = { $_.RiskValue } }, @{l = 'Risk Score Detail'; e = { $_.RiskScoring -join "`n" } } | Export-Csv -NoTypeInformation $Output
                 Write-Host "$Output created successfully!`n"
             }
             catch {
diff --git a/Locksmith.psd1 b/Locksmith.psd1
index 52305381..b350ddc7 100644
--- a/Locksmith.psd1
+++ b/Locksmith.psd1
@@ -8,7 +8,7 @@
     FunctionsToExport    = 'Invoke-Locksmith'
     GUID                 = 'b1325b42-8dc4-4f17-aa1f-dcb5984ca14a'
     HelpInfoURI          = 'https://raw.githubusercontent.com/jakehildreth/Locksmith/main/en-US/'
-    ModuleVersion        = '2025.1.14'
+    ModuleVersion        = '2025.2.22'
     PowerShellVersion    = '5.1'
     PrivateData          = @{
         PSData = @{
diff --git a/Public/Invoke-Locksmith.ps1 b/Public/Invoke-Locksmith.ps1
index beb1478f..4dd14fba 100644
--- a/Public/Invoke-Locksmith.ps1
+++ b/Public/Invoke-Locksmith.ps1
@@ -341,7 +341,7 @@ Invoke-Locksmith -Mode 1
             $Output = Join-Path -Path $OutputPath -ChildPath "$FilePrefix ADCSIssues.CSV"
             Write-Host "Writing AD CS issues to $Output..."
             try {
-                $AllIssues | Select-Object Forest, Technique, Name, Issue | Export-Csv -NoTypeInformation $Output
+                $AllIssues | Select-Object Forest, Technique, Name, Issue, @{l = 'Risk'; e = { $_.RiskName } } | Export-Csv -NoTypeInformation $Output
                 Write-Host "$Output created successfully!`n"
             } catch {
                 Write-Host 'Ope! Something broke.'
@@ -351,7 +351,7 @@ Invoke-Locksmith -Mode 1
             $Output = Join-Path -Path $OutputPath -ChildPath "$FilePrefix ADCSRemediation.CSV"
             Write-Host "Writing AD CS issues to $Output..."
             try {
-                $AllIssues | Select-Object Forest, Technique, Name, DistinguishedName, Issue, Fix | Export-Csv -NoTypeInformation $Output
+                $AllIssues | Select-Object Forest, Technique, Name, DistinguishedName, Issue, Fix, @{l = 'Risk'; e = { $_.RiskName } }, @{l = 'Risk Score'; e = { $_.RiskValue } }, @{l = 'Risk Score Detail'; e = { $_.RiskScoring -join "`n" } } | Export-Csv -NoTypeInformation $Output
                 Write-Host "$Output created successfully!`n"
             } catch {
                 Write-Host 'Ope! Something broke.'