Merge pull request #249 from microsoft/bilong-readme

bill-long · web-flow · commit ffb460379df8 · 2021-03-10T13:33:23.000-06:00
Make download links more prominent
diff --git a/Security/README.md b/Security/README.md
@@ -1,6 +1,6 @@
 # Security scripts
 
-## Test-ProxyLogon.ps1
+## [Test-ProxyLogon.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/Test-ProxyLogon.ps1)
 
 Formerly known as Test-Hafnium, this script automates all four of the commands found in the [Hafnium blog post](https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/). It also has a progress bar and some performance tweaks to make the CVE-2021-26855 test run much faster.
 
@@ -25,7 +25,7 @@ To display the results without saving them, pass -DisplayOnly:
 
 `.\Test-ProxyLogon.ps1 -DisplayOnly`
 
-## ExchangeMitigations.ps1
+## [ExchangeMitigations.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/ExchangeMitigations.ps1)
 This script contains 4 mitigations to help address the following vulnerabilities:
 
 * CVE-2021-26855
@@ -77,7 +77,7 @@ To rollback multiple or specific mitigations
 
 `.\ExchangeMitigations.ps1 -WebSiteNames "Default Web Site" -RollbackECPAppPoolMitigation -RollbackOABAppPoolMitigation`
 
-## CompareExchangeHashes.ps1
+## [CompareExchangeHashes.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/CompareExchangeHashes.ps1)
 
 This script provides a mechanism for malicious file detection on Exchange servers running E13, E16 or E19 versions.
 For more information please go to [https://aka.ms/exchangevulns](https://aka.ms/exchangevulns).
@@ -104,7 +104,7 @@ Submitting files for analysis:
 * Please submit the output file for analysis in the malware analysis portal [here](https://www.microsoft.com/en-us/wdsi/filesubmission). Please add the text "ExchangeMarchCVE" in "Additional Information" field on the portal submission form.
 * Instructions on how to use the portal can be found [here](https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/submission-guide).
 
-## BackendCookieMitigation.ps1
+## [BackendCookieMitigation.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/BackendCookieMitigation.ps1)
 
 This mitigation will filter https requests that contain malicious X-AnonResource-Backend and malformed X-BEResource cookies which were found to be used in CVE-2021-26855.
 
@@ -142,7 +142,7 @@ To rollback - Note: This does not remove the IIS Rewrite module, only the rules.
 
 `PS C:\> BackendCookieMitigation.ps1 -WebSiteNames "Default Web Site" -RollbackMitigation -Verbose`
 
-## http-vuln-cve2021-26855.nse
+## [http-vuln-cve2021-26855.nse](https://github.com/microsoft/CSS-Exchange/releases/latest/download/http-vuln-cve2021-26855.nse)
 
 This file is for use with nmap. It detects whether the specified URL is vulnerable to the Exchange Server SSRF Vulnerability (CVE-2021-26855).
 For usage information, please read the top of the file.
diff --git a/Setup/README.md b/Setup/README.md
@@ -1,4 +1,6 @@
-# SetupAssist.ps1
+# [SetupAssist.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupAssist.ps1)
+
+Download the latest release here: [https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupAssist.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupAssist.ps1)
 
 This script is meant to be run on the system where you are running setup from. It currently checks and displays the following when just running it:
 
@@ -20,9 +22,9 @@ Parameter | Description
 ----------|------------
 [string]OtherWellKnownObjectsContainer | Pass the Distinguished Name of Microsoft Exchange container to look at the OtherWellKnownObjects attributes
 
-Download the latest release [here](https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupAssist.ps1)
+# [SetupLogReviewer.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupLogReviewer.ps1)
 
-# SetupLogReviewer.ps1
+Download the latest release here: [https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupLogReviewer.ps1](https://github.com/microsoft/CSS-Exchange/releases/latest/download/SetupLogReviewer.ps1)
 
 This script is meant to be run against the Exchange Setup Logs located at `C:\ExchangeSetupLogs\ExchangeSetup.log`. You can run this on the server, or on a personal computer.
 
