lasersharkkiller/explodedPotato

# 爆炸马铃薯 APT/恶意软件家族模拟与引爆工具套件。 ## 安装设置 ``` Install-Module -Scope CurrentUser Microsoft.PowerShell.SecretManagement, Microsoft.PowerShell.SecretStore -Force Register-SecretVault -Name LocalSecrets -ModuleName Microsoft.PowerShell.SecretStore -DefaultVault Set-SecretStoreConfiguration -Authentication Password -Interaction Prompt -Scope CurrentUser Set-Secret -Name 'VT_API_Key_1' -Secret (Read-Host -AsSecureString) Set-Secret -Name 'VT_API_Key_2' -Secret (Read-Host -AsSecureString) Set-Secret -Name 'ThreatFox_AuthKey' -Secret (Read-Host -AsSecureString) Set-Secret -Name 'MalwareBazaar_AuthKey' -Secret (Read-Host -AsSecureString) Set-Secret -Name 'HybridAnalysis_API_Key' -Secret (Read-Host -AsSecureString) Set-Secret -Name 'OTX_API_Key' -Secret (Read-Host -AsSecureString) ``` ## 运行 ``` .\ExplodedPotato_Main.ps1 ``` ## 功能菜单 | 选项 | 功能 | 模块 | |--------|----------|--------| | 1a | `Get-SingleVTZippedSample` | `purpleTeaming/GetSingleVTZippedSample.psm1` | | 1b | `Get-VTDetectionsFromList` | `purpleTeaming/GetVTDetectionsFromList.psm1` | | 1c | `Get-ThreatActorIOCs` | `purpleTeaming/aptIocs.psm1` | | 1d | `Get-ListofVTSamplesBasedOnAPTsAndMalwareFamilies` | `purpleTeaming/PrepListofVTSamplesBasedOnAPTsAndMalwareFamilies.psm1` | | 1e | `Get-VTZippedSamplesFromList` | `purpleTeaming/GetVTZippedSamplesFromList.psm1` | | 1f | `Get-FreeSamplesFromList` | `purpleTeaming/GetFreeSamplesFromList.psm1` | | 1g | `Get-MalwareBazaarByTag` | `purpleTeaming/GetMalwareBazaarByTag.psm1` | | 1h | `Invoke-MalwareDetonation` | `purpleTeaming/massMalwareDetonation.psm1` | | 1i | `Invoke-LOLDriverAudit` | `purpleTeaming/LOLDriverCertAudit.psm1` | ## 已知待清理事项 - `aptIocs.psm1` 内包含其自身的 `Get-MalwareBazaarByTag` 函数，该函数与 `GetMalwareBazaarByTag.psm1` 功能重复；请在方便时进行整合。

标签：AI合规, API集成, APT模拟, Ask搜索, DAST, IOC提取, IPv6, Libemu, PowerShell, VirusTotal, 可观测性, 威胁情报, 安全测试, 开发者工具, 恶意软件分析, 恶意软件家族, 恶意软件引爆, 恶意软件样本, 攻击性安全, 紫队工具, 网络安全, 网络调试, 自动化, 隐私保护