From 30de5db67d8c0ff53fdf4270a0bcc68bf02281cf Mon Sep 17 00:00:00 2001 From: 3rfae <142895231+3rfae@users.noreply.github.com> Date: Wed, 22 Apr 2026 15:38:38 +0100 Subject: [PATCH 1/4] Update Deploy-Windows-Chrome-and-Edge.ps1 Signed-off-by: 3rfae <142895231+3rfae@users.noreply.github.com> --- enterprise/Deploy-Windows-Chrome-and-Edge.ps1 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/enterprise/Deploy-Windows-Chrome-and-Edge.ps1 b/enterprise/Deploy-Windows-Chrome-and-Edge.ps1 index af90153c..007c8f27 100644 --- a/enterprise/Deploy-Windows-Chrome-and-Edge.ps1 +++ b/enterprise/Deploy-Windows-Chrome-and-Edge.ps1 @@ -14,6 +14,7 @@ $edgeExtensionSettingsKey = "HKLM:\SOFTWARE\Policies\Microsoft\Edge\ExtensionSet # Extension Configuration Settings $showNotifications = 1 # 0 = Unchecked, 1 = Checked (Enabled); default is 1; This will set the "Show Notifications" option in the extension settings. $enableValidPageBadge = 0 # 0 = Unchecked, 1 = Checked (Enabled); default is 0; This will set the "Show Valid Page Badge" option in the extension settings. +$validPageBadgeTimeout = 5 # Auto-dismiss timeout for the valid page badge in seconds. Defualt is 5, Maximum 300. Set to 0 for no timeout (badge stays visible until manually dismissed). $enablePageBlocking = 1 # 0 = Unchecked, 1 = Checked (Enabled); default is 1; This will set the "Enable Page Blocking" option in the extension settings. $forceToolbarPin = 1 # 0 = Not pinned, 1 = Force pinned to toolbar; default is 1 $enableCippReporting = 0 # 0 = Unchecked, 1 = Checked (Enabled); default is 1; This will set the "Enable CIPP Reporting" option in the extension settings. @@ -28,7 +29,7 @@ $enableDebugLogging = 0 # 0 = Unchecked, 1 = Checked (Enabled); default is 0; Th # Generic Webhook Settings $enableGenericWebhook = 0 # 0 = Disabled, 1 = Enabled; default is 0; This will enable the generic webhook for sending detection events to a custom endpoint. $webhookUrl = "" # This will set the "Webhook URL" option; default is blank; if you set $enableGenericWebhook to 1, you must set this to a valid URL including the protocol (e.g., https://webhook.example.com/endpoint). -$webhookEvents = @() # This will set the "Event Types" to send to the webhook; default is blank; if you set $enableGenericWebhook to 1, you can specify which events to send. Available events: "detection_alert", "false_positive_report", "page_blocked", "rogue_app_detected", "threat_detected", "validation_event". Example: @("detection_alert", "page_blocked", "threat_detected"). +$webhookEvents = @() # This will set the "Event Types" to send to the webhook; default is blank; if you set $enableGenericWebhook to 1, you can specify which events to send. Available events: "detection_alert", "false_positive_report", "page_blocked", "rogue_app_detected", "domain_squatting_detected", "threat_detected", "validation_event". Example: @("detection_alert", "page_blocked", "threat_detected"). # Custom Branding Settings $companyName = "CyberDrain" # This will set the "Company Name" option in the Custom Branding settings; default is "CyberDrain". @@ -61,6 +62,7 @@ function Configure-ExtensionSettings { # Set extension configuration settings New-ItemProperty -Path $ManagedStorageKey -Name "showNotifications" -PropertyType DWord -Value $showNotifications -Force | Out-Null New-ItemProperty -Path $ManagedStorageKey -Name "enableValidPageBadge" -PropertyType DWord -Value $enableValidPageBadge -Force | Out-Null + New-ItemProperty -Path $ManagedStorageKey -Name "validPageBadgeTimeout" -PropertyType DWord -Value $validPageBadgeTimeout -Force | Out-Null New-ItemProperty -Path $ManagedStorageKey -Name "enablePageBlocking" -PropertyType DWord -Value $enablePageBlocking -Force | Out-Null New-ItemProperty -Path $ManagedStorageKey -Name "enableCippReporting" -PropertyType DWord -Value $enableCippReporting -Force | Out-Null New-ItemProperty -Path $ManagedStorageKey -Name "cippServerUrl" -PropertyType String -Value $cippServerUrl -Force | Out-Null From 82287439a6a56f096a681ec05c50e8aa3249d604 Mon Sep 17 00:00:00 2001 From: 3rfae <142895231+3rfae@users.noreply.github.com> Date: Wed, 22 Apr 2026 15:39:39 +0100 Subject: [PATCH 2/4] Update branding.md Signed-off-by: 3rfae <142895231+3rfae@users.noreply.github.com> --- docs/settings/branding.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/settings/branding.md b/docs/settings/branding.md index 9ba3fed7..145bd8a2 100644 --- a/docs/settings/branding.md +++ b/docs/settings/branding.md @@ -231,7 +231,7 @@ Enterprise policies always take precedence over manual settings. 3. Make sure the URL starts with `https://` 4. Verify the image file isn't too large 5. Verify logo URLs are publicly accessible (if using external URL) -6. Check image format (PNG, JPG, SVG supported) +6. Check image format (PNG, JPG, ICO, SVG supported) 7. Ensure image size is reasonable ### **Colors not applying:** From 2921d49f61ed51baf8af23ea2d74544f301e3fb1 Mon Sep 17 00:00:00 2001 From: 3rfae <142895231+3rfae@users.noreply.github.com> Date: Wed, 22 Apr 2026 15:56:10 +0100 Subject: [PATCH 3/4] Update background.js Signed-off-by: 3rfae <142895231+3rfae@users.noreply.github.com> --- scripts/background.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/background.js b/scripts/background.js index 20db5765..30f8c699 100644 --- a/scripts/background.js +++ b/scripts/background.js @@ -66,7 +66,7 @@ class RogueAppsManager { this.defaultConfig = { enabled: true, source_url: - "https://raw.githubusercontent.com/huntresslabs/rogueapps/refs/heads/main/public/rogueapps.json", + "https://huntresslabs.github.io/rogueapps/rogueapps.json", cache_duration: 86400000, // 24 hours update_interval: 43200000, // 12 hours detection_action: "warn", From cfb34e0adb72c96cb7cb2b98761c1c14d180f791 Mon Sep 17 00:00:00 2001 From: 3rfae <142895231+3rfae@users.noreply.github.com> Date: Wed, 22 Apr 2026 15:59:26 +0100 Subject: [PATCH 4/4] Update detection-rules.json Signed-off-by: 3rfae <142895231+3rfae@users.noreply.github.com> --- rules/detection-rules.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/detection-rules.json b/rules/detection-rules.json index a40b6603..eaa6e41c 100644 --- a/rules/detection-rules.json +++ b/rules/detection-rules.json @@ -1831,7 +1831,7 @@ "rogue_apps_detection": { "description": "Dynamic detection of known rogue OAuth applications", "enabled": true, - "source_url": "https://raw.githubusercontent.com/huntresslabs/rogueapps/refs/heads/main/public/rogueapps.json", + "source_url": "https://huntresslabs.github.io/rogueapps/rogueapps.json", "cache_duration": 86400000, "update_interval": 43200000, "detection_action": "warn",