greysec/phi-scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
phi-scanner/results/windows_host_phi_report.html
T
ghstshdw d2d705c41b Initial commit: phi-scanner
2026-05-08 17:44:26 -05:00

54 lines
11 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html><head><meta charset="utf-8"><title>GreySec PHI Scan Report — Live Host</title>
<style>
*{box-sizing:border-box;margin:0;padding:0}
body{font-family:Arial,sans-serif;background:#1a1a1a;color:#e0e0e0}
.header{background:linear-gradient(135deg,#2d7d46,#1a5c30);padding:30px 40px}
.header h1{color:#fff;font-size:1.8em;margin-bottom:8px}
.header p{color:#a0d8b0;font-size:.9em}
.summary{display:grid;grid-template-columns:repeat(4,1fr);gap:20px;padding:25px 40px;background:#222}
.stat{background:#2a2a2a;border-radius:8px;padding:20px;text-align:center;border:1px solid #333}
.stat.highlight{border-left:4px solid #e53e3e}
.stat .num{font-size:2.2em;font-weight:bold;color:#2d7d46}
.stat.highlight .num{color:#e53e3e}
.section{padding:25px 40px;border-top:1px solid #2a2a2a}
.section h2{color:#2d7d46;font-size:1.2em;margin-bottom:15px;border-bottom:1px solid #333;padding-bottom:8px}
table{width:100%;border-collapse:collapse;font-size:.88em}
th{background:#1d5c30;color:#fff;padding:10px 12px;text-align:left;position:sticky;top:0}
td{padding:8px 12px;border-bottom:1px solid #252525}
tr:hover{background:#252525}
.badge{display:inline-block;padding:2px 8px;border-radius:4px;font-size:.8em;font-weight:bold}
.b-ssn{background:#e53e3e;color:#fff}.b-mrn{background:#805ad5;color:#fff}
.b-dob{background:#dd6b20;color:#fff}.b-phone{background:#d69e2e;color:#fff}
.b-email{background:#2d7d46;color:#fff}.b-ip{background:#444;color:#aaa}
.ctx{font-family:monospace;font-size:.78em;color:#777;word-break:break-all}
.fn{color:#6db66d;font-size:.82em;max-width:280px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}
.alert-box{background:#2a1a1a;border:1px solid #e53e3e;border-radius:6px;padding:15px 20px;margin:20px 40px;color:#ff8080;font-size:.9em}
.alert-box strong{color:#e53e3e}
.footer{text-align:center;color:#555;font-size:.8em;padding:20px;border-top:1px solid #2a2a2a}
</style></head><body>
<div class="header">
<h1>GreySec PHI Scanner — Live Windows Host Report</h1>
<p>Host: DESKTOP-1DHNF5M | Scanned: 2026-05-04T19:54:44.5442051+00:00 | Engine: v1.0 | Live Scan</p>
</div>
<div class="summary">
<div class="stat highlight"><div class="num">2454</div><div class="label">Total Findings</div></div>
<div class="stat highlight"><div class="num">4</div><div class="label">SSNs Detected</div></div>
<div class="stat highlight"><div class="num">133</div><div class="label">High Risk (SSN/MRN/DOB)</div></div>
<div class="stat"><div class="num">1933</div><div class="label">IP Addresses (noise)</div></div>
</div>
<div class="alert-box">
<strong>HIPAA Triage:</strong> 4 SSN records require immediate investigation.
These were found in <code>Patient_Records.txt</code> on the Desktop — unauthorized storage of PHI.
</div>
<div class="section">
<h2>SSN Findings — Immediate Action Required</h2>
<table><tr><th>Type</th><th>Value</th><th>File Path</th><th>Context</th></tr><tr><td><span class="badge b-ssn">SSN</span></td><td><code>123-45-6789</code></td><td class="fn" title="C:\Users\vagrant\Desktop\Patient_Records.txt">C:\Users\vagrant\Desktop\Patient_Records.txt</td><td class="ctx">... | John Doe | 1980-01-15 | 123-45-6789 | Hypertension P-002 ...</td></tr><tr><td><span class="badge b-ssn">SSN</span></td><td><code>987-65-4321</code></td><td class="fn" title="C:\Users\vagrant\Desktop\Patient_Records.txt">C:\Users\vagrant\Desktop\Patient_Records.txt</td><td class="ctx">... | Jane Smith | 1975-06-22 | 987-65-4321 | Diabetes Type 2 P-003 ...</td></tr><tr><td><span class="badge b-ssn">SSN</span></td><td><code>555-12-3456</code></td><td class="fn" title="C:\Users\vagrant\Desktop\Patient_Records.txt">C:\Users\vagrant\Desktop\Patient_Records.txt</td><td class="ctx">... | Bob Wilson | 1990-03-10 | 555-12-3456 | Anxiety Disorder P-004 ...</td></tr><tr><td><span class="badge b-ssn">SSN</span></td><td><code>444-55-6666</code></td><td class="fn" title="C:\Users\vagrant\Desktop\Patient_Records.txt">C:\Users\vagrant\Desktop\Patient_Records.txt</td><td class="ctx">... | Alice Brown| 1985-11-30 | 444-55-6666 | Heart Disease Lab Resu...</td></tr></table></div><div class="section">
<h2>DOB Findings — Non-System Sources (0 records)</h2>
<table><tr><th>Value</th><th>File</th><th>Context</th></tr></table></div><div class="section">
<h2>Top PHI-Density Files</h2>
<table><tr><th>Finding Count</th><th>File</th></tr><tr><td>592</td><td class="fn" title="C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log">C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log</td></tr><tr><td>369</td><td class="fn" title="C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-20251205-063921.log">C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-20251205-063921.log</td></tr><tr><td>89</td><td class="fn" title="C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_2026.409.2145.0_neutral_~_8wekyb3d8bbwe.xml">C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.DesktopAppInstaller_2026.409.2145.0_neutral_~_8wekyb3d8bbwe.xml</td></tr><tr><td>85</td><td class="fn" title="C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.BingSearch_2022.1.33.0_neutral_~_8wekyb3d8bbwe.xml">C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.BingSearch_2022.1.33.0_neutral_~_8wekyb3d8bbwe.xml</td></tr><tr><td>68</td><td class="fn" title="C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_3.6.73.0_neutral_~_8wekyb3d8bbwe.xml">C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.MicrosoftStickyNotes_3.6.73.0_neutral_~_8wekyb3d8bbwe.xml</td></tr><tr><td>67</td><td class="fn" title="C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_neutral_~_8wekyb3d8bbwe.xml">C:\ProgramData\Microsoft\Windows\AppRepository\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_neutral_~_8wekyb3d8bbwe.xml</td></tr><tr><td>67</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\57945eec214be97937f50dd61e277a5123e0c9fe$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\57945eec214be97937f50dd61e277a5123e0c9fe$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>62</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\8d7944487f9a8449c01cc4f3f978bc0dc5992021$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\8d7944487f9a8449c01cc4f3f978bc0dc5992021$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>49</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\44448070b28bb9d10dabfbcb6d3566d7df849b46$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\44448070b28bb9d10dabfbcb6d3566d7df849b46$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>49</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\9032bb33bfccc0971e4478cbb0505425ca07da4a$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\9032bb33bfccc0971e4478cbb0505425ca07da4a$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>44</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\570494e8e68c92cb0a34199912fc8de9d924af5f$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\570494e8e68c92cb0a34199912fc8de9d924af5f$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>44</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\61dbd33e41015b9eda929f01707fad200d2fb1f9$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\61dbd33e41015b9eda929f01707fad200d2fb1f9$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>42</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\20d78c0e2fd9f6c4c0beba331038ae0264be564a$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\20d78c0e2fd9f6c4c0beba331038ae0264be564a$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>36</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\3d9e7a6f3435ae49f9480c20f9610d12dd429a58$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\3d9e7a6f3435ae49f9480c20f9610d12dd429a58$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr><tr><td>36</td><td class="fn" title="C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\a8aca923a7187ebbf5c710c87f73b44b714ed104$&$top=30&semVerLevel=2.0.0_page1.dat">C:\ProgramData\ChocolateyHttpCache\9310b7b8ea69100d3cda3ea6c4468d664f9337fa$community.chocolatey.org_api_v2_\a8aca923a7187ebbf5c710c87f73b44b714ed104$&$top=30&semVerLevel=2.0.0_page1.dat</td></tr></table></div><div class="section">
<h2>Full Finding Breakdown</h2>
<table><tr><th>Type</th><th>Count</th><th>Risk Level</th><th>Notes</th></tr><tr><td><span class="badge b-ssn">SSN</span></td><td>4</td><td>HIGH</td><td>Social Security Numbers — immediate triage</td></tr><tr><td><span class="badge b-mrn">MRN</span></td><td>0</td><td>HIGH</td><td>Medical Record Numbers — check pattern sensitivity</td></tr><tr><td><span class="badge b-dob">DOB</span></td><td>129</td><td>HIGH</td><td>Dates of Birth — many Defender/Chocolatey noise</td></tr><tr><td><span class="badge b-phone">Phone</span></td><td>384</td><td>MED</td><td>Phone numbers — some Defender log noise</td></tr><tr><td><span class="badge b-email">Email</span></td><td>4</td><td>MED</td><td>Email addresses — verify business context</td></tr><tr><td><span class="badge b-ip">IP</span></td><td>1933</td><td>LOW</td><td>IP addresses — mostly Defender/network log noise</td></tr><tr><td><span class="badge b-zip4">ZIP4</span></td><td>0</td><td>LOW</td><td>ZIP+4 codes — geographic data</td></tr></table></div><div class="footer">GreySec Security — PHI Scanner v1.0 — Live Windows Host Scan — 2026-05-04 14:57 UTC<br>
Pipeline: SMB upload → atsvc RPC Task Scheduler → SMB download | Target: DESKTOP-1DHNF5M (192.168.68.15)</div>
</body></html>
Reference in New Issue View Git Blame Copy Permalink