├── .github
    └── ISSUE_TEMPLATE
    │   ├── bug_report.md
    │   └── feature_request.md
├── .gitignore
├── Docs
    ├── Categories.md
    ├── Changelog.md
    ├── Commando_Quickstart_Guide.md
    ├── Contibuting.md
    ├── Troubleshooting.md
    └── img
    │   ├── CompareAndPullButton.png
    │   ├── Fork-Commando.png
    │   ├── gui_step1.png
    │   ├── gui_step2.png
    │   ├── gui_step3.png
    │   ├── package_info.png
    │   ├── profile_manager.png
    │   ├── runasadmin.png
    │   └── tamperprotection.png
├── Images
    ├── background-victim.png
    ├── background.png
    ├── commando-readme.png
    ├── commando.ico
    ├── commando.png
    └── mandiant.png
├── License.txt
├── Profiles
    ├── Configs
    │   ├── win10config.xml
    │   ├── win10victimconfig.xml
    │   ├── win11armconfig.xml
    │   ├── win11armvictimconfig.xml
    │   ├── win11config.xml
    │   └── win11victimconfig.xml
    ├── Default - ARM.xml
    ├── Default.xml
    ├── Developer.xml
    ├── Full - ARM.xml
    ├── Full.xml
    ├── Lite.xml
    └── Victim.xml
├── README.md
└── install.ps1


/.github/ISSUE_TEMPLATE/bug_report.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Bug report
 3 | about: Create a report to help us improve
 4 | title: BUG
 5 | labels: ''
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Describe the bug and expected behavior**
11 | A clear and concise description of what the bug is.
12 | 
13 | **To Reproduce**
14 | Steps to reproduce the behavior:
15 | 1. Go to '...'
16 | 2. Click on '....'
17 | 3. Scroll down to '....'
18 | 4. See error
19 | 
20 | **Screenshots**
21 | If applicable, add screenshots to help explain your problem.
22 | 
23 | **Version**
24 |  - OS: [e.g. Win7]
25 | 
26 | **Additional context**
27 | Add any other context about the problem here.
28 | 


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/feature_request.md:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Feature request
 3 | about: Suggest an idea for this project
 4 | title: FEATURE REQUEST
 5 | labels: ''
 6 | assignees: ''
 7 | 
 8 | ---
 9 | 
10 | **Would you like have a tool or script added? Please include a link**
11 | Name of the tool requested and a link to the tool
12 | 
13 | **Is your feature request related to a problem? Please describe.**
14 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
15 | 
16 | **If related to a problem, describe the solution you'd like**
17 | A clear and concise description of what you want to happen.
18 | 
19 | **Describe alternatives you've considered**
20 | A clear and concise description of any alternative solutions or features you've considered.
21 | 
22 | **Additional context**
23 | Add any other context or screenshots about the feature request here.
24 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | available_packages.xml
3 | /Profiles/Custom.xml
4 | 


--------------------------------------------------------------------------------
/Docs/Categories.md:
--------------------------------------------------------------------------------
 1 | # Categories
 2 | The following is the current list of supported categories for CommandoVM.
 3 | These will serve as the Folders used to organize 
 4 | tools in the user's Desktop\Tools\ directory.
 5 | 
 6 | - Command & Control
 7 | - Credential Access
 8 | - Exploitation
 9 | - Lateral Movement
10 | - Payload Development
11 | - Persistence
12 | - Privilege Escalation
13 | - Reconnaissance
14 | - Utilities
15 | - Wordlists


--------------------------------------------------------------------------------
/Docs/Changelog.md:
--------------------------------------------------------------------------------
  1 | # Changelog
  2 | ## 2023.3 - September 4 2023
  3 | - Update to coincide with installer rearchitecture detailed in [this PR](https://github.com/mandiant/VM-Packages/pull/656)
  4 |   - Changes include modularity of debloat and config functions which will aid in our support for Win11 and Win11ARM
  5 | - Removed all debloater functions and moved into [common.vm](https://github.com/mandiant/VM-Packages/tree/main/packages/common.vm)
  6 | - Added logic to detect OS and profile settings and move appropriate config file to expected location
  7 | - renamed "config.xml" in install script to "packages.xml" to avoid confusion with new install features
  8 | - Added "config.xml" as the OS customizations
  9 | - Moved `Images\Docs\*` to `Docs\img\*`
 10 | - Removed blue text output as Win10 default powershell has blue background and is very hard to read
 11 | - Changed console prompt from red font to green
 12 | - Disabled automatic malware sample sending in Victim profile
 13 | - Created new low-priv user for Victim profile
 14 | - Enabled Light Mode for Victim machine for easy visibility
 15 | - Added blue logo for Victim machine for easy visibility
 16 | 
 17 | ## 3.0 - August 9 2023
 18 | - Completely rebuilt everything
 19 | 
 20 | ## 2021.2 - July 14 2021
 21 | - Require users to disable Defender before installing
 22 |   * Too many issues arise from Defender magically turning itself back on. Disabling defender with the preconfig script has been unreliable since Win10 1909.
 23 | - removed update requirement (legacy  requirement for Windows 7. Windows 7 support was  removed last year)
 24 | - Added support for Windows 10 20H2 and 21H1
 25 | - Removed vcpython27 #204
 26 | - updated proxycap install args #203, #200. #196
 27 | - updated sqlitebrowser.fireeye to remove newly created desktop shortcuts #200
 28 | - Closed issues #203, #204, #202, #200, #196, #195, #192, #191, #190, #189, #188, #186, #185, #184, #177, #175, #174, #170, #169, #160, #134, #133
 29 | 
 30 | ## 2020.2 - June 17 2020
 31 | - Added support for Windows 10 2004
 32 | - Corrected syspin verb #124
 33 | - Removed WSL from default install #146, #120
 34 | - Removed Hyper V from default install #146, #120
 35 | - Removed Kali from default install #95, #120
 36 | - Removed Docker from default install #95, #120
 37 | - Created wsl.fireeye package #95, #120
 38 | - Created hyperv.fireeye package #95, #120 
 39 | - Created multiple install profiles #95, #120
 40 |   - Default, NestedV, Lite, Full, and Developer
 41 | - Removed some dependencies causing %PATH% variable to be truncated to 1024 characters #141
 42 | - Added logic to help speed up install
 43 | - Removed dependency on custom libraries file #131
 44 | - Added custom logging for installation of packages #70
 45 | - Fixed bug in autohotkey script for unhardening of UNC paths #68
 46 | - Updated Readme #140
 47 | 
 48 | ## 2020.1 - March 3 2020
 49 | - added logic to attempt automatically updating system #88
 50 | - added qbittorrent #88
 51 | - added dbeaver #88
 52 | - added hfsexplorer #88
 53 | - added lockhunter #88
 54 | - fixed typo for PwnedPasswordsNTLM in packages.json #101
 55 | - added BeRoot
 56 | - added BloodHound Custom Queries - Hausec
 57 | - added Dumpert
 58 | - added Recon-AD
 59 | - added Net-GPPPassword
 60 | - added Gadget2JScript
 61 | - added OffensiveCSharp - matterpreter
 62 | - added powercat
 63 | - added Privesc - enjoiz
 64 | - added PSBits
 65 | - added ThreadContinue
 66 | - added SysWhispers
 67 | - added TikiTorch
 68 | - added Virus Total Uploader #88
 69 | - added NirLauncher #88
 70 | - added SimpleDnsCrypt #88
 71 | - added Tor Browser #88
 72 | - added HeidiSQL #88
 73 | - added HTTP File Server #88
 74 | - Removed support for Windows 7 (install should still work, but is no longer maintained)
 75 | - improved error handling for commandovm.win10.config.fireeye package
 76 | - updated commandovm.win10.preconfig.fireeye
 77 | - Fixed taskbar pinning on 1903 (still not working for 1909)
 78 | - Updated install instructions on readme
 79 | - Updated ~45 packages
 80 | - Removed Watson binaries (static binaries are not updated in this repo)
 81 | - Removed PoshC2 (deprecated, will look at supporting PoshC2 Python)
 82 | - Removed Covenant (will support again in a future release)
 83 | - Removed Elite (deprecated)
 84 | 
 85 | ## 2.0 - August 5 2019
 86 | - Added Kali Linux https://www.kali.org
 87 | - Added Docker https://www.docker.com #88
 88 | - Added SpiderFoot https://github.com/smicallef/spiderfoot #84
 89 | - Added Amass https://github.com/OWASP/Amass
 90 | - Added customization support #42, #25 
 91 | 
 92 | ## 1.3 - June 28 2019
 93 | - Added RottenPotatoNG https://github.com/breenmachine/RottenPotatoNG #63
 94 | - Added Juicy Potato https://github.com/ohpe/juicy-potato #63, #64
 95 | - Added Watson https://github.com/rasta-mouse/Watson #64
 96 | - Added PwndPasswordsNTLM https://github.com/JacksonVD/PwnedPasswordsNTLM #67
 97 | - Added FOCA https://github.com/JacksonVD/PwnedPasswordsNTLM #71 
 98 | - Added Vulcan https://github.com/praetorian-code/vulcan
 99 | - Added SharpClipHistory https://github.com/mwrlabs/SharpClipHistory
100 | - Added NetRipper https://github.com/NytroRST/NetRipper
101 | - Added RobotsDisallowed https://github.com/danielmiessler/RobotsDisallowed
102 | - Added Probable-Wordlists https://github.com/berzerk0/Probable-Wordlists
103 | - Added SharpSploit https://github.com/cobbr/SharpSploit
104 | - Changed WinRM configuration #65
105 | - Un-hardened UNC file paths #68
106 | - Fixed install issues with Covenant #61, #76
107 | 
108 | ## 1.2 - May 31 2019
109 | - Added recommended hardware settings #20, #17
110 | - Added DomainPasswordSpray https://github.com/dafthack/DomainPasswordSpray #2
111 | - Added GoBuster https://github.com/OJ/gobuster #39
112 | - Added Wfuzz https://github.com/xmendez/wfuzz #40
113 | - Added Notepad++ #30
114 | - Added TextFX plugin for Notepad++
115 | - Added Explorer Suite (CFF Explorer)
116 | 
117 | ## 1.1 - April 30 2019
118 | - Added AD-Control-Paths https://github.com/ANSSI-FR/AD-control-paths/releases
119 | - Added DefenderCheck https://github.com/matterpreter/DefenderCheck
120 | - Added dnsrecon https://github.com/darkoperator/dnsrecon
121 | - Added EvilClippy https://github.com/outflanknl/EvilClippy
122 | - Added NtdsAudit https://github.com/Dionach/NtdsAudit
123 | - Added SharpExec https://github.com/anthemtotheego/SharpExec
124 | - Added Subdomain-Bruteforce https://github.com/visualbasic6/subdomain-bruteforce
125 | - Fixed issue #18 with PATH 
126 | - Added Commando Logos with transparent backgrounds to $Home\Pictures
127 | - Pinned Firefox to Taskbar
128 | - Fixed misspellings in Readme #42/#43
129 | - Added Ruby and Ruby Devkit #1
130 | - Updated Rubeus package to current version (1.4.2) #31
131 | 
132 | 1.0.2 - April 10 2019
133 | - Added missing 'seclists.fireeye' package to packages.json #38
134 | 
135 | 1.0.1 - March 31 2019
136 | - Used https instead of http to install boxstarter #10


--------------------------------------------------------------------------------
/Docs/Commando_Quickstart_Guide.md:
--------------------------------------------------------------------------------
 1 | The goal of this guide is to get **anyone** who would like to contribute to the project get started, even with minimal experience with Git. 
 2 | 
 3 | This guide does not assume prior experience of contributing to Github projects, because a large number of those performing, learning, or researching offensive security may not have had many experiences working on projects with multiple contributors.
 4 | 
 5 | To get started with the project, there are a couple key points a contributor will need to understand first:
 6 | - CommandoVM is built using a combination of **Chocolatey, Boxstarter, and some custom powershell scripts**. Boxstarter allows installations to continue on reboot (since some package installations may require restarts to work properly), and **Chocolatey** is similar to package managers such as apt, brew, or yum.
 7 | - All of the packages used for Commando can be found in the **[vm-packages](https://github.com/mandiant/VM-Packages)** repository. These are then built and pushed to a public package feed on MyGet, which is where Chocolatey goes to fetch the packages. The VM-Packages repository supports other Mandiant virtual machine projects as well, such as [FlareVM](https://github.com/mandiant/flare-vm).
 8 | - The **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)** contains great information on contributing to the VM-packages repo.
 9 | 
10 | ## What areas need work?
11 | ### CommandoVM
12 | There are a couple areas that will need work and regular maintenance. On the **CommandoVM** side, there can be improvements made to:
13 | - the installer. While this is mostly static, certain logic may change as Windows changes, such as certain locations of registry keys. Search for `Installer Functions` around line `932` to begin seeing the functions that contribute to installation logic (the section above handles GUI elements). [installer.ps1](https://github.com/mandiant/commando-vm/blob/main/install.ps1)
14 | 
15 | - updating installation profiles with new tools. This ensures the latest packages are available and appropriate for the job at hand: offensive security. See the available [profiles](https://github.com/mandiant/commando-vm/tree/main/Profiles).
16 | 
17 | On top of all this, regular bugs, issues, and improvement recommendations are also provided by the community on the Github page.
18 | 
19 | ### VM-Packages
20 | Many issues have to do with missing packages or packages that fail to install because they are outdated or their installation paths have changed. For those issues, improvements and additions can be made to the **VM-Packages** repository. For more information on adding, testing, and fixing packages, see the **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)**
21 | 
22 | One major effort maintained here is the `debloat.vm` package that performs the cleanup of a fresh Windows VM, greatly reducing resources consumed (as well as general eye strain). The package can be found here: [debloat.vm](https://github.com/mandiant/VM-Packages/tree/main/packages/debloat.vm)
23 | 
24 | Another significant part of the project is the **common.vm** package. It helps provide a set of standardized powershell helper functions across Mandiant VMs and provides a method for customization through environment variables. Additional information can be found here [common.vm readme](https://github.com/mandiant/VM-Packages/tree/main/packages/common.vm) and the code is here in the [Common.vm Powershell Module](https://github.com/mandiant/VM-Packages/blob/main/packages/common.vm/tools/vm.common/vm.common.psm1).
25 | 
26 | ## Contributing to VM-Packages
27 | For more information on adding, testing, and fixing packages, see the **VM-packages [wiki](https://github.com/mandiant/VM-Packages/wiki)** and specifically the "**My first package [walk through](https://github.com/mandiant/VM-Packages/wiki/My-first-package-walk-through)**" 
28 | 
29 | I highly recommend referring to recently closed PRs and newly added packages to get a good idea of how packages are structured.
30 | ## Contributing to CommandoVM
31 | This section covers the workflow for making a contribution to Commando VM. 
32 | 
33 | **1.** Create a fork of the repository in your Github account
34 | > ![](img/Fork-Commando.png)
35 | 
36 | **2.** Clone the repository to your development computer 
37 | ```
38 | git clone https://github.com/<your-username>/commando-vm
39 | ```
40 | - Change directory into the newly cloned directory
41 | ```
42 | cd commando-vm
43 | ```
44 | - (Optional) set the remote upstream repository so you can keep your clone up to date.
45 | ```
46 | git remote add upstream https://github.com/mandiant/commando-vm
47 | ```
48 | 
49 | 
50 | **3.** Create and checkout a branch for the change
51 | ```
52 | git checkout -b <update/fix-for-something>
53 | ```
54 | 
55 | **4.** Make the changes. Add and commit regularly so the comments are descriptive and helpful. Larger commits can be confusing to review.
56 | - After making changes, first stage the changed files.
57 | ```
58 | git add .
59 | ```
60 | - Commit the changes with a message for each change.
61 | ```
62 | git commit -m "This is a change"
63 | ```
64 | - Repeat as needed.
65 | 
66 | **5.** Then push those commits to your fork of Commando VM. This will upload the changes to your Github repository.
67 | ```
68 | git push --set-upstream origin <branch-name>
69 | ```
70 | 
71 | **6.** Create a Pull Request to integrate the changes into the Mandiant repository of Commando VM.
72 | - Navigate to your cloned repository
73 | - Use the "Compare & pull request" button to create a pull request. Fill out the title and details about what was changed and the Mandiant team will either approve and merge the change or comment with questions/requested changes.
74 | > ![](img/CompareAndPullButton.png)
75 | 
76 | **7.** Next time you want to use your cloned repository, make sure it is up to date with the following commands:
77 | - `git fetch upstream` to get the upstream changes locally.
78 | - `git checkout main` to select your main branch of the cloned fork.
79 | - `git merge upstream/main` merge the upstream changes with your version.
80 | - `git add .` to stage the changed files after the merge (resolve conflicts first if necessary)
81 | - `git commit` to commit the changes
82 | - `git push origin main` to update the remote fork with changes from the upstream repository
83 | 


--------------------------------------------------------------------------------
/Docs/Contibuting.md:
--------------------------------------------------------------------------------
 1 | ## Contributing
 2 | Want to get started contributing? See the links below to learn how.
 3 | 
 4 | ### Installer
 5 | * [Commando VM installation script, GUI, and configuration](https://github.com/mandiant/commando-vm)
 6 | 
 7 | ### Tool Packages
 8 | * [Repository of all tool packages (VM-packages)](https://github.com/mandiant/VM-Packages)
 9 | * [Documentation and contribution guides for tool packages](https://github.com/mandiant/VM-Packages/wiki)
10 | * [Submit new tool packages or report package related issues](https://github.com/mandiant/VM-Packages/issues)


--------------------------------------------------------------------------------
/Docs/Troubleshooting.md:
--------------------------------------------------------------------------------
  1 | # Troubleshooting the Install
  2 | 
  3 | This page lists the full steps necessary to install CommandoVM, with any additional information that might help you troubleshoot your issues:
  4 | - [Requirements](#requirements)
  5 | - [Pre-Install Steps](#pre-install-steps)
  6 | - [Graphical Install](#graphical-install)
  7 | - [Command-Line Install](#command-line-install)
  8 | 
  9 | ## CommandoVM Requirements
 10 | 
 11 | - Windows 10 22H2
 12 | - Windows 11 TBA
 13 | - Minimum 70 GB Hard Drive
 14 | - Minimum 4 GB RAM
 15 | 
 16 | ## Pre-Install Steps
 17 | 
 18 | **Disclaimer**
 19 | > The installer will not allow you to continue until you satisfy these requirements. You may skip them by passing the `-skipChecks` flag if you know what you are doing, but we do not recommend it.
 20 | 
 21 | ### Supported Operating System
 22 | 
 23 | CommandoVM currently supports Windows 10 22H2 (19045).
 24 | 
 25 | ### Running in a Virtual Machine
 26 | 
 27 | You should never install CommandoVM on your host machine. CommandoVM makes irreversible changes to the system that you cannot uninstall. We recommend installing it on a virtual machine in VirtualBox or VMWare.
 28 | 
 29 | ### Storage Requirement
 30 | 
 31 | Windows itself takes up significant space on disk and CommandoVM installs a large number of additional packages and tools. Ensure that you have at least **70GB** of storage in your VM. If you opt-in to install the **Full** CommandoVM profile, you will want approximately 110 GB.
 32 | 
 33 | ### Running as Administrator
 34 | 
 35 | CommandoVM uses Chocolatey and Boxstarter to install its packages. Installing packages requires Administrator rights, so you must run your terminal as Administrator as shown on the image below.
 36 | 
 37 | ![run terminal as administrator](img/runasadmin.png)
 38 | 
 39 | ### PowerShell Execution Policy
 40 | 
 41 | By default PowerShell restricts scripts from being loaded on Windows Workstations and requires them to be signed by a trusted publisher on Windows servers. CommandoVM installation is performed using PowerShell, so you need to disable these restrictions using the following PowerShell command from an elevated prompt:
 42 | ```powershell
 43 | Set-ExecutionPolicy Unrestricted
 44 | ```
 45 | 
 46 | ### PowerShell `Unblock-File`
 47 | Whenever you download files from the internet, Windows places a "Mark of the Web" identifier on them. Scripts within this repository need to be unblocked so that they can run automatically and not cause issues with the install after clicking the "Go" button.
 48 | 
 49 | ### Windows Defender and Tamper Protection
 50 | 
 51 | In the past CommandoVM would try to programmatically disable Windows Defender for you. Unfortunately Windows Defender is constantly evolving, so we cannot keep up with the changes. You **must** disable Windows Defender and Tamper Protection manually before starting the install. It is not enough to simply disable Real-Time Protection, because **it will become re-enabled after a reboot**.
 52 | 
 53 | See the following links for the latest methods of disabling it known to us on Windows 10 and 11:
 54 | - [Windows 10](https://superuser.com/questions/1757339/how-to-permanently-disable-windows-defender-real-time-protection-with-gpo)
 55 | - [Windows 11](https://www.makeuseof.com/permanently-disable-microsoft-defender-windows-11/)
 56 | 
 57 | > **WARNING:** If you do not properly disable Windows Defender, your installation will most certainly fail
 58 | 
 59 | ## Graphical Install
 60 | 
 61 | First, download the CommandoVM repo from GitHub either as a ZIP, or using `git` from PowerShell if you have it installed already:
 62 | ```powershell
 63 | git clone https://github.com/mandiant/commando-vm.git
 64 | ```
 65 | 
 66 | Next, run an elevated terminal and navigate to the folder where you cloned CommandoVM files. Once inside, run the `install.ps1` script:
 67 | ```powershell
 68 | .\install.ps1
 69 | ```
 70 | 
 71 | The pre-install checks menu will open. Make sure you go through the [Pre-Install Steps](#pre-install-steps) section of this page to ensure you pass all of them. The installer will not allow you to click "Continue" until the checks are satisfied or you override them. 
 72 | 
 73 | > **WARNING:** Do not override the checks if you have no idea why they are failing
 74 | 
 75 | ![gui step 1 - pre-checks](img/gui_step1.png)
 76 | 
 77 | Once you pass all the pre-install checks, the main installer window will open. If you wish to customize your install and change what packages are installed, see the [Customization](Customization.md) documentation page. Otherwise, select a profile from the dropdown menu and click "Install".
 78 | 
 79 | ![gui step 2 - installer](img/gui_step2.png)
 80 | 
 81 | You will get a password prompt for Boxstarter. If you do not have a password set or your password is blank, click "OK" without entering anything. Otherwise, enter your password into the textbox and click "OK".
 82 | 
 83 | ![gui step 3 - password](img/gui_step3.png)
 84 | 
 85 | The installer GUI will now close and the installation will start. You may monitor its progress inside the terminal window you used to launch the install script. During this time your system will restart multiple times. You will know that installation is finished when your background image gets changed to the Commando logo. 
 86 | 
 87 | Installation may take over an hour, depending on the specs of the target virtual machine.
 88 | 
 89 | > **WARNING:** CommandoVM is not a fully-unattended install. You need to monitor the install progress for any failures or errors.
 90 | 
 91 | ## Command-Line Install
 92 | 
 93 | First, download the CommandoVM repo from GitHub either as a ZIP, or using `git` from PowerShell if you have it installed already:
 94 | ```powershell
 95 | git clone https://github.com/mandiant/commando-vm.git
 96 | ```
 97 | 
 98 | The CommandoVM CLI install is non-interactive. You will need to pass several flags for it to start properly:
 99 | - `-cli` - required to avoid spawning the GUI installer
100 | - `-customProfile` - path to an XML profile. See [Customization](Customization.md) for the format.
101 | - `-noPassword` - if your user does not have a password set or the password is blank, pass this flag
102 | - `-password` - if your password is not blank, pass it to the installer using this flag
103 | 
104 | Here is an example of how you can install the default profile without a password:
105 | ```powershell
106 | .\install.ps1 -cli -customProfile .\Profiles\Default.xml -noPassword
107 | ```
108 | 
109 | Here is an example of how you can install the default profile with a password:
110 | ```powershell
111 | .\install.ps1 -cli -customProfile .\Profiles\Default.xml -password "Summer2023!"
112 | ```
113 | 
114 | The the installation will now start. During this time your system will restart multiple times. Installation may take over an hour, depending on the specs of the target virtual machine.
115 | 
116 | > **WARNING:** CommandoVM is not a fully-unattended install. You need to monitor the install progress for any failures or errors.
117 | 


--------------------------------------------------------------------------------
/Docs/img/CompareAndPullButton.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/CompareAndPullButton.png


--------------------------------------------------------------------------------
/Docs/img/Fork-Commando.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/Fork-Commando.png


--------------------------------------------------------------------------------
/Docs/img/gui_step1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/gui_step1.png


--------------------------------------------------------------------------------
/Docs/img/gui_step2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/gui_step2.png


--------------------------------------------------------------------------------
/Docs/img/gui_step3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/gui_step3.png


--------------------------------------------------------------------------------
/Docs/img/package_info.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/package_info.png


--------------------------------------------------------------------------------
/Docs/img/profile_manager.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/profile_manager.png


--------------------------------------------------------------------------------
/Docs/img/runasadmin.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/runasadmin.png


--------------------------------------------------------------------------------
/Docs/img/tamperprotection.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Docs/img/tamperprotection.png


--------------------------------------------------------------------------------
/Images/background-victim.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/background-victim.png


--------------------------------------------------------------------------------
/Images/background.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/background.png


--------------------------------------------------------------------------------
/Images/commando-readme.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/commando-readme.png


--------------------------------------------------------------------------------
/Images/commando.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/commando.ico


--------------------------------------------------------------------------------
/Images/commando.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/commando.png


--------------------------------------------------------------------------------
/Images/mandiant.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/mandiant/commando-vm/787a99fdbe1bc31547b79c420921a318e2c16bfb/Images/mandiant.png


--------------------------------------------------------------------------------
/License.txt:
--------------------------------------------------------------------------------
 1 | Apache License
 2 | 
 3 | Version 2.0, January 2004
 4 | 
 5 | http://www.apache.org/licenses/
 6 | 
 7 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 8 | 
 9 | 1. Definitions.
10 | 
11 | "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
12 | 
13 | "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License.
14 | 
15 | "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.
16 | 
17 | "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License.
18 | 
19 | "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files.
20 | 
21 | "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types.
22 | 
23 | "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
24 | 
25 | "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof.
26 | 
27 | "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution."
28 | 
29 | "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work.
30 | 
31 | 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
32 | 
33 | 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed.
34 | 
35 | 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions:
36 | 
37 | You must give any other recipients of the Work or Derivative Works a copy of this License; and
38 | You must cause any modified files to carry prominent notices stating that You changed the files; and
39 | You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and
40 | If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. 
41 | 
42 | You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License.
43 | 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions.
44 | 
45 | 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file.
46 | 
47 | 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License.
48 | 
49 | 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages.
50 | 
51 | 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
52 | 
53 | END OF TERMS AND CONDITIONS


--------------------------------------------------------------------------------
/Profiles/Configs/win10config.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |         <registry-item name="Set Dark Mode on System" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="SystemUsesLightTheme" type="DWord" data="0"/>
41 |         <registry-item name="Set Dark Mode on Apps" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="AppsUseLightTheme" type="DWord" data="0"/>
42 |         <registry-item name="Show full directory path in Explorer title bar" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState" value="FullPath" type="DWord" data="1"/>
43 |         <registry-item name="Show known file extensions" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="HideFileExt" type="DWord" data="0"/>
44 |         <registry-item name="Show hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="Hidden" type="DWord" data="1"/>
45 |         <registry-item name="Show super hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="ShowSuperHidden" type="DWord" data="1"/>
46 |         <registry-item name="Enable .NET Strong Crypto" path="HKLM:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" value="SchUseStrongCrypto" type="DWord" data="1" />
47 |         <registry-item name="Enable .NET Strong Crypto Wow6432Node" path="HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319" value="SchUseStrongCrypto" type="DWord" data="1" />
48 |         <registry-item name="Enable NTFS Long Paths" path="HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" value="LongPathsEnabled" type="DWord" data="1" />
49 |         <registry-item name="Disable SmartScreen" path="HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" value="EnableSmartScreen" type="DWord" data="0" />
50 |         <registry-item name="Disable Microsoft Edge Phishing Filter" path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" value="EnabledV9" type="DWord" data="0" />
51 |         <registry-item name="Disable Windows Firewall (Standard Profile)" path="HKLM:\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile" value="EnableFirewall" type="DWord" data="0" />
52 |         <registry-item name="Disable UAC Consent Prompt for Administrators" path="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" value="ConsentPromptBehaviorAdmin" type="DWord" data="0" />
53 |         <registry-item name="Disable UAC Prompt on Secure Desktop" path="HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" value="PromptOnSecureDesktop" type="DWord" data="0" />
54 |         <registry-item name="Disable LLMNR" path="HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" value="EnableMulticast" type="DWord" data="0" />
55 | 
56 |     </registry-items>
57 |     <path-items>
58 |         <!--
59 |         INFO:
60 |         Removes files and folders from the system
61 |         FORMAT: 
62 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
63 |         -->
64 |     </path-items>
65 |     <custom-items>
66 |         <!--
67 |         INFO:
68 |         Performs custom commands
69 |         FORMAT: 
70 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
71 |         -->
72 |         <custom-item name="Renaming Computer to 'commando'">
73 |             <cmd value="Rename-Computer -NewName 'commando'" />
74 |         </custom-item>
75 |         <custom-item name="Disabling Windows Firewall">
76 |             <cmd value="Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False" />
77 |         </custom-item>
78 |     </custom-items>
79 | </config>


--------------------------------------------------------------------------------
/Profiles/Configs/win10victimconfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |         <registry-item name="Set Light Mode on System" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="SystemUsesLightTheme" type="DWord" data="1"/>
41 |         <registry-item name="Set Light Mode on Apps" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" value="AppsUseLightTheme" type="DWord" data="1"/>
42 |         <registry-item name="Show full directory path in Explorer title bar" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState" value="FullPath" type="DWord" data="1"/>
43 |         <registry-item name="Show known file extensions" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="HideFileExt" type="DWord" data="0"/>
44 |         <registry-item name="Show hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="Hidden" type="DWord" data="1"/>
45 |         <registry-item name="Show super hidden files" path="HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" value="ShowSuperHidden" type="DWord" data="1"/>
46 |     </registry-items>
47 |     <path-items>
48 |         <!--
49 |         INFO:
50 |         Removes files and folders from the system
51 |         FORMAT: 
52 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
53 |         -->
54 |     </path-items>
55 |     <custom-items>
56 |         <!--
57 |         INFO:
58 |         Performs custom commands
59 |         FORMAT: 
60 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
61 |         -->
62 |         <custom-item name="Renaming Computer to 'commando'">
63 |             <cmd value="Rename-Computer -NewName 'commando'" />
64 |         </custom-item>
65 |         <custom-item name="Create Exclusions folder">
66 |             <cmd value="Set-MpPreference -ExclusionPath $Env:RAW_TOOLS_DIR" />
67 |         </custom-item>
68 |         <custom-item name="Disable Defender Automatic Sample Submission">
69 |             <cmd value="Set-MpPreference -SubmitSamplesConsent 2" />
70 |         </custom-item>
71 |         <custom-item name="Create low-priv user account">
72 |             <cmd name="Generate random password, create user, save password to logfile" value="$userPassword = -join ((97..122) | Get-Random -Count 20 | ForEach-Object {[char]$_}); $securePassword = ConvertTo-SecureString -String $userPassword -AsPlainText -Force; New-LocalUser -Name 'prometheus' -Description 'Created by Commando Installer' -Password $securePassword; VM-Write-Log 'INFO' $('Created new user prometheus with password ' + $userPassword)" />
73 |         </custom-item>
74 |     </custom-items>
75 | </config>


--------------------------------------------------------------------------------
/Profiles/Configs/win11armconfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |     </registry-items>
41 |     <path-items>
42 |         <!--
43 |         INFO:
44 |         Removes files and folders from the system
45 |         FORMAT: 
46 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
47 |         -->
48 |     </path-items>
49 |     <custom-items>
50 |         <!--
51 |         INFO:
52 |         Performs custom commands
53 |         FORMAT: 
54 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
55 |         -->
56 |         <custom-item name="Renaming Computer to 'commando'">
57 |             <cmd value="Rename-Computer -NewName 'commando'" />
58 |         </custom-item>
59 |     </custom-items>
60 | </config>


--------------------------------------------------------------------------------
/Profiles/Configs/win11armvictimconfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |     </registry-items>
41 |     <path-items>
42 |         <!--
43 |         INFO:
44 |         Removes files and folders from the system
45 |         FORMAT: 
46 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
47 |         -->
48 |     </path-items>
49 |     <custom-items>
50 |         <!--
51 |         INFO:
52 |         Performs custom commands
53 |         FORMAT: 
54 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
55 |         -->
56 |         <custom-item name="Renaming Computer to 'commando'">
57 |             <cmd value="Rename-Computer -NewName 'commando'" />
58 |         </custom-item>
59 |     </custom-items>
60 | </config>


--------------------------------------------------------------------------------
/Profiles/Configs/win11config.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |     </registry-items>
41 |     <path-items>
42 |         <!--
43 |         INFO:
44 |         Removes files and folders from the system
45 |         FORMAT: 
46 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
47 |         -->
48 |     </path-items>
49 |     <custom-items>
50 |         <!--
51 |         INFO:
52 |         Performs custom commands
53 |         FORMAT: 
54 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
55 |         -->
56 |         <custom-item name="Renaming Computer to 'commando'">
57 |             <cmd value="Rename-Computer -NewName 'commando'" />
58 |         </custom-item>
59 |     </custom-items>
60 | </config>


--------------------------------------------------------------------------------
/Profiles/Configs/win11victimconfig.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config> 
 3 |     <apps>
 4 |         <!--
 5 |         INFO:
 6 |         Removes installed AppX packages. Try:
 7 |         $packages = Get-AppxPackage
 8 |         $packages.Name
 9 |         FORMAT: 
10 |         <app name="APP_NAME"/>
11 |         -->
12 |     </apps>
13 |     <services>
14 |         <!--
15 |         INFO:
16 |         Sets Services to "Manual" startup type. Try:
17 |         $services = Get-WmiObject -Query "SELECT * FROM Win32_Service WHERE StartMode='Auto'" | Get-Service
18 |         $services.Name
19 |         FORMAT: 
20 |         <service name="SERVICE_NAME"/>
21 |         -->
22 |     </services>
23 |     <tasks>
24 |         <!--
25 |         INFO:
26 |         Disables Scheduled Tasks. Try:
27 |         $tasks = Get-ScheduledTask
28 |         $tasks.TaskName
29 |         FORMAT: 
30 |         <task name="DESCRIPTIVE_NAME" value="TASK_NAME"/> 
31 |         -->
32 |     </tasks>
33 |     <registry-items>
34 |         <!--
35 |         INFO:
36 |         Makes custom edits to the registry
37 |         FORMAT: 
38 |         <registry-item name="DESCRIPTIVE_NAME" path="REG_PATH" value="REG_VALUE" type="TYPE" data="NEW_DATA"/> 
39 |         -->
40 |     </registry-items>
41 |     <path-items>
42 |         <!--
43 |         INFO:
44 |         Removes files and folders from the system
45 |         FORMAT: 
46 |         <path-item name="DESCRIPTIVE_NAME" type="dir/file" path="DIR_PATH/FILE_PATH"/>
47 |         -->
48 |     </path-items>
49 |     <custom-items>
50 |         <!--
51 |         INFO:
52 |         Performs custom commands
53 |         FORMAT: 
54 |         <custom-item name="DESCRIPTIVE_NAME"> <cmd value="PS_COMMAND"/> ... </custom-item>
55 |         -->
56 |         <custom-item name="Renaming Computer to 'commando'">
57 |             <cmd value="Rename-Computer -NewName 'commando'" />
58 |         </custom-item>
59 |     </custom-items>
60 | </config>


--------------------------------------------------------------------------------
/Profiles/Default - ARM.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <config>
  3 |   <envs>
  4 |     <env name="MIN_DISK_SPACE" value="70" />
  5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
  6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
  7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
  8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
  9 |   </envs>
 10 |   <packages>
 11 |     <package name="notepadplusplus.vm" />
 12 |     <package name="7zip-15-05.vm" />
 13 |     <package name="azurehound.vm" />
 14 |     <package name="bloodhound.vm" />
 15 |     <package name="cmder.vm" />
 16 |     <package name="cyberchef.vm" />
 17 |     <package name="gobuster.vm" />
 18 |     <package name="sqlrecon.vm" />
 19 |     <package name="awscli" />
 20 |     <package name="az.powershell" />
 21 |     <package name="azure-cli" />
 22 |     <package name="teamfiltration.vm" />
 23 |     <package name="obsidian" />
 24 |     <package name="firefox" />
 25 |     <package name="greenshot" />
 26 |     <package name="keepass" />
 27 |     <package name="ilspy.vm" />
 28 |     <package name="wireshark.vm" />
 29 |     <package name="cyberchef.vm" />
 30 |     <package name="pebear.vm" />
 31 |     <package name="sysinternals.vm" />
 32 |     <package name="situational-awareness-bof.vm" />
 33 |     <package name="unhook-bof.vm" />
 34 |     <package name="stracciatella.vm" />
 35 |     <package name="nanodump.vm" />
 36 |     <package name="truestedsec-remote-ops-bof.vm" />
 37 |     <package name="outflank-c2-tool-collection.vm" />
 38 |     <package name="certify.vm" />
 39 |     <package name="streamdivert.vm" />
 40 |     <package name="whisker.vm" />
 41 |     <package name="confuserex.vm" />
 42 |     <package name="dotnettojscript.vm" />
 43 |     <package name="gadgettojscript.vm" />
 44 |     <package name="sharpup.vm" />
 45 |     <package name="az.powershell" />
 46 |     <package name="azure-cli" />
 47 |     <package name="routesixtysink.vm" />
 48 |     <package name="sharphound.vm" />
 49 |     <package name="spoolsample.vm" />
 50 |     <package name="sharpview.vm" />
 51 |     <package name="seatbelt.vm" />
 52 |     <package name="telnet.vm" />
 53 |     <package name="badassmacros.vm" />
 54 |     <package name="bloodhound-custom-queries.vm" />
 55 |     <package name="burp-free.vm" />
 56 |     <package name="c3.vm" />
 57 |     <package name="covenant.vm" />
 58 |     <package name="credninja.vm" />
 59 |     <package name="dumpert.vm" />
 60 |     <package name="evilclippy.vm" />
 61 |     <package name="exiftool.vm" />
 62 |     <package name="gowitness.vm" />
 63 |     <package name="group3r.vm" />
 64 |     <package name="hxd.vm" />
 65 |     <package name="invokedosfuscation.vm" />
 66 |     <package name="invokeobfuscation.vm" />
 67 |     <package name="juicypotato.vm" />
 68 |     <package name="keethief.vm" />
 69 |     <package name="kerbrute.vm" />
 70 |     <package name="mailsniper.vm" />
 71 |     <package name="mfasweep.vm" />
 72 |     <package name="minidump.vm" />
 73 |     <package name="microburst.vm" />
 74 |     <package name="netgpppassword.vm" />
 75 |     <package name="nmap.vm" />
 76 |     <package name="payloadsallthethings.vm" />
 77 |     <package name="petitpotam.vm" />
 78 |     <package name="powercat.vm" />
 79 |     <package name="powermad.vm" />
 80 |     <package name="powersploit.vm" />
 81 |     <package name="powerupsql.vm" />
 82 |     <package name="powerzure.vm" />
 83 |     <package name="processdump.vm" />
 84 |     <package name="rubeus.vm" />
 85 |     <package name="sharpdpapi.vm" />
 86 |     <package name="sharplaps.vm" />
 87 |     <package name="sharpsecdump.vm" />
 88 |     <package name="sharpwmi.vm" />
 89 |     <package name="sliver.vm" />
 90 |     <package name="snaffler.vm" />
 91 |     <package name="syswhispers2.vm" />
 92 |     <package name="tor-browser.vm" />
 93 |     <package name="upx.vm" />
 94 |     <package name="windbg.vm" />
 95 |     <package name="adconnectdump.vm" />
 96 |     <package name="ldapnomnom.vm" />
 97 |     <package name="pesieve.vm" />
 98 |     <package name="shellcode_launcher.vm" />
 99 |     <package name="asreproast.vm" />
100 |     <package name="dnspyex.vm" />
101 |     <package name="fakenet-ng.vm" />
102 |     <package name="nasm.vm" />
103 |     <package name="mimikatz.vm" />
104 |     <package name="safetykatz.vm" />
105 |     <package name="sharpcliphistory.vm" />
106 |     <package name="sharpdump.vm" />
107 |     <package name="sharpexec.vm" />
108 |     <package name="syswhispers3.vm" />
109 |     <package name="vnc-viewer.vm" />
110 |     <package name="wmimplant.vm" />
111 |     <package name="x64dbg.vm" />
112 |     <package name="getlapspasswords.vm" />
113 |     <package name="inveigh.vm" />
114 |     <package name="merlin.vm" />
115 |     <package name="openvpn.vm" />
116 |     <package name="resourcehacker.vm" />
117 |     <package name="sqlitebrowser.vm" />
118 |     <package name="winscp.vm" />
119 |     <package name="jre8" />
120 |     <package name="unxutils" />
121 |   </packages>
122 | </config>


--------------------------------------------------------------------------------
/Profiles/Default.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <config>
  3 |   <envs>
  4 |     <env name="MIN_DISK_SPACE" value="70" />
  5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
  6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
  7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
  8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
  9 |   </envs>
 10 |   <packages>
 11 |     <package name="notepadplusplus.vm" />
 12 |     <package name="7zip-15-05.vm" />
 13 |     <package name="azurehound.vm" />
 14 |     <package name="bloodhound.vm" />
 15 |     <package name="cmder.vm" />
 16 |     <package name="cyberchef.vm" />
 17 |     <package name="gobuster.vm" />
 18 |     <package name="sqlrecon.vm" />
 19 |     <package name="awscli" />
 20 |     <package name="az.powershell" />
 21 |     <package name="azure-cli" />
 22 |     <package name="teamfiltration.vm" />
 23 |     <package name="obsidian" />
 24 |     <package name="googlechrome" />
 25 |     <package name="firefox" />
 26 |     <package name="vscode" />
 27 |     <package name="greenshot" />
 28 |     <package name="vlc" />
 29 |     <package name="keepass" />
 30 |     <package name="ilspy.vm" />
 31 |     <package name="wireshark.vm" />
 32 |     <package name="cyberchef.vm" />
 33 |     <package name="pebear.vm" />
 34 |     <package name="sysinternals.vm" />
 35 |     <package name="situational-awareness-bof.vm" />
 36 |     <package name="unhook-bof.vm" />
 37 |     <package name="stracciatella.vm" />
 38 |     <package name="nanodump.vm" />
 39 |     <package name="truestedsec-remote-ops-bof.vm" />
 40 |     <package name="outflank-c2-tool-collection.vm" />
 41 |     <package name="certify.vm" />
 42 |     <package name="streamdivert.vm" />
 43 |     <package name="whisker.vm" />
 44 |     <package name="confuserex.vm" />
 45 |     <package name="dotnettojscript.vm" />
 46 |     <package name="gadgettojscript.vm" />
 47 |     <package name="sharpup.vm" />
 48 |     <package name="az.powershell" />
 49 |     <package name="azure-cli" />
 50 |     <package name="routesixtysink.vm" />
 51 |     <package name="sharphound.vm" />
 52 |     <package name="spoolsample.vm" />
 53 |     <package name="sharpview.vm" />
 54 |     <package name="seatbelt.vm" />
 55 |     <package name="telnet.vm" />
 56 |     <package name="badassmacros.vm" />
 57 |     <package name="bloodhound-custom-queries.vm" />
 58 |     <package name="burp-free.vm" />
 59 |     <package name="c3.vm" />
 60 |     <package name="covenant.vm" />
 61 |     <package name="credninja.vm" />
 62 |     <package name="dumpert.vm" />
 63 |     <package name="evilclippy.vm" />
 64 |     <package name="exiftool.vm" />
 65 |     <package name="gowitness.vm" />
 66 |     <package name="group3r.vm" />
 67 |     <package name="hxd.vm" />
 68 |     <package name="invokedosfuscation.vm" />
 69 |     <package name="invokeobfuscation.vm" />
 70 |     <package name="juicypotato.vm" />
 71 |     <package name="keethief.vm" />
 72 |     <package name="kerbrute.vm" />
 73 |     <package name="mailsniper.vm" />
 74 |     <package name="mfasweep.vm" />
 75 |     <package name="minidump.vm" />
 76 |     <package name="microburst.vm" />
 77 |     <package name="netgpppassword.vm" />
 78 |     <package name="nmap.vm" />
 79 |     <package name="payloadsallthethings.vm" />
 80 |     <package name="petitpotam.vm" />
 81 |     <package name="powercat.vm" />
 82 |     <package name="powermad.vm" />
 83 |     <package name="powersploit.vm" />
 84 |     <package name="powerupsql.vm" />
 85 |     <package name="powerzure.vm" />
 86 |     <package name="processdump.vm" />
 87 |     <package name="rubeus.vm" />
 88 |     <package name="sharpdpapi.vm" />
 89 |     <package name="sharplaps.vm" />
 90 |     <package name="sharpsecdump.vm" />
 91 |     <package name="sharpwmi.vm" />
 92 |     <package name="sliver.vm" />
 93 |     <package name="snaffler.vm" />
 94 |     <package name="syswhispers2.vm" />
 95 |     <package name="tor-browser.vm" />
 96 |     <package name="upx.vm" />
 97 |     <package name="windbg.vm" />
 98 |     <package name="adconnectdump.vm" />
 99 |     <package name="ldapnomnom.vm" />
100 |     <package name="pesieve.vm" />
101 |     <package name="shellcode_launcher.vm" />
102 |     <package name="asreproast.vm" />
103 |     <package name="dnspyex.vm" />
104 |     <package name="fakenet-ng.vm" />
105 |     <package name="nasm.vm" />
106 |     <package name="mimikatz.vm" />
107 |     <package name="safetykatz.vm" />
108 |     <package name="sharpcliphistory.vm" />
109 |     <package name="sharpdump.vm" />
110 |     <package name="sharpexec.vm" />
111 |     <package name="syswhispers3.vm" />
112 |     <package name="vnc-viewer.vm" />
113 |     <package name="wmimplant.vm" />
114 |     <package name="x64dbg.vm" />
115 |     <package name="getlapspasswords.vm" />
116 |     <package name="inveigh.vm" />
117 |     <package name="merlin.vm" />
118 |     <package name="openvpn.vm" />
119 |     <package name="resourcehacker.vm" />
120 |     <package name="sqlitebrowser.vm" />
121 |     <package name="winscp.vm" />
122 |     <package name="jre8" />
123 |     <package name="unxutils" />
124 |   </packages>
125 | </config>


--------------------------------------------------------------------------------
/Profiles/Developer.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config>
 3 |   <envs>
 4 |     <env name="MIN_DISK_SPACE" value="80" />
 5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
 6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
 7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
 8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
 9 |   </envs>
10 |   <packages>
11 |     <package name="notepadplusplus.vm" />
12 |     <package name="apimonitor.vm" />
13 |     <package name="badassmacros.vm" />
14 |     <package name="bytecodeviewer.vm" />
15 |     <package name="capa.vm" />
16 |     <package name="codetrack.vm" />
17 |     <package name="confuserex.vm" />
18 |     <package name="covenant.vm" />
19 |     <package name="cyberchef.vm" />
20 |     <package name="dll-to-exe.vm" />
21 |     <package name="dotnettojscript.vm" />
22 |     <package name="evilclippy.vm" />
23 |     <package name="gadgettojscript.vm" />
24 |     <package name="hashmyfiles.vm" />
25 |     <package name="invokedosfuscation.vm" />
26 |     <package name="invokeobfuscation.vm" />
27 |     <package name="merlin.vm" />
28 |     <package name="openvpn.vm" />
29 |     <package name="pebear.vm" />
30 |     <package name="pesieve.vm" />
31 |     <package name="pestudio.vm" />
32 |     <package name="processdump.vm" />
33 |     <package name="resourcehacker.vm" />
34 |     <package name="rundotnetdll.vm" />
35 |     <package name="scdbg.vm" />
36 |     <package name="setdllcharacteristics.vm" />
37 |     <package name="shellcode_launcher.vm" />
38 |     <package name="sliver.vm" />
39 |     <package name="stracciatella.vm" />
40 |     <package name="sysinternals.vm" />
41 |     <package name="syswhispers2.vm" />
42 |     <package name="syswhispers3.vm" />
43 |     <package name="telnet.vm" />
44 |     <package name="tor-browser.vm" />
45 |     <package name="unhook-bof.vm" />
46 |     <package name="upx.vm" />
47 |     <package name="visualstudio.vm" />
48 |     <package name="vcbuildtools.vm" />
49 |     <package name="windbg.vm" />
50 |     <package name="winscp.vm" />
51 |     <package name="wireshark.vm" />
52 |     <package name="wmimplant.vm" />
53 |     <package name="x64dbg.vm" />
54 |     <package name="yara.vm" />
55 |     <package name="c3.vm" />
56 |     <package name="obsidian" />
57 |     <package name="googlechrome" />
58 |     <package name="firefox" />
59 |     <package name="vscode" />
60 |     <package name="greenshot" />
61 |     <package name="vlc" />
62 |     <package name="gimp" />
63 |     <package name="keepass" />
64 |     <package name="adobereader" />
65 |     <package name="golang" />
66 |     <package name="rust" />
67 |     <package name="nim" />
68 |     <package name="idafree.vm" />
69 |     <package name="exiftool.vm" />
70 |     <package name="hxd.vm" />
71 |     <package name="cmder.vm" />
72 |     <package name="python3" />
73 |     <package name="fiddlerclassic.vm" />
74 |     <package name="burp-free.vm" />
75 |     <package name="nmap.vm" />
76 |     <package name="git" />
77 |     <package name="sublimetext3.app" />
78 |     <package name="unxutils" />
79 |     <package name="ghidra.vm" />
80 |   </packages>
81 | </config>


--------------------------------------------------------------------------------
/Profiles/Full - ARM.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <config>
  3 |   <envs>
  4 |     <env name="MIN_DISK_SPACE" value="100" />
  5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
  6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
  7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
  8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
  9 |   </envs>
 10 |   <packages>
 11 |     <package name="notepadplusplus.vm" />
 12 |     <package name="7zip-15-05.vm" />
 13 |     <package name="azurehound.vm" />
 14 |     <package name="bloodhound.vm" />
 15 |     <package name="cmder.vm" />
 16 |     <package name="cyberchef.vm" />
 17 |     <package name="gobuster.vm" />
 18 |     <package name="sqlrecon.vm" />
 19 |     <package name="awscli" />
 20 |     <package name="az.powershell" />
 21 |     <package name="azure-cli" />
 22 |     <package name="teamfiltration.vm" />
 23 |     <package name="obsidian" />
 24 |     <package name="firefox" />
 25 |     <package name="greenshot" />
 26 |     <package name="gimp" />
 27 |     <package name="keepass" />
 28 |     <package name="adobereader" />
 29 |     <package name="golang" />
 30 |     <package name="rust" />
 31 |     <package name="nim" />
 32 |     <package name="visualstudio.vm" />
 33 |     <package name="ilspy.vm" />
 34 |     <package name="wireshark.vm" />
 35 |     <package name="cyberchef.vm" />
 36 |     <package name="pebear.vm" />
 37 |     <package name="sysinternals.vm" />
 38 |     <package name="situational-awareness-bof.vm" />
 39 |     <package name="unhook-bof.vm" />
 40 |     <package name="stracciatella.vm" />
 41 |     <package name="nanodump.vm" />
 42 |     <package name="truestedsec-remote-ops-bof.vm" />
 43 |     <package name="outflank-c2-tool-collection.vm" />
 44 |     <package name="certify.vm" />
 45 |     <package name="streamdivert.vm" />
 46 |     <package name="whisker.vm" />
 47 |     <package name="confuserex.vm" />
 48 |     <package name="dotnettojscript.vm" />
 49 |     <package name="gadgettojscript.vm" />
 50 |     <package name="sharpup.vm" />
 51 |     <package name="idafree.vm" />
 52 |     <package name="az.powershell" />
 53 |     <package name="azure-cli" />
 54 |     <package name="routesixtysink.vm" />
 55 |     <package name="sharphound.vm" />
 56 |     <package name="spoolsample.vm" />
 57 |     <package name="sharpview.vm" />
 58 |     <package name="seatbelt.vm" />
 59 |     <package name="telnet.vm" />
 60 |     <package name="badassmacros.vm" />
 61 |     <package name="bloodhound-custom-queries.vm" />
 62 |     <package name="burp-free.vm" />
 63 |     <package name="bytecodeviewer.vm" />
 64 |     <package name="c3.vm" />
 65 |     <package name="covenant.vm" />
 66 |     <package name="credninja.vm" />
 67 |     <package name="dumpert.vm" />
 68 |     <package name="evilclippy.vm" />
 69 |     <package name="exiftool.vm" />
 70 |     <package name="fuzzdb.vm" />
 71 |     <package name="ghidra.vm" />
 72 |     <package name="gowitness.vm" />
 73 |     <package name="group3r.vm" />
 74 |     <package name="hxd.vm" />
 75 |     <package name="invokedosfuscation.vm" />
 76 |     <package name="invokeobfuscation.vm" />
 77 |     <package name="juicypotato.vm" />
 78 |     <package name="keethief.vm" />
 79 |     <package name="kerbrute.vm" />
 80 |     <package name="mailsniper.vm" />
 81 |     <package name="mfasweep.vm" />
 82 |     <package name="minidump.vm" />
 83 |     <package name="microburst.vm" />
 84 |     <package name="netgpppassword.vm" />
 85 |     <package name="nmap.vm" />
 86 |     <package name="payloadsallthethings.vm" />
 87 |     <package name="pestudio.vm" />
 88 |     <package name="petitpotam.vm" />
 89 |     <package name="powercat.vm" />
 90 |     <package name="powermad.vm" />
 91 |     <package name="powersploit.vm" />
 92 |     <package name="powerupsql.vm" />
 93 |     <package name="powerzure.vm" />
 94 |     <package name="processdump.vm" />
 95 |     <package name="rubeus.vm" />
 96 |     <package name="seclists.vm" />
 97 |     <package name="sharpdpapi.vm" />
 98 |     <package name="sharplaps.vm" />
 99 |     <package name="sharpsecdump.vm" />
100 |     <package name="sharpwmi.vm" />
101 |     <package name="sliver.vm" />
102 |     <package name="snaffler.vm" />
103 |     <package name="statistically-likely-usernames.vm" />
104 |     <package name="syswhispers2.vm" />
105 |     <package name="tor-browser.vm" />
106 |     <package name="upx.vm" />
107 |     <package name="windbg.vm" />
108 |     <package name="adconnectdump.vm" />
109 |     <package name="ldapnomnom.vm" />
110 |     <package name="pesieve.vm" />
111 |     <package name="shellcode_launcher.vm" />
112 |     <package name="asreproast.vm" />
113 |     <package name="dnspyex.vm" />
114 |     <package name="fakenet-ng.vm" />
115 |     <package name="nasm.vm" />
116 |     <package name="mimikatz.vm" />
117 |     <package name="safetykatz.vm" />
118 |     <package name="sharpcliphistory.vm" />
119 |     <package name="sharpdump.vm" />
120 |     <package name="sharpexec.vm" />
121 |     <package name="syswhispers3.vm" />
122 |     <package name="vnc-viewer.vm" />
123 |     <package name="wmimplant.vm" />
124 |     <package name="x64dbg.vm" />
125 |     <package name="getlapspasswords.vm" />
126 |     <package name="inveigh.vm" />
127 |     <package name="merlin.vm" />
128 |     <package name="openvpn.vm" />
129 |     <package name="resourcehacker.vm" />
130 |     <package name="sqlitebrowser.vm" />
131 |     <package name="winscp.vm" />
132 |     <package name="jre8" />
133 |     <package name="tortoisesvn" />
134 |     <package name="qbittorrent" />
135 |     <package name="dbeaver" />
136 |     <package name="hfsexplorer" />
137 |     <package name="unxutils" />
138 |   </packages>
139 | </config>


--------------------------------------------------------------------------------
/Profiles/Full.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <config>
  3 |   <envs>
  4 |     <env name="MIN_DISK_SPACE" value="100" />
  5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
  6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
  7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
  8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
  9 |   </envs>
 10 |   <packages>
 11 |     <package name="notepadplusplus.vm" />
 12 |     <package name="7zip-15-05.vm" />
 13 |     <package name="azurehound.vm" />
 14 |     <package name="bloodhound.vm" />
 15 |     <package name="cmder.vm" />
 16 |     <package name="cyberchef.vm" />
 17 |     <package name="gobuster.vm" />
 18 |     <package name="sqlrecon.vm" />
 19 |     <package name="awscli" />
 20 |     <package name="az.powershell" />
 21 |     <package name="azure-cli" />
 22 |     <package name="teamfiltration.vm" />
 23 |     <package name="obsidian" />
 24 |     <package name="googlechrome" />
 25 |     <package name="firefox" />
 26 |     <package name="vscode" />
 27 |     <package name="greenshot" />
 28 |     <package name="vlc" />
 29 |     <package name="gimp" />
 30 |     <package name="keepass" />
 31 |     <package name="adobereader" />
 32 |     <package name="golang" />
 33 |     <package name="rust" />
 34 |     <package name="nim" />
 35 |     <package name="visualstudio.vm" />
 36 |     <package name="ilspy.vm" />
 37 |     <package name="wireshark.vm" />
 38 |     <package name="cyberchef.vm" />
 39 |     <package name="pebear.vm" />
 40 |     <package name="sysinternals.vm" />
 41 |     <package name="situational-awareness-bof.vm" />
 42 |     <package name="unhook-bof.vm" />
 43 |     <package name="stracciatella.vm" />
 44 |     <package name="nanodump.vm" />
 45 |     <package name="truestedsec-remote-ops-bof.vm" />
 46 |     <package name="outflank-c2-tool-collection.vm" />
 47 |     <package name="certify.vm" />
 48 |     <package name="streamdivert.vm" />
 49 |     <package name="whisker.vm" />
 50 |     <package name="confuserex.vm" />
 51 |     <package name="dotnettojscript.vm" />
 52 |     <package name="gadgettojscript.vm" />
 53 |     <package name="sharpup.vm" />
 54 |     <package name="idafree.vm" />
 55 |     <package name="az.powershell" />
 56 |     <package name="azure-cli" />
 57 |     <package name="routesixtysink.vm" />
 58 |     <package name="sharphound.vm" />
 59 |     <package name="spoolsample.vm" />
 60 |     <package name="sharpview.vm" />
 61 |     <package name="seatbelt.vm" />
 62 |     <package name="telnet.vm" />
 63 |     <package name="badassmacros.vm" />
 64 |     <package name="bloodhound-custom-queries.vm" />
 65 |     <package name="burp-free.vm" />
 66 |     <package name="bytecodeviewer.vm" />
 67 |     <package name="c3.vm" />
 68 |     <package name="covenant.vm" />
 69 |     <package name="credninja.vm" />
 70 |     <package name="dumpert.vm" />
 71 |     <package name="evilclippy.vm" />
 72 |     <package name="exiftool.vm" />
 73 |     <package name="fuzzdb.vm" />
 74 |     <package name="ghidra.vm" />
 75 |     <package name="gowitness.vm" />
 76 |     <package name="group3r.vm" />
 77 |     <package name="hxd.vm" />
 78 |     <package name="invokedosfuscation.vm" />
 79 |     <package name="invokeobfuscation.vm" />
 80 |     <package name="juicypotato.vm" />
 81 |     <package name="keethief.vm" />
 82 |     <package name="kerbrute.vm" />
 83 |     <package name="mailsniper.vm" />
 84 |     <package name="mfasweep.vm" />
 85 |     <package name="minidump.vm" />
 86 |     <package name="microburst.vm" />
 87 |     <package name="netgpppassword.vm" />
 88 |     <package name="nmap.vm" />
 89 |     <package name="payloadsallthethings.vm" />
 90 |     <package name="pestudio.vm" />
 91 |     <package name="petitpotam.vm" />
 92 |     <package name="powercat.vm" />
 93 |     <package name="powermad.vm" />
 94 |     <package name="powersploit.vm" />
 95 |     <package name="powerupsql.vm" />
 96 |     <package name="powerzure.vm" />
 97 |     <package name="processdump.vm" />
 98 |     <package name="rubeus.vm" />
 99 |     <package name="seclists.vm" />
100 |     <package name="sharpdpapi.vm" />
101 |     <package name="sharplaps.vm" />
102 |     <package name="sharpsecdump.vm" />
103 |     <package name="sharpwmi.vm" />
104 |     <package name="sliver.vm" />
105 |     <package name="snaffler.vm" />
106 |     <package name="statistically-likely-usernames.vm" />
107 |     <package name="syswhispers2.vm" />
108 |     <package name="tor-browser.vm" />
109 |     <package name="upx.vm" />
110 |     <package name="windbg.vm" />
111 |     <package name="adconnectdump.vm" />
112 |     <package name="ldapnomnom.vm" />
113 |     <package name="pesieve.vm" />
114 |     <package name="shellcode_launcher.vm" />
115 |     <package name="asreproast.vm" />
116 |     <package name="dnspyex.vm" />
117 |     <package name="fakenet-ng.vm" />
118 |     <package name="nasm.vm" />
119 |     <package name="mimikatz.vm" />
120 |     <package name="safetykatz.vm" />
121 |     <package name="sharpcliphistory.vm" />
122 |     <package name="sharpdump.vm" />
123 |     <package name="sharpexec.vm" />
124 |     <package name="syswhispers3.vm" />
125 |     <package name="vnc-viewer.vm" />
126 |     <package name="wmimplant.vm" />
127 |     <package name="x64dbg.vm" />
128 |     <package name="getlapspasswords.vm" />
129 |     <package name="inveigh.vm" />
130 |     <package name="merlin.vm" />
131 |     <package name="openvpn.vm" />
132 |     <package name="resourcehacker.vm" />
133 |     <package name="sqlitebrowser.vm" />
134 |     <package name="winscp.vm" />
135 |     <package name="jre8" />
136 |     <package name="tortoisesvn" />
137 |     <package name="qbittorrent" />
138 |     <package name="dbeaver" />
139 |     <package name="hfsexplorer" />
140 |     <package name="unxutils" />
141 |   </packages>
142 | </config>


--------------------------------------------------------------------------------
/Profiles/Lite.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config>
 3 |   <envs>
 4 |     <env name="MIN_DISK_SPACE" value="60" />
 5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
 6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
 7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
 8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
 9 |   </envs>
10 |   <packages>
11 |     <package name="notepadplusplus.vm" />
12 |     <package name="bloodhound.vm" />
13 |     <package name="burp-free.vm" />
14 |     <package name="certify.vm" />
15 |     <package name="credninja.vm" />
16 |     <package name="confuserex.vm" />
17 |     <package name="cyberchef.vm" />
18 |     <package name="gobuster.vm" />
19 |     <package name="fuzzdb.vm" />
20 |     <package name="juicypotato.vm" />
21 |     <package name="hashmyfiles.vm" />
22 |     <package name="mimikatz.vm" />
23 |     <package name="nanodump.vm" />
24 |     <package name="nmap.vm" />
25 |     <package name="openvpn.vm" />
26 |     <package name="outflank-c2-tool-collection.vm" />
27 |     <package name="petitpotam.vm" />
28 |     <package name="powersploit.vm" />
29 |     <package name="powerupsql.vm" />
30 |     <package name="rubeus.vm" />
31 |     <package name="seatbelt.vm" />
32 |     <package name="seclists.vm" />
33 |     <package name="sharphound.vm" />
34 |     <package name="sharpdpapi.vm" />
35 |     <package name="sharpup.vm" />
36 |     <package name="sharpview.vm" />
37 |     <package name="shellcode_launcher.vm" />
38 |     <package name="situational-awareness-bof.vm" />
39 |     <package name="snaffler.vm" />
40 |     <package name="sysinternals.vm" />
41 |     <package name="telnet.vm" />
42 |     <package name="truestedsec-remote-ops-bof.vm" />
43 |     <package name="unhook-bof.vm" />
44 |     <package name="whisker.vm" />
45 |     <package name="7zip-15-05.vm" />
46 |     <package name="obsidian" />
47 |     <package name="googlechrome" />
48 |     <package name="firefox" />
49 |     <package name="vscode" />
50 |     <package name="git" />
51 |     <package name="bloodhound-custom-queries.vm" />
52 |     <package name="unxutils" />
53 |   </packages>
54 | </config>


--------------------------------------------------------------------------------
/Profiles/Victim.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <config>
 3 |   <envs>
 4 |     <env name="MIN_DISK_SPACE" value="50" />
 5 |     <env name="VM_COMMON_DIR" value="%ProgramData%\_VM" />
 6 |     <env name="TOOL_LIST_DIR" value="%ProgramData%\Microsoft\Windows\Start Menu\Programs\Tools" />
 7 |     <env name="TOOL_LIST_SHORTCUT" value="%UserProfile%\Desktop\Tools.lnk" />
 8 |     <env name="RAW_TOOLS_DIR" value="%SystemDrive%\Tools" />
 9 |   </envs>
10 |   <packages>
11 |     <package name="apimonitor.vm" />
12 |     <package name="capa.vm" />
13 |     <package name="cmder.vm" />
14 |     <package name="codetrack.vm" />
15 |     <package name="cyberchef.vm" />
16 |     <package name="dependencywalker.vm" />
17 |     <package name="die.vm" />
18 |     <package name="dnspyex.vm" />
19 |     <package name="exeinfope.vm" />
20 |     <package name="exiftool.vm" />
21 |     <package name="file.vm" />
22 |     <package name="floss.vm" />
23 |     <package name="hashmyfiles.vm" />
24 |     <package name="hollowshunter.vm" />
25 |     <package name="hxd.vm" />
26 |     <package name="idafree.vm" />
27 |     <package name="malware-jail.vm" />
28 |     <package name="map.vm" />
29 |     <package name="ollydbg.vm" />
30 |     <package name="pebear.vm" />
31 |     <package name="peid.vm" />
32 |     <package name="pesieve.vm" />
33 |     <package name="pestudio.vm" />
34 |     <package name="resourcehacker.vm" />
35 |     <package name="rundotnetdll.vm" />
36 |     <package name="scdbg.vm" />
37 |     <package name="shellcode_launcher.vm" />
38 |     <package name="vbdec.vm" />
39 |     <package name="windbg.vm" />
40 |     <package name="winscp.vm" />
41 |     <package name="wireshark.vm" />
42 |     <package name="x64dbg.vm" />
43 |     <package name="yara.vm" />
44 |     <package name="processdump.vm" />
45 |     <package name="setdllcharacteristics.vm" />
46 |     <package name="googlechrome" />
47 |     <package name="firefox" />
48 |     <package name="unxutils" />
49 |     <package name="sysinternals.vm" />
50 |     <package name="fiddlerclassic.vm" />
51 |   </packages>
52 | </config>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | ![CommandoLogo](Images/commando-readme.png)
  2 | 
  3 | ## What is CommandoVM?
  4 | 
  5 | **Complete Mandiant Offensive VM ("CommandoVM")** is a comprehensive and customizable, Windows-based security distribution for penetration testing and red teaming. CommandoVM comes packaged with a variety of offensive tools not included in [Kali Linux](https://www.kali.org/) which highlight the effectiveness of Windows as an attack platform.
  6 | 
  7 | ## Requirements
  8 | * Windows 10
  9 | > Insider Preview editions of Windows are not supported
 10 | * 60 GB Hard Drive
 11 | * 2 GB RAM
 12 | 
 13 | ## Recommended
 14 | * Windows 10 22H2
 15 | * 80+ GB Hard Drive
 16 | * 4+ GB RAM
 17 | * 2 network adapters
 18 | 
 19 | # Install Instructions
 20 | Deploy a Windows Virtual Machine
 21 |    > [Where can I find a Windows 10 Virtual Machine?](https://www.microsoft.com/en-us/software-download/windows10ISO)
 22 | 
 23 | ## Pre-Install Procedures
 24 | **You MUST disable Windows Defender for a smooth install**. The best way to accomplish this is through Group Policy.
 25 | 
 26 | In Windows versions 1909 and higher, Tamper Protection was added.
 27 | **Tamper Protection must be disabled first, otherwise Group Policy settings are ignored.**
 28 | 
 29 | 1. Open Windows Security (type `Windows Security` in the search box)
 30 | 1. Virus & threat protection > Virus & threat protection settings > Manage settings
 31 | 1. Switch `Tamper Protection` to `Off` 
 32 | > It is not necessary to change any other setting (`Real Time Protection`, etc.)
 33 | 
 34 | > **Important!** Tamper Protection must be disabled before changing Group Policy settings.
 35 | 
 36 | To permanently disable Real Time Protection:
 37 | 
 38 | 1. Make sure you disabled Tamper Protection
 39 | 1. Open Local Group Policy Editor (type `gpedit` in the search box)
 40 | 1. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > Real-time Protection
 41 | 1. Enable `Turn off real-time protection`
 42 | 1. **Reboot**
 43 | > Make sure to **reboot** before making the next change
 44 | 
 45 | To permanently disable Microsoft Defender:
 46 | 
 47 | 1. Make sure you rebooted your machine
 48 | 1. Open Local Group Policy Editor (type `gpedit` in the search box)
 49 | 1. Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus
 50 | 1. Enable `Turn off Microsoft Defender Antivirus`
 51 | 1. **Reboot**
 52 | 
 53 |   [1]: https://stackoverflow.com/questions/62174426/how-to-permanently-disable-windows-defender-real-time-protection-with-gpo
 54 | 
 55 | ## Installation 
 56 | 1. Complete the pre-install procedures by disabling Defender
 57 | 1. Download and extract the zip of the Commando-VM repo
 58 | 1. Run PowerShell as Administrator
 59 | 1. `Set-ExecutionPolicy Unrestricted -force`
 60 | 1. `cd ~/Downloads/commando-vm`
 61 | 1. `Get-ChildItem .\ -Recurse | Unblock-File`
 62 | 1. `.\install.ps1` for a GUI install or `.\install.ps1 -cli` for command-line
 63 | 
 64 | 
 65 | ## Contributing
 66 | Looking to contribute? Check the links below to learn how!
 67 | 
 68 | ### Commando-VM (this repository)
 69 | - See our quick start guide to go from zero to Commando ASAP! [https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md](https://github.com/mandiant/commando-vm/blob/main/Docs/Commando_Quickstart_Guide.md)
 70 | 
 71 | ### VM-Packages (where all the packages live)
 72 | * [Repository of all tool packages (VM-packages)](https://github.com/mandiant/VM-Packages)
 73 | * [Documentation and contribution guides for tool packages](https://github.com/mandiant/VM-Packages/wiki)
 74 | * [Submit new tool packages or report package related issues](https://github.com/mandiant/VM-Packages/issues)
 75 | 
 76 | ## Troubleshooting
 77 | See the ![troubleshooting documentation](https://github.com/mandiant/commando-vm/blob/main/Docs/Troubleshooting.md) for more information.
 78 | 
 79 | ## Credits
 80 | 
 81 | - Jake Barteaux         @day1player
 82 | - Blaine Stancill       @MalwareMechanic
 83 | - Nhan Huynh            @htnhan
 84 | - Drew Farber           @0xFarbs
 85 | - Alex Tselevich        @nos3curity
 86 | - George Litvinov       @geo-lit
 87 | - Dennis Tran           @Menn1s
 88 | - Joseph Clay           @skollr34p3r
 89 | - Ana Martinez Gomez    @anamma_06
 90 | - Moritz Raabe
 91 | - Derrick Tran          @dumosuku
 92 | - Mandiant Red Team
 93 | - Mandiant FLARE
 94 | 
 95 | ## Legal Notice
 96 | 
 97 | ```
 98 | This download configuration script is provided to assist penetration testers
 99 | in creating handy and versatile toolboxes for offensive engagements. It provides 
100 | a convenient interface for them to obtain a useful set of pentesting Tools directly 
101 | from their original sources. Installation and use of this script is subject to the 
102 | Apache 2.0 License.
103 |  
104 | You as a user of this script must review, accept and comply with the license
105 | terms of each downloaded/installed package listed below. By proceeding with the
106 | installation, you are accepting the license terms of each package, and
107 | acknowledging that your use of each package will be subject to its respective
108 | license terms.
109 | ```
110 | 


--------------------------------------------------------------------------------
/install.ps1:
--------------------------------------------------------------------------------
   1 | <#
   2 |     .SYNOPSIS
   3 |         Installation script for CommandoVM.
   4 |     .DESCRIPTION
   5 |         Placeholder
   6 |     .PARAMETER cli
   7 |         Switch parameter to skip customization GUI.
   8 |     .PARAMETER victim
   9 |         Switch parameter to to install the victim profile.
  10 |     .PARAMETER skipChecks
  11 |         Switch parameter to skip validation checks (not recommended).
  12 |     .PARAMETER password
  13 |         [CLI INSTALL] Current user password to allow reboot resiliency via Boxstarter
  14 |     .PARAMETER noPassword
  15 |         [CLI INSTALL] Used when the user password is not set or is blank
  16 |     .PARAMETER customProfile
  17 |         [CLI INSTALL] Path to a configuration XML file. May be a file path or URL.
  18 |     .EXAMPLE
  19 |         .\install.ps1
  20 |     .LINK
  21 |         https://github.com/mandiant/commando-vm
  22 |         https://github.com/mandiant/VM-Packages
  23 | #>
  24 | 
  25 | param (
  26 |     [switch]$cli,
  27 |     [switch]$victim,
  28 |     [switch]$skipChecks,
  29 |     [switch]$noPassword,
  30 |     [string]$password,
  31 |     [string]$customProfile
  32 | )
  33 | 
  34 | $asciiArt = @'
  35 | ▄████▄   ▒█████   ███▄ ▄███▓ ███▄ ▄███▓ ▄▄▄       ███▄    █ ▓█████▄  ▒█████  
  36 | ▒██▀ ▀█  ▒██▒  ██▒▓██▒▀█▀ ██▒▓██▒▀█▀ ██▒▒████▄     ██ ▀█   █ ▒██▀ ██▌▒██▒  ██▒
  37 | ▒▓█    ▄ ▒██░  ██▒▓██    ▓██░▓██    ▓██░▒██  ▀█▄  ▓██  ▀█ ██▒░██   █▌▒██░  ██▒
  38 | ▒▓▓▄ ▄██▒▒██   ██░▒██    ▒██ ▒██    ▒██ ░██▄▄▄▄██ ▓██▒  ▐▌██▒░▓█▄   ▌▒██   ██░
  39 | ▒ ▓███▀ ░░ ████▓▒░▒██▒   ░██▒▒██▒   ░██▒ ▓█   ▓██▒▒██░   ▓██░░▒████▓ ░ ████▓▒░
  40 | ░ ░▒ ▒  ░░ ▒░▒░▒░ ░ ▒░   ░  ░░ ▒░   ░  ░ ▒▒   ▓▒█░░ ▒░   ▒ ▒  ▒▒▓  ▒ ░ ▒░▒░▒░ 
  41 |   ░  ▒     ░ ▒ ▒░ ░  ░      ░░  ░      ░  ▒   ▒▒ ░░ ░░   ░ ▒░ ░ ▒  ▒   ░ ▒ ▒░ 
  42 | ░        ░ ░ ░ ▒  ░      ░   ░      ░     ░   ▒      ░   ░ ░  ░ ░  ░ ░ ░ ░ ▒  
  43 | ░ ░          ░ ░         ░          ░         ░  ░         ░    ░        ░ ░  
  44 | ░                                                             ░               
  45 | '@
  46 | 
  47 | Add-Type -AssemblyName System.Drawing
  48 | 
  49 | $errorColor = [System.Drawing.ColorTranslator]::FromHtml("#c80505")
  50 | $successColor = [System.Drawing.ColorTranslator]::FromHtml("#417505")
  51 | $grayedColor = [System.Drawing.ColorTranslator]::FromHtml("#959393")
  52 | $skippedColor = [System.Drawing.ColorTranslator]::FromHtml("#f59f00")
  53 | $skippedColor = [System.Drawing.ColorTranslator]::FromHtml("#f59f00")
  54 | 
  55 | # Load the GUI controls
  56 | if (-not $cli.IsPresent) {
  57 | 
  58 |     Add-Type -AssemblyName System.Windows.Forms
  59 |   
  60 |     [System.Windows.Forms.Application]::EnableVisualStyles()
  61 | 
  62 |     $iconPath = Join-Path $PSScriptRoot "Images/mandiant.png"
  63 |     $icon = [System.Drawing.Icon]::FromHandle((New-Object System.Drawing.Bitmap -ArgumentList $iconPath).GetHicon())
  64 | 
  65 |     #################################################################################################
  66 |     ################################ Installer Checks Form Controls #################################
  67 |     #################################################################################################
  68 | 
  69 |     $CommandoChecksManager           = New-Object system.Windows.Forms.Form
  70 |     $CommandoChecksManager.ClientSize  = New-Object System.Drawing.Point(510,376)
  71 |     $CommandoChecksManager.text      = "CommandoVM Pre-Install Checks"
  72 |     $CommandoChecksManager.TopMost   = $true
  73 |     $CommandoChecksManager.Icon      = $icon
  74 |     $CommandoChecksManager.StartPosition = 'CenterScreen'
  75 |     
  76 |     $ChecksPanel                     = New-Object system.Windows.Forms.Panel
  77 |     $ChecksPanel.height              = 274
  78 |     $ChecksPanel.width               = 89
  79 |     $ChecksPanel.location            = New-Object System.Drawing.Point(365,8)
  80 |     
  81 |     $InstallChecksGroup              = New-Object system.Windows.Forms.Groupbox
  82 |     $InstallChecksGroup.height       = 289
  83 |     $InstallChecksGroup.width        = 462
  84 |     $InstallChecksGroup.text         = "Installation Checks"
  85 |     $InstallChecksGroup.location     = New-Object System.Drawing.Point(23,14)
  86 |     
  87 |     ################################# Check Labels #################################
  88 | 
  89 |     $RunningAsAdminLabel             = New-Object system.Windows.Forms.Label
  90 |     $RunningAsAdminLabel.text        = "Running as Administrator"
  91 |     $RunningAsAdminLabel.AutoSize    = $true
  92 |     $RunningAsAdminLabel.width       = 25
  93 |     $RunningAsAdminLabel.height      = 10
  94 |     $RunningAsAdminLabel.location    = New-Object System.Drawing.Point(15,18)
  95 |     $RunningAsAdminLabel.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
  96 |     
  97 |     $ExecutionPolicyLabel            = New-Object system.Windows.Forms.Label
  98 |     $ExecutionPolicyLabel.text       = "Execution Policy Unrestricted"
  99 |     $ExecutionPolicyLabel.AutoSize   = $true
 100 |     $ExecutionPolicyLabel.width      = 25
 101 |     $ExecutionPolicyLabel.height     = 10
 102 |     $ExecutionPolicyLabel.location   = New-Object System.Drawing.Point(15,59)
 103 |     $ExecutionPolicyLabel.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 104 |     
 105 |     $WindowsDefenderLabel           = New-Object system.Windows.Forms.Label
 106 |     $WindowsDefenderLabel.text      = "Windows Defender Disabled"
 107 |     $WindowsDefenderLabel.AutoSize  = $true
 108 |     $WindowsDefenderLabel.width     = 25
 109 |     $WindowsDefenderLabel.height    = 10
 110 |     $WindowsDefenderLabel.location  = New-Object System.Drawing.Point(15,104)
 111 |     $WindowsDefenderLabel.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 112 |     
 113 |     $WindowsReleaseLabel             = New-Object system.Windows.Forms.Label
 114 |     $WindowsReleaseLabel.text        = "Compatible Windows Release"
 115 |     $WindowsReleaseLabel.AutoSize    = $true
 116 |     $WindowsReleaseLabel.width       = 25
 117 |     $WindowsReleaseLabel.height      = 10
 118 |     $WindowsReleaseLabel.location    = New-Object System.Drawing.Point(15,149)
 119 |     $WindowsReleaseLabel.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 120 |     
 121 |     $RunningVMLabel                  = New-Object system.Windows.Forms.Label
 122 |     $RunningVMLabel.text             = "Running in a Virtual Machine"
 123 |     $RunningVMLabel.AutoSize         = $true
 124 |     $RunningVMLabel.width            = 25
 125 |     $RunningVMLabel.height           = 10
 126 |     $RunningVMLabel.location         = New-Object System.Drawing.Point(15,193)
 127 |     $RunningVMLabel.Font             = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 128 |     
 129 |     $EnoughHardStorageLabel          = New-Object system.Windows.Forms.Label
 130 |     $EnoughHardStorageLabel.text     = "Enough Hard Drive Space"
 131 |     $EnoughHardStorageLabel.AutoSize  = $true
 132 |     $EnoughHardStorageLabel.width    = 25
 133 |     $EnoughHardStorageLabel.height   = 10
 134 |     $EnoughHardStorageLabel.location  = New-Object System.Drawing.Point(15,239)
 135 |     $EnoughHardStorageLabel.Font     = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 136 | 
 137 |     ################################# Check Boolean Controls #################################
 138 |     
 139 |     $RunningAsAdmin                  = New-Object system.Windows.Forms.Label
 140 |     $RunningAsAdmin.text             = "False"
 141 |     $RunningAsAdmin.AutoSize         = $true
 142 |     $RunningAsAdmin.width            = 25
 143 |     $RunningAsAdmin.height           = 10
 144 |     $RunningAsAdmin.location         = New-Object System.Drawing.Point(24,18)
 145 |     $RunningAsAdmin.Font             = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 146 |     $RunningAsAdmin.ForeColor        = $errorColor
 147 |     
 148 |     $ExecutionPolicy                 = New-Object system.Windows.Forms.Label
 149 |     $ExecutionPolicy.text            = "False"
 150 |     $ExecutionPolicy.AutoSize        = $true
 151 |     $ExecutionPolicy.width           = 25
 152 |     $ExecutionPolicy.height          = 10
 153 |     $ExecutionPolicy.location        = New-Object System.Drawing.Point(24,63)
 154 |     $ExecutionPolicy.Font            = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 155 |     $ExecutionPolicy.ForeColor       = $errorColor
 156 |     
 157 |     $WindowsDefender                = New-Object system.Windows.Forms.Label
 158 |     $WindowsDefender.text           = "False"
 159 |     $WindowsDefender.AutoSize       = $true
 160 |     $WindowsDefender.width          = 25
 161 |     $WindowsDefender.height         = 10
 162 |     $WindowsDefender.location       = New-Object System.Drawing.Point(24,108)
 163 |     $WindowsDefender.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 164 |     $WindowsDefender.ForeColor      = $errorColor
 165 |     
 166 |     $WindowsRelease                  = New-Object system.Windows.Forms.Label
 167 |     $WindowsRelease.text             = "False"
 168 |     $WindowsRelease.AutoSize         = $true
 169 |     $WindowsRelease.width            = 25
 170 |     $WindowsRelease.height           = 10
 171 |     $WindowsRelease.location         = New-Object System.Drawing.Point(24,150)
 172 |     $WindowsRelease.Font             = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 173 |     $WindowsRelease.ForeColor        = $errorColor
 174 |     
 175 |     $RunningVM                       = New-Object system.Windows.Forms.Label
 176 |     $RunningVM.text                  = "False"
 177 |     $RunningVM.AutoSize              = $true
 178 |     $RunningVM.width                 = 25
 179 |     $RunningVM.height                = 10
 180 |     $RunningVM.location              = New-Object System.Drawing.Point(24,195)
 181 |     $RunningVM.Font                  = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 182 |     $RunningVM.ForeColor             = $errorColor
 183 |     
 184 |     $EnoughHardStorage               = New-Object system.Windows.Forms.Label
 185 |     $EnoughHardStorage.text          = "False"
 186 |     $EnoughHardStorage.AutoSize      = $true
 187 |     $EnoughHardStorage.width         = 25
 188 |     $EnoughHardStorage.height        = 10
 189 |     $EnoughHardStorage.location      = New-Object System.Drawing.Point(24,241)
 190 |     $EnoughHardStorage.Font          = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 191 |     $EnoughHardStorage.ForeColor     = $errorColor
 192 |     
 193 |     ################################# Check Tooltip Controls #################################
 194 | 
 195 |     $RunningVMTooltip                = New-Object system.Windows.Forms.Label
 196 |     $RunningVMTooltip.text           = "Only run this script inside a Virtual Machine"
 197 |     $RunningVMTooltip.AutoSize       = $true
 198 |     $RunningVMTooltip.width          = 25
 199 |     $RunningVMTooltip.height         = 10
 200 |     $RunningVMTooltip.location       = New-Object System.Drawing.Point(15,219)
 201 |     $RunningVMTooltip.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 202 |     $RunningVMTooltip.ForeColor      = $grayedColor
 203 |     
 204 |     $WindowsReleaseTooltip           = New-Object system.Windows.Forms.Label
 205 |     $WindowsReleaseTooltip.text      = "Ensure your Windows version is supported"
 206 |     $WindowsReleaseTooltip.AutoSize  = $true
 207 |     $WindowsReleaseTooltip.width     = 25
 208 |     $WindowsReleaseTooltip.height    = 10
 209 |     $WindowsReleaseTooltip.location  = New-Object System.Drawing.Point(15,175)
 210 |     $WindowsReleaseTooltip.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 211 |     $WindowsReleaseTooltip.ForeColor  = $grayedColor
 212 |     
 213 |     $WindowsDefenderTooltip            = New-Object system.Windows.Forms.Label
 214 |     $WindowsDefenderTooltip.text       = "Disable Windows Defender and Tamper Protection"
 215 |     $WindowsDefenderTooltip.AutoSize   = $true
 216 |     $WindowsDefenderTooltip.width      = 25
 217 |     $WindowsDefenderTooltip.height     = 10
 218 |     $WindowsDefenderTooltip.location   = New-Object System.Drawing.Point(15,130)
 219 |     $WindowsDefenderTooltip.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 220 |     $WindowsDefenderTooltip.ForeColor  = $grayedColor
 221 |     
 222 |     $ExecutionPolicyTooltip             = New-Object system.Windows.Forms.Label
 223 |     $ExecutionPolicyTooltip.text        = "PowerShell: Set-ExecutionPolicy Unrestricted"
 224 |     $ExecutionPolicyTooltip.AutoSize    = $true
 225 |     $ExecutionPolicyTooltip.width       = 25
 226 |     $ExecutionPolicyTooltip.height      = 10
 227 |     $ExecutionPolicyTooltip.location    = New-Object System.Drawing.Point(15,85)
 228 |     $ExecutionPolicyTooltip.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 229 |     $ExecutionPolicyTooltip.ForeColor   = $grayedColor
 230 |     
 231 |     $RunningAsAdminTooltip              = New-Object system.Windows.Forms.Label
 232 |     $RunningAsAdminTooltip.text         = "Please run this script as Administrator"
 233 |     $RunningAsAdminTooltip.AutoSize     = $true
 234 |     $RunningAsAdminTooltip.width        = 25
 235 |     $RunningAsAdminTooltip.height       = 10
 236 |     $RunningAsAdminTooltip.location     = New-Object System.Drawing.Point(15,41)
 237 |     $RunningAsAdminTooltip.Font         = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 238 |     $RunningAsAdminTooltip.ForeColor    = $grayedColor
 239 |     
 240 |     $EnoughHardStorageTooltip           = New-Object system.Windows.Forms.Label
 241 |     $EnoughHardStorageTooltip.text      = "Have at least 70GB of available storage"
 242 |     $EnoughHardStorageTooltip.AutoSize  = $true
 243 |     $EnoughHardStorageTooltip.width     = 25
 244 |     $EnoughHardStorageTooltip.height    = 10
 245 |     $EnoughHardStorageTooltip.location  = New-Object System.Drawing.Point(15,266)
 246 |     $EnoughHardStorageTooltip.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 247 |     $EnoughHardStorageTooltip.ForeColor = $grayedColor
 248 | 
 249 |     ################################# Check Completion Controls #################################
 250 | 
 251 |     $BreakMyInstallCheckbox          = New-Object system.Windows.Forms.CheckBox
 252 |     $BreakMyInstallCheckbox.text     = "I understand that continuing without satisfying all"
 253 |     $BreakMyInstallCheckbox.AutoSize = $false
 254 |     $BreakMyInstallCheckbox.width    = 324
 255 |     $BreakMyInstallCheckbox.height   = 21
 256 |     $BreakMyInstallCheckbox.location = New-Object System.Drawing.Point(30,319)
 257 |     $BreakMyInstallCheckbox.Font     = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 258 |     $BreakMyInstallCheckbox.Add_CheckStateChanged({
 259 |         if ($BreakMyInstallCheckbox.Checked) {
 260 |             $ChecksCompleteButton.enabled = $true
 261 |         } else {
 262 |             $ChecksCompleteButton.enabled = $false
 263 |         }
 264 |     })
 265 | 
 266 |     $BreakMyInstallLabel             = New-Object system.Windows.Forms.Label
 267 |     $BreakMyInstallLabel.text        = "pre-install checks might cause install issues"
 268 |     $BreakMyInstallLabel.AutoSize    = $true
 269 |     $BreakMyInstallLabel.width       = 25
 270 |     $BreakMyInstallLabel.height      = 10
 271 |     $BreakMyInstallLabel.location    = New-Object System.Drawing.Point(30,338)
 272 |     $BreakMyInstallLabel.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 273 | 
 274 |     $ChecksCompleteButton            = New-Object system.Windows.Forms.Button
 275 |     $ChecksCompleteButton.text       = "Continue"
 276 |     $ChecksCompleteButton.width      = 97
 277 |     $ChecksCompleteButton.height     = 37
 278 |     $ChecksCompleteButton.enabled    = $false
 279 |     $ChecksCompleteButton.DialogResult   = [System.Windows.Forms.DialogResult]::OK
 280 |     $ChecksCompleteButton.location   = New-Object System.Drawing.Point(387,315)
 281 |     $ChecksCompleteButton.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
 282 |     $ChecksCompleteButton.Add_Click({
 283 |         $global:checksPassed = $true
 284 |         [void]$CommandoChecksManager.Close()
 285 |     })
 286 | 
 287 |     $InstallChecksGroup.controls.AddRange(@($ChecksPanel,$RunningAsAdminLabel,$ExecutionPolicyLabel,$WindowsDefenderLabel,$WindowsReleaseLabel,$RunningVMLabel,$RunningAsAdminTooltip,$ExecutionPolicyTooltip,$WindowsDefenderTooltip,$WindowsReleaseTooltip,$RunningVMTooltip,$EnoughHardStorageLabel, $EnoughHardStorageTooltip,$RunningAsAdmin,$EnoughHardStorage))
 288 |     $CommandoChecksManager.controls.AddRange(@($InstallChecksGroup,$ChecksCompleteButton,$BreakMyInstallCheckbox,$BreakMyInstallLabel))
 289 |     $ChecksPanel.controls.AddRange(@($RunningAsAdmin, $ExecutionPolicy,$WindowsDefender,$WindowsRelease,$RunningVM, $EnoughHardStorage))
 290 | 
 291 |     #################################################################################################
 292 |     ################################# Main Installer Form Controls ##################################
 293 |     #################################################################################################
 294 | 
 295 |     $CommandoInstaller               = New-Object system.Windows.Forms.Form
 296 |     $CommandoInstaller.ClientSize    = New-Object System.Drawing.Point(693,574)
 297 |     $CommandoInstaller.text          = "CommandoVM Installer"
 298 |     $CommandoInstaller.TopMost       = $true
 299 |     $CommandoInstaller.StartPosition = 'CenterScreen'
 300 |     $CommandoInstaller.Icon          = $icon
 301 | 
 302 |     $CommandoLogo                    = New-Object system.Windows.Forms.PictureBox
 303 |     $CommandoLogo.width              = 338
 304 |     $CommandoLogo.height             = 246
 305 |     $CommandoLogo.location           = New-Object System.Drawing.Point(179,37)
 306 |     $CommandoLogo.imageLocation      = Join-Path $PSScriptRoot "Images/commando.png"
 307 |     $CommandoLogo.SizeMode           = [System.Windows.Forms.PictureBoxSizeMode]::zoom
 308 | 
 309 |     ################################# Main Installer Profile Selection Controls #################################
 310 | 
 311 |     $ProfileSelector                 = New-Object system.Windows.Forms.ComboBox
 312 |     $ProfileSelector.text            = "Select Profile"
 313 |     $ProfileSelector.width           = 141
 314 |     $ProfileSelector.height          = 108
 315 |     $ProfileSelector.location        = New-Object System.Drawing.Point(380,449)
 316 |     $ProfileSelector.Font            = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 317 |     $ProfileSelector.DropDownStyle   = [System.Windows.Forms.ComboBoxStyle]::DropDownList
 318 |     $ProfileSelector.Add_SelectedIndexChanged({
 319 |         $global:selectedProfile = $ProfileSelector.SelectedItem
 320 |     
 321 |         if ($ProfileSelector.SelectedItem -eq "Custom") {
 322 |             $RecommendedDiskSpaceLabel.Visible = $false
 323 |             $RecommendedDiskSpace.Visible = $false
 324 |         } else {
 325 |             # Find the DiskSize from $global:profileData where ProfileName equals $global:selectedProfile
 326 |             $diskSize = ($global:profileData | Where-Object { $_.ProfileName -eq $global:selectedProfile }).DiskSize
 327 |         
 328 |             # Set $RecommendedDiskSpace.Text to the found DiskSize
 329 |             $RecommendedDiskSpace.Text = "$($diskSize)GB"
 330 |             $RecommendedDiskSpaceLabel.Visible = $true
 331 |             $RecommendedDiskSpace.Visible = $true
 332 |         }
 333 |     })
 334 |     
 335 | 
 336 |     $ConfigureProfileButton          = New-Object system.Windows.Forms.Button
 337 |     $ConfigureProfileButton.text     = "Configure Profile"
 338 |     $ConfigureProfileButton.width    = 142
 339 |     $ConfigureProfileButton.height   = 29
 340 |     $ConfigureProfileButton.location  = New-Object System.Drawing.Point(380,478)
 341 |     $ConfigureProfileButton.Font     = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 342 |     $ConfigureProfileButton.Add_Click({Open-ProfileManager})
 343 | 
 344 |     $RecommendedDiskSpace            = New-Object system.Windows.Forms.Label
 345 |     $RecommendedDiskSpace.text       = "50GB+"
 346 |     $RecommendedDiskSpace.AutoSize   = $true
 347 |     $RecommendedDiskSpace.width      = 25
 348 |     $RecommendedDiskSpace.height     = 10
 349 |     $RecommendedDiskSpace.location   = New-Object System.Drawing.Point(590,523)
 350 |     $RecommendedDiskSpace.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 351 | 
 352 |     $RecommendedDiskSpaceLabel       = New-Object system.Windows.Forms.Label
 353 |     $RecommendedDiskSpaceLabel.text  = "Recommended Disk Space - "
 354 |     $RecommendedDiskSpaceLabel.AutoSize  = $true
 355 |     $RecommendedDiskSpaceLabel.width  = 25
 356 |     $RecommendedDiskSpaceLabel.height  = 10
 357 |     $RecommendedDiskSpaceLabel.location  = New-Object System.Drawing.Point(390,523)
 358 |     $RecommendedDiskSpaceLabel.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 359 |     $RecommendedDiskSpaceLabel.ForeColor  = [System.Drawing.ColorTranslator]::FromHtml("#c10000")
 360 | 
 361 |     ################################# Main Installer Profile Labels #################################
 362 | 
 363 |     $ProfileLabels                   = New-Object system.Windows.Forms.Groupbox
 364 |     $ProfileLabels.height            = 166
 365 |     $ProfileLabels.width             = 304
 366 |     $ProfileLabels.text              = "Available Profiles"
 367 |     $ProfileLabels.location          = New-Object System.Drawing.Point(38,342)
 368 | 
 369 |     $ProfileLabelDefault             = New-Object system.Windows.Forms.Label
 370 |     $ProfileLabelDefault.text        = "Default"
 371 |     $ProfileLabelDefault.AutoSize    = $true
 372 |     $ProfileLabelDefault.width       = 25
 373 |     $ProfileLabelDefault.height      = 10
 374 |     $ProfileLabelDefault.location    = New-Object System.Drawing.Point(20,25)
 375 |     $ProfileLabelDefault.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 376 | 
 377 |     $ProfileLabelFull                = New-Object system.Windows.Forms.Label
 378 |     $ProfileLabelFull.text           = "Full"
 379 |     $ProfileLabelFull.AutoSize       = $true
 380 |     $ProfileLabelFull.width          = 25
 381 |     $ProfileLabelFull.height         = 10
 382 |     $ProfileLabelFull.location       = New-Object System.Drawing.Point(20,50)
 383 |     $ProfileLabelFull.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 384 | 
 385 |     $ProfileLabelLite                = New-Object system.Windows.Forms.Label
 386 |     $ProfileLabelLite.text           = "Lite"
 387 |     $ProfileLabelLite.AutoSize       = $true
 388 |     $ProfileLabelLite.width          = 25
 389 |     $ProfileLabelLite.height         = 10
 390 |     $ProfileLabelLite.location       = New-Object System.Drawing.Point(20,75)
 391 |     $ProfileLabelLite.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 392 | 
 393 |     $ProfileLabelDeveloper           = New-Object system.Windows.Forms.Label
 394 |     $ProfileLabelDeveloper.text      = "Developer"
 395 |     $ProfileLabelDeveloper.AutoSize  = $true
 396 |     $ProfileLabelDeveloper.width     = 25
 397 |     $ProfileLabelDeveloper.height    = 10
 398 |     $ProfileLabelDeveloper.location  = New-Object System.Drawing.Point(20,100)
 399 |     $ProfileLabelDeveloper.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 400 | 
 401 |     $ProfileLabelVictim              = New-Object system.Windows.Forms.Label
 402 |     $ProfileLabelVictim.text         = "Victim"
 403 |     $ProfileLabelVictim.AutoSize     = $true
 404 |     $ProfileLabelVictim.width        = 25
 405 |     $ProfileLabelVictim.height       = 10
 406 |     $ProfileLabelVictim.location     = New-Object System.Drawing.Point(20,125)
 407 |     $ProfileLabelVictim.Font         = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 408 | 
 409 |     ################################# Main Installer Profile Description Labels #################################
 410 | 
 411 |     $ProfileLabelDescriptionDefault   = New-Object system.Windows.Forms.Label
 412 |     $ProfileLabelDescriptionDefault.text  = "- numerous packages for pentesting"
 413 |     $ProfileLabelDescriptionDefault.AutoSize  = $true
 414 |     $ProfileLabelDescriptionDefault.width  = 25
 415 |     $ProfileLabelDescriptionDefault.height  = 10
 416 |     $ProfileLabelDescriptionDefault.location  = New-Object System.Drawing.Point(70,25)
 417 |     $ProfileLabelDescriptionDefault.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 418 | 
 419 |     $ProfileLabelDescriptionFull     = New-Object system.Windows.Forms.Label
 420 |     $ProfileLabelDescriptionFull.text  = "- all tools suitable for CommandoVM"
 421 |     $ProfileLabelDescriptionFull.AutoSize  = $true
 422 |     $ProfileLabelDescriptionFull.width  = 25
 423 |     $ProfileLabelDescriptionFull.height  = 10
 424 |     $ProfileLabelDescriptionFull.location  = New-Object System.Drawing.Point(50,50)
 425 |     $ProfileLabelDescriptionFull.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 426 | 
 427 |     $ProfileLabelDescriptionLite     = New-Object system.Windows.Forms.Label
 428 |     $ProfileLabelDescriptionLite.text  = "- only the bare minimum essential tools"
 429 |     $ProfileLabelDescriptionLite.AutoSize  = $true
 430 |     $ProfileLabelDescriptionLite.width  = 25
 431 |     $ProfileLabelDescriptionLite.height  = 10
 432 |     $ProfileLabelDescriptionLite.location  = New-Object System.Drawing.Point(50,75)
 433 |     $ProfileLabelDescriptionLite.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 434 | 
 435 |     $ProfileLabelDescriptionDeveloper   = New-Object system.Windows.Forms.Label
 436 |     $ProfileLabelDescriptionDeveloper.text  = "- malware development tooling"
 437 |     $ProfileLabelDescriptionDeveloper.text  = "- malware development tooling"
 438 |     $ProfileLabelDescriptionDeveloper.text  = "- malware development tooling"
 439 |     $ProfileLabelDescriptionDeveloper.AutoSize  = $true
 440 |     $ProfileLabelDescriptionDeveloper.width  = 25
 441 |     $ProfileLabelDescriptionDeveloper.height  = 10
 442 |     $ProfileLabelDescriptionDeveloper.location  = New-Object System.Drawing.Point(90,100)
 443 |     $ProfileLabelDescriptionDeveloper.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 444 | 
 445 |     $ProfileLabelDescriptionVictim   = New-Object system.Windows.Forms.Label
 446 |     $ProfileLabelDescriptionVictim.text  = "- set up with tools for payload testing"
 447 |     $ProfileLabelDescriptionVictim.AutoSize  = $true
 448 |     $ProfileLabelDescriptionVictim.width  = 25
 449 |     $ProfileLabelDescriptionVictim.height  = 10
 450 |     $ProfileLabelDescriptionVictim.location  = New-Object System.Drawing.Point(65,125)
 451 |     $ProfileLabelDescriptionVictim.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 452 | 
 453 |     ################################# Main Installer License Labels #################################
 454 | 
 455 |     $DisclaimerLabelLine1            = New-Object system.Windows.Forms.Label
 456 |     $DisclaimerLabelLine1.text       = "By proceeding with the installation, you are"
 457 |     $DisclaimerLabelLine1.AutoSize   = $true
 458 |     $DisclaimerLabelLine1.width      = 262
 459 |     $DisclaimerLabelLine1.height     = 12
 460 |     $DisclaimerLabelLine1.location   = New-Object System.Drawing.Point(380,344)
 461 |     $DisclaimerLabelLine1.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 462 | 
 463 |     $DisclaimerLabelLine2            = New-Object system.Windows.Forms.Label
 464 |     $DisclaimerLabelLine2.text       = "accepting the license terms of each package,"
 465 |     $DisclaimerLabelLine2.AutoSize   = $true
 466 |     $DisclaimerLabelLine2.width      = 262
 467 |     $DisclaimerLabelLine2.height     = 10
 468 |     $DisclaimerLabelLine2.location   = New-Object System.Drawing.Point(380,368)
 469 |     $DisclaimerLabelLine2.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 470 | 
 471 |     $DisclaimerLabelLine3            = New-Object system.Windows.Forms.Label
 472 |     $DisclaimerLabelLine3.text       = "and acknowledging that your use of each package"
 473 |     $DisclaimerLabelLine3.AutoSize   = $true
 474 |     $DisclaimerLabelLine3.width      = 262
 475 |     $DisclaimerLabelLine3.height     = 10
 476 |     $DisclaimerLabelLine3.location   = New-Object System.Drawing.Point(380,392)
 477 |     $DisclaimerLabelLine3.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 478 | 
 479 |     $DisclaimerLabelLine4            = New-Object system.Windows.Forms.Label
 480 |     $DisclaimerLabelLine4.text       = " will be subject to its respective license terms."
 481 |     $DisclaimerLabelLine4.AutoSize   = $true
 482 |     $DisclaimerLabelLine4.width      = 262
 483 |     $DisclaimerLabelLine4.height     = 10
 484 |     $DisclaimerLabelLine4.location   = New-Object System.Drawing.Point(380,417)
 485 |     $DisclaimerLabelLine4.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 486 | 
 487 |     ################################# Main Installer Controls #################################
 488 | 
 489 |     $InstallButton                   = New-Object system.Windows.Forms.Button
 490 |     $InstallButton.text              = "Install"
 491 |     $InstallButton.width             = 104
 492 |     $InstallButton.height            = 60
 493 |     $InstallButton.location          = New-Object System.Drawing.Point(548,446)
 494 |     $InstallButton.Font              = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
 495 |     $InstallButton.Add_Click({
 496 |         if (Open-PasswordEntry) {
 497 |             [void]$CommandoInstaller.Close()
 498 | 		    [void]$CommandoInstaller.Dispose()
 499 |             Install-Profile -ProfileName $global:selectedProfile
 500 |         }
 501 |     })
 502 | 
 503 |     $CommandoInstaller.controls.AddRange(@($CommandoLogo,$InstallButton,$ProfileSelector,$ConfigureProfileButton,$ProfileLabels,$RecommendedDiskSpaceLabel,$DisclaimerLabelLine1,$DisclaimerLabelLine2,$DisclaimerLabelLine3,$DisclaimerLabelLine4,$RecommendedDiskSpace))
 504 |     $ProfileLabels.controls.AddRange(@($ProfileLabelDescriptionLite,$Label1,$ProfileLabelLite,$ProfileLabelFull,$ProfileLabelDescriptionFull,$ProfileLabelDefault,$ProfileLabelDescriptionDefault,$ProfileLabelDeveloper,$ProfileLabelDescriptionDeveloper,$ProfileLabelVictim,$ProfileLabelDescriptionVictim))
 505 | 
 506 |     #################################################################################################
 507 |     ################################# Profile Manager Form Controls #################################
 508 |     #################################################################################################
 509 | 
 510 |     $CommandoProfileManager          = New-Object system.Windows.Forms.Form
 511 |     $CommandoProfileManager.ClientSize  = New-Object System.Drawing.Point(660,651)
 512 |     $CommandoProfileManager.text     = "CommandoVM Profile Manager"
 513 |     $CommandoProfileManager.TopMost  = $true
 514 |     $CommandoProfileManager.StartPosition = 'CenterScreen'
 515 |     $CommandoProfileManager.Icon     = $icon
 516 | 
 517 |     ################################# Profile Manager Preset Selector Controls #################################
 518 | 
 519 |     $PresetSelector                  = New-Object system.Windows.Forms.ComboBox
 520 |     $PresetSelector.text             = "Default"
 521 |     $PresetSelector.width            = 122
 522 |     $PresetSelector.height           = 20
 523 |     $PresetSelector.location         = New-Object System.Drawing.Point(252,11)
 524 |     $PresetSelector.Font             = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 525 |     $PresetSelector.DropDownStyle   = [System.Windows.Forms.ComboBoxStyle]::DropDownList
 526 |     $PresetSelector.Add_SelectedIndexChanged({Set-ProfilePreset -ProfileName $PresetSelector.SelectedItem})
 527 | 
 528 |     $PresetSelectorLabel             = New-Object system.Windows.Forms.Label
 529 |     $PresetSelectorLabel.text        = "Preset"
 530 |     $PresetSelectorLabel.AutoSize    = $true
 531 |     $PresetSelectorLabel.width       = 25
 532 |     $PresetSelectorLabel.height      = 10
 533 |     $PresetSelectorLabel.location    = New-Object System.Drawing.Point(203,14)
 534 |     $PresetSelectorLabel.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 535 | 
 536 |     ################################# Profile Manager Package Installation Controls #################################
 537 | 
 538 |     $SelectedPackagesList            = New-Object system.Windows.Forms.ListBox
 539 |     $SelectedPackagesList.text       = "listBox"
 540 |     $SelectedPackagesList.width      = 232
 541 |     $SelectedPackagesList.height     = 266
 542 |     $SelectedPackagesList.location   = New-Object System.Drawing.Point(16,69)
 543 |     $SelectedPackagesList.Add_SelectedIndexChanged({
 544 |         # We're only gonna reset the available package selection if we have a selection in this listbox
 545 |         if ($SelectedPackagesList.SelectedIndex -ne -1) { 
 546 |             Set-PackageInformation -PackageName $SelectedPackagesList.SelectedItem
 547 |             $AvailablePackagesList.ClearSelected() 
 548 |         }
 549 |     })
 550 | 
 551 |     $AvailablePackagesList           = New-Object system.Windows.Forms.ListBox
 552 |     $AvailablePackagesList.text      = "listBox"
 553 |     $AvailablePackagesList.width     = 228
 554 |     $AvailablePackagesList.height    = 265
 555 |     $AvailablePackagesList.location  = New-Object System.Drawing.Point(318,69)
 556 |     $AvailablePackagesList.Add_SelectedIndexChanged({
 557 |         # We're only gonna reset the selected package selection if we have a selection in this listbox
 558 |         if ($AvailablePackagesList.SelectedIndex -ne -1) {
 559 |             Set-PackageInformation -PackageName $AvailablePackagesList.SelectedItem
 560 |             $SelectedPackagesList.ClearSelected()
 561 |         }
 562 |     })
 563 | 
 564 |     $SelectedPackagesLabel           = New-Object system.Windows.Forms.Label
 565 |     $SelectedPackagesLabel.text      = "Selected Packages"
 566 |     $SelectedPackagesLabel.AutoSize  = $true
 567 |     $SelectedPackagesLabel.width     = 25
 568 |     $SelectedPackagesLabel.height    = 10
 569 |     $SelectedPackagesLabel.location  = New-Object System.Drawing.Point(64,42)
 570 |     $SelectedPackagesLabel.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
 571 | 
 572 |     $AvailablePackagesLabel          = New-Object system.Windows.Forms.Label
 573 |     $AvailablePackagesLabel.text     = "Available Packages"
 574 |     $AvailablePackagesLabel.AutoSize  = $true
 575 |     $AvailablePackagesLabel.width    = 25
 576 |     $AvailablePackagesLabel.height   = 10
 577 |     $AvailablePackagesLabel.location  = New-Object System.Drawing.Point(360,42)
 578 |     $AvailablePackagesLabel.Font     = New-Object System.Drawing.Font('Microsoft Sans Serif',12)
 579 | 
 580 |     ################################# Profile Manager Package Addition Controls #################################
 581 | 
 582 |     $PackageInstallationGroup        = New-Object system.Windows.Forms.Groupbox
 583 |     $PackageInstallationGroup.height = 367
 584 |     $PackageInstallationGroup.width  = 563
 585 |     $PackageInstallationGroup.text   = "Package Installation"
 586 |     $PackageInstallationGroup.location  = New-Object System.Drawing.Point(48,37)
 587 | 
 588 |     $AddPackageButton                = New-Object system.Windows.Forms.Button
 589 |     $AddPackageButton.text           = "<"
 590 |     $AddPackageButton.width          = 43
 591 |     $AddPackageButton.height         = 30
 592 |     $AddPackageButton.location       = New-Object System.Drawing.Point(260,103)
 593 |     $AddPackageButton.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 594 |     $AddPackageButton.Add_Click({Add-SelectedPackage})
 595 | 
 596 |     $AddAllPackagesButton            = New-Object system.Windows.Forms.Button
 597 |     $AddAllPackagesButton.text       = "<<"
 598 |     $AddAllPackagesButton.width      = 43
 599 |     $AddAllPackagesButton.height     = 30
 600 |     $AddAllPackagesButton.location   = New-Object System.Drawing.Point(260,147)
 601 |     $AddAllPackagesButton.Font       = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 602 |     $AddAllPackagesButton.Add_Click({Add-AllPackages})
 603 | 
 604 |     $RemovePackageButton             = New-Object system.Windows.Forms.Button
 605 |     $RemovePackageButton.text        = ">"
 606 |     $RemovePackageButton.width       = 43
 607 |     $RemovePackageButton.height      = 30
 608 |     $RemovePackageButton.location    = New-Object System.Drawing.Point(260,207)
 609 |     $RemovePackageButton.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 610 |     $RemovePackageButton.Add_Click({Remove-SelectedPackage})
 611 | 
 612 |     $RemoveAllPackagesButton         = New-Object system.Windows.Forms.Button
 613 |     $RemoveAllPackagesButton.text    = ">>"
 614 |     $RemoveAllPackagesButton.width   = 43
 615 |     $RemoveAllPackagesButton.height  = 30
 616 |     $RemoveAllPackagesButton.location  = New-Object System.Drawing.Point(260,254)
 617 |     $RemoveAllPackagesButton.Font    = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 618 |     $RemoveAllPackagesButton.Add_Click({Remove-AllPackages})
 619 | 
 620 |     $AddChocoPackageButton               = New-Object system.Windows.Forms.Button
 621 |     $AddChocoPackageButton.text          = "Add Choco Package"
 622 |     $AddChocoPackageButton.width         = 150
 623 |     $AddChocoPackageButton.height        = 25
 624 |     $AddChocoPackageButton.location      = New-Object System.Drawing.Point(396,336)
 625 |     $AddChocoPackageButton.Font          = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 626 |     $AddChocoPackageButton.Add_Click({Open-AddChocoPackage})
 627 | 
 628 |     ################################# Profile Manager Package Count Labels #################################
 629 | 
 630 |     $SelectedCountLabel              = New-Object system.Windows.Forms.Label
 631 |     $SelectedCountLabel.text         = "Total:"
 632 |     $SelectedCountLabel.AutoSize     = $true
 633 |     $SelectedCountLabel.width        = 25
 634 |     $SelectedCountLabel.height       = 10
 635 |     $SelectedCountLabel.location     = New-Object System.Drawing.Point(15,342)
 636 |     $SelectedCountLabel.Font         = New-Object System.Drawing.Font('Microsoft Sans Serif',8)
 637 | 
 638 |     $AvailableCountLabel             = New-Object system.Windows.Forms.Label
 639 |     $AvailableCountLabel.text        = "Total:"
 640 |     $AvailableCountLabel.AutoSize    = $true
 641 |     $AvailableCountLabel.width       = 25
 642 |     $AvailableCountLabel.height      = 10
 643 |     $AvailableCountLabel.location    = New-Object System.Drawing.Point(316,340)
 644 |     $AvailableCountLabel.Font        = New-Object System.Drawing.Font('Microsoft Sans Serif',8)
 645 | 
 646 |     ################################# Profile Manager Package Information Controls #################################
 647 | 
 648 |     $PackageInformationGroup         = New-Object system.Windows.Forms.Groupbox
 649 |     $PackageInformationGroup.height  = 168
 650 |     $PackageInformationGroup.width   = 562
 651 |     $PackageInformationGroup.text    = "Package Information"
 652 |     $PackageInformationGroup.location  = New-Object System.Drawing.Point(48,424)
 653 | 
 654 |     $Authors                         = New-Object system.Windows.Forms.Label
 655 |     $Authors.text                    = "Authors"
 656 |     $Authors.AutoSize                = $false
 657 |     $Authors.AutoEllipsis            = $true
 658 |     $Authors.width                   = 450
 659 |     $Authors.height                  = 20
 660 |     $Authors.location                = New-Object System.Drawing.Point(70,25)
 661 |     $Authors.Font                    = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 662 | 
 663 |     $Version                         = New-Object system.Windows.Forms.Label
 664 |     $Version.text                    = "Version"
 665 |     $Version.AutoSize                = $true
 666 |     $Version.width                   = 25
 667 |     $Version.height                  = 10
 668 |     $Version.location                = New-Object System.Drawing.Point(70,50)
 669 |     $Version.Font                    = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 670 | 
 671 |     $Description                     = New-Object system.Windows.Forms.Label
 672 |     $Description.text                = "Tool Description"
 673 |     $Description.AutoSize            = $false
 674 |     $Description.width               = 529
 675 |     $Description.height              = 50
 676 |     $Description.location            = New-Object System.Drawing.Point(10,100)
 677 |     $Description.Font                = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 678 | 
 679 |     $AuthorsLabel                    = New-Object system.Windows.Forms.Label
 680 |     $AuthorsLabel.text               = "Authors:"
 681 |     $AuthorsLabel.AutoSize           = $true
 682 |     $AuthorsLabel.width              = 25
 683 |     $AuthorsLabel.height             = 10
 684 |     $AuthorsLabel.location           = New-Object System.Drawing.Point(10,25)
 685 |     $AuthorsLabel.Font               = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 686 | 
 687 |     $VersionLabel                    = New-Object system.Windows.Forms.Label
 688 |     $VersionLabel.text               = "Version:"
 689 |     $VersionLabel.AutoSize           = $true
 690 |     $VersionLabel.width              = 25
 691 |     $VersionLabel.height             = 10
 692 |     $VersionLabel.location           = New-Object System.Drawing.Point(10,50)
 693 |     $VersionLabel.Font               = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 694 | 
 695 |     $DescriptionLabel                = New-Object system.Windows.Forms.Label
 696 |     $DescriptionLabel.text           = "Tool Description"
 697 |     $DescriptionLabel.AutoSize       = $true
 698 |     $DescriptionLabel.width          = 25
 699 |     $DescriptionLabel.height         = 10
 700 |     $DescriptionLabel.location       = New-Object System.Drawing.Point(10,75)
 701 |     $DescriptionLabel.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 702 | 
 703 |     ################################# Profile Manager Buttons #################################
 704 | 
 705 |     $DoneButton                      = New-Object system.Windows.Forms.Button
 706 |     $DoneButton.text                 = "Done"
 707 |     $DoneButton.width                = 94
 708 |     $DoneButton.height               = 30
 709 |     $DoneButton.location             = New-Object System.Drawing.Point(424,604)
 710 |     $DoneButton.Font                 = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 711 |     $DoneButton.Add_Click({
 712 |         Save-Profile
 713 |     
 714 |         # Check if "Custom" exists in $ProfileSelector.Items, and add it if it doesn't
 715 |         if ("Custom" -notin $ProfileSelector.Items) {
 716 |             $ProfileSelector.Items.Add("Custom")
 717 |         }
 718 |     
 719 |         # Set $ProfileSelector.Text to "Custom"
 720 |         $ProfileSelector.Text = "Custom"
 721 |     
 722 |         [void]$CommandoProfileManager.Close()
 723 |     })
 724 |     
 725 | 
 726 |     $SaveProfileButton               = New-Object system.Windows.Forms.Button
 727 |     $SaveProfileButton.text          = "Save Profile As"
 728 |     $SaveProfileButton.width         = 124
 729 |     $SaveProfileButton.height        = 30
 730 |     $SaveProfileButton.location      = New-Object System.Drawing.Point(115,604)
 731 |     $SaveProfileButton.Font          = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 732 |     $SaveProfileButton.Add_Click({Save-ProfileAs})
 733 | 
 734 |     $ResetProfileButton              = New-Object system.Windows.Forms.Button
 735 |     $ResetProfileButton.text         = "Reset Profile"
 736 |     $ResetProfileButton.width        = 127
 737 |     $ResetProfileButton.height       = 30
 738 |     $ResetProfileButton.location     = New-Object System.Drawing.Point(269,604)
 739 |     $ResetProfileButton.Font         = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 740 |     $ResetProfileButton.Add_Click({Set-ProfilePreset -ProfileName $selectedProfile})
 741 | 
 742 |     ################################# Profile Manager Form Constructor #################################
 743 | 
 744 |     $CommandoProfileManager.controls.AddRange(@($PackageInstallationGroup,$DoneButton,$SaveProfileButton,$ResetProfileButton,$PackageInformationGroup))
 745 |     $PackageInstallationGroup.controls.AddRange(@($SelectedPackagesLabel,$PresetSelectorLabel,$AddPackageButton,$AddAllPackagesButton,$RemovePackageButton,$RemoveAllPackagesButton,$PresetSelector,$AvailablePackagesLabel,$availableCountLabel,$selectedCountLabel,$SelectedPackagesList,$AvailablePackagesList,$AddChocoPackageButton))
 746 |     $PackageInformationGroup.controls.AddRange(@($AuthorsLabel,$Description,$DescriptionLabel,$VersionLabel,$Authors,$Version))
 747 | 
 748 |     #################################################################################################
 749 |     ################################# Password Entry Form Controls ##################################
 750 |     #################################################################################################
 751 | 
 752 |     $CommandoPasswordManager         = New-Object system.Windows.Forms.Form
 753 |     $CommandoPasswordManager.ClientSize  = New-Object System.Drawing.Point(400,270)
 754 |     $CommandoPasswordManager.text    = "CommandoVM Boxstarter Password"
 755 |     $CommandoPasswordManager.TopMost  = $true
 756 |     $CommandoPasswordManager.Icon      = $icon
 757 |     $CommandoPasswordManager.StartPosition = 'CenterScreen'
 758 | 
 759 |     $PasswordOKButton                = New-Object system.Windows.Forms.Button
 760 |     $PasswordOKButton.text           = "OK"
 761 |     $PasswordOKButton.DialogResult   = [System.Windows.Forms.DialogResult]::OK
 762 |     $PasswordOKButton.width          = 95
 763 |     $PasswordOKButton.height         = 28
 764 |     $PasswordOKButton.location       = New-Object System.Drawing.Point(153,230)
 765 |     $PasswordOKButton.Font           = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 766 | 
 767 |     $PasswordInfoLabel               = New-Object system.Windows.Forms.Label
 768 |     $PasswordInfoLabel.text          = "Boxstarter requires user credentials to automatically login and continue the install on a reboot. `n`nIf you do not have a password set, leave the field blank"
 769 |     $PasswordInfoLabel.AutoSize      = $true
 770 |     $PasswordInfoLabel.Visible       = $false
 771 |     $PasswordInfoLabel.MaximumSize   = New-Object System.Drawing.Size(350, 0)
 772 |     $PasswordInfoLabel.location      = New-Object System.Drawing.Point(11,46)
 773 |     $PasswordInfoLabel.Font          = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 774 | 
 775 |     $PasswordInfoHeadingLabel        = New-Object system.Windows.Forms.Label
 776 |     $PasswordInfoHeadingLabel.text   = "Why is my password required?"
 777 |     $PasswordInfoHeadingLabel.AutoSize  = $true
 778 |     $PasswordInfoHeadingLabel.width  = 25
 779 |     $PasswordInfoHeadingLabel.height  = 10
 780 |     $PasswordInfoHeadingLabel.location  = New-Object System.Drawing.Point(11,19)
 781 |     $PasswordInfoHeadingLabel.Font   = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 782 | 
 783 |     $PasswordInfoBoxstarterLabel     = New-Object system.Windows.Forms.Label
 784 |     $PasswordInfoBoxstarterLabel.text  = "Learn more at:"
 785 |     $PasswordInfoBoxstarterLabel.AutoSize  = $true
 786 |     $PasswordInfoBoxstarterLabel.width  = 25
 787 |     $PasswordInfoBoxstarterLabel.height  = 10
 788 |     $PasswordInfoBoxstarterLabel.location  = New-Object System.Drawing.Point(11,117)
 789 |     $PasswordInfoBoxstarterLabel.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 790 | 
 791 |     $PasswordInfoBoxstarterLinkLabel   = New-Object system.Windows.Forms.Label
 792 |     $PasswordInfoBoxstarterLinkLabel.text  = "https://boxstarter.org/installingpackages"
 793 |     $PasswordInfoBoxstarterLinkLabel.AutoSize  = $true
 794 |     $PasswordInfoBoxstarterLinkLabel.width  = 25
 795 |     $PasswordInfoBoxstarterLinkLabel.height  = 10
 796 |     $PasswordInfoBoxstarterLinkLabel.location  = New-Object System.Drawing.Point(104,117)
 797 |     $PasswordInfoBoxstarterLinkLabel.Font  = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Underline))
 798 | 
 799 |     $PasswordTextBox                 = New-Object system.Windows.Forms.TextBox
 800 |     $PasswordTextBox.multiline       = $false
 801 |     $PasswordTextBox.width           = 226
 802 |     $PasswordTextBox.height          = 20
 803 |     $PasswordTextBox.UseSystemPasswordChar = $True
 804 |     $PasswordTextBox.location        = New-Object System.Drawing.Point(89,195)
 805 |     $PasswordTextBox.Font            = New-Object System.Drawing.Font('Microsoft Sans Serif',14)
 806 | 
 807 |     $PasswordEntryLabel              = New-Object system.Windows.Forms.Label
 808 |     $PasswordEntryLabel.text         = "Enter your user password:"
 809 |     $PasswordEntryLabel.AutoSize     = $true
 810 |     $PasswordEntryLabel.width        = 25
 811 |     $PasswordEntryLabel.height       = 10
 812 |     $PasswordEntryLabel.location     = New-Object System.Drawing.Point(124,171)
 813 |     $PasswordEntryLabel.Font         = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 814 | 
 815 |     $PasswordInfoGroup               = New-Object system.Windows.Forms.Groupbox
 816 |     $PasswordInfoGroup.height        = 145
 817 |     $PasswordInfoGroup.width         = 380
 818 |     $PasswordInfoGroup.text          = "About"
 819 |     $PasswordInfoGroup.location      = New-Object System.Drawing.Point(10,17)
 820 | 
 821 |     $CommandoPasswordManager.controls.AddRange(@($PasswordOKButton,$PasswordTextBox,$PasswordEntryLabel,$PasswordInfoGroup))
 822 |     $PasswordInfoGroup.controls.AddRange(@($PasswordInfoLabel,$PasswordInfoHeadingLabel,$PasswordInfoBoxstarterLabel,$PasswordInfoBoxstarterLinkLabel))
 823 | 
 824 |     #################################################################################################
 825 |     ################################# Chocolatey Package Dialog Box #################################
 826 |     #################################################################################################
 827 | 
 828 |     $CommandoChocoManager                            = New-Object system.Windows.Forms.Form
 829 |     $CommandoChocoManager.ClientSize                 = New-Object System.Drawing.Point(407,287)
 830 |     $CommandoChocoManager.text                       = "CommandoVM Chocolatey Package"
 831 |     $CommandoChocoManager.TopMost                    = $true
 832 |     $CommandoChocoManager.Icon      = $icon
 833 |     $CommandoChocoManager.StartPosition              = 'CenterScreen'
 834 |     
 835 |     $ChocoPackageTextBox                        = New-Object system.Windows.Forms.TextBox
 836 |     $ChocoPackageTextBox.multiline              = $false
 837 |     $ChocoPackageTextBox.width                  = 231
 838 |     $ChocoPackageTextBox.height                 = 20
 839 |     $ChocoPackageTextBox.location               = New-Object System.Drawing.Point(19,185)
 840 |     $ChocoPackageTextBox.Font                   = New-Object System.Drawing.Font('Microsoft Sans Serif',14)
 841 |     
 842 |     $ChocoAboutGroup                       = New-Object system.Windows.Forms.Groupbox
 843 |     $ChocoAboutGroup.height                = 118
 844 |     $ChocoAboutGroup.width                 = 368
 845 |     $ChocoAboutGroup.text                  = "About"
 846 |     $ChocoAboutGroup.location              = New-Object System.Drawing.Point(19,22)
 847 |     
 848 |     $ChocoPackageErrorLabel                          = New-Object system.Windows.Forms.Label
 849 |     $ChocoPackageErrorLabel.text                     = "Chocolatey package not found"
 850 |     $ChocoPackageErrorLabel.AutoSize                 = $true
 851 |     $ChocoPackageErrorLabel.visible                  = $false
 852 |     $ChocoPackageErrorLabel.width                    = 25
 853 |     $ChocoPackageErrorLabel.height                   = 10
 854 |     $ChocoPackageErrorLabel.location                 = New-Object System.Drawing.Point(115,216)
 855 |     $ChocoPackageErrorLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 856 |     
 857 |     $ChocoPackageLabel                          = New-Object system.Windows.Forms.Label
 858 |     $ChocoPackageLabel.text                     = "Enter Chocolatey package name:"
 859 |     $ChocoPackageLabel.AutoSize                 = $true
 860 |     $ChocoPackageLabel.width                    = 25
 861 |     $ChocoPackageLabel.height                   = 10
 862 |     $ChocoPackageLabel.location                 = New-Object System.Drawing.Point(19,157)
 863 |     $ChocoPackageLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 864 |     
 865 |     $ChocoAboutHeadingLabel                          = New-Object system.Windows.Forms.Label
 866 |     $ChocoAboutHeadingLabel.text                     = "Adding Chocolatey Packages"
 867 |     $ChocoAboutHeadingLabel.AutoSize                 = $true
 868 |     $ChocoAboutHeadingLabel.width                    = 25
 869 |     $ChocoAboutHeadingLabel.height                   = 10
 870 |     $ChocoAboutHeadingLabel.location                 = New-Object System.Drawing.Point(4,17)
 871 |     $ChocoAboutHeadingLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',12,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Bold))
 872 |     
 873 |     $ChocoAboutLabel                          = New-Object system.Windows.Forms.Label
 874 |     $ChocoAboutLabel.text                     = "CommandoVM uses Chocolatey to install profile packages. You can add any package available in the Chocolatey Community Package Repository to the Commando install. "
 875 |     $ChocoAboutLabel.AutoSize                 = $true
 876 |     $ChocoAboutLabel.MaximumSize              = New-Object System.Drawing.Size(370, 0)
 877 |     $ChocoAboutLabel.location                 = New-Object System.Drawing.Point(4,42)
 878 |     $ChocoAboutLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 879 |     
 880 |     $ChocoLearnMoreLabel                          = New-Object system.Windows.Forms.Label
 881 |     $ChocoLearnMoreLabel.text                     = "Learn More at:"
 882 |     $ChocoLearnMoreLabel.AutoSize                 = $true
 883 |     $ChocoLearnMoreLabel.width                    = 25
 884 |     $ChocoLearnMoreLabel.height                   = 10
 885 |     $ChocoLearnMoreLabel.location                 = New-Object System.Drawing.Point(4,93)
 886 |     $ChocoLearnMoreLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 887 |     
 888 |     $ChocoLinkLabel                          = New-Object system.Windows.Forms.Label
 889 |     $ChocoLinkLabel.text                     = "https://community.chocolatey.org/packages"
 890 |     $ChocoLinkLabel.AutoSize                 = $true
 891 |     $ChocoLinkLabel.width                    = 25
 892 |     $ChocoLinkLabel.height                   = 10
 893 |     $ChocoLinkLabel.location                 = New-Object System.Drawing.Point(95,93)
 894 |     $ChocoLinkLabel.Font                     = New-Object System.Drawing.Font('Microsoft Sans Serif',10,[System.Drawing.FontStyle]([System.Drawing.FontStyle]::Underline))    
 895 | 
 896 |     $ChocoAddPackageButton                         = New-Object system.Windows.Forms.Button
 897 |     $ChocoAddPackageButton.text                    = "Add Package"
 898 |     $ChocoAddPackageButton.DialogResult            = [System.Windows.Forms.DialogResult]::OK
 899 |     $ChocoAddPackageButton.width                   = 118
 900 |     $ChocoAddPackageButton.height                  = 30
 901 |     $ChocoAddPackageButton.enabled                 = $false
 902 |     $ChocoAddPackageButton.location                = New-Object System.Drawing.Point(144,238)
 903 |     $ChocoAddPackageButton.Font                    = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 904 | 
 905 |     $ChocoFindPackageButton          = New-Object system.Windows.Forms.Button
 906 |     $ChocoFindPackageButton.text     = "Find Package"
 907 |     $ChocoFindPackageButton.width    = 118
 908 |     $ChocoFindPackageButton.height   = 30
 909 |     $ChocoFindPackageButton.enabled   = $true
 910 |     $ChocoFindPackageButton.location  = New-Object System.Drawing.Point(269,185)
 911 |     $ChocoFindPackageButton.Font      = New-Object System.Drawing.Font('Microsoft Sans Serif',10)
 912 |     $ChocoFindPackageButton.Add_Click({
 913 |         if (Get-ChocoPackage -PackageName $ChocoPackageTextBox.Text) {
 914 |             $ChocoPackageErrorLabel.Text = "Found Chocolatey package"
 915 |             $ChocoPackageErrorLabel.ForeColor = $successColor
 916 |             $ChocoPackageErrorLabel.Visible = $true
 917 |             $ChocoAddPackageButton.Enabled = $true
 918 |         } else {
 919 |             $ChocoPackageErrorLabel.text = "Chocolatey package not found"
 920 |             $ChocoPackageErrorLabel.ForeColor = $errorColor
 921 |             $ChocoPackageErrorLabel.Visible = $true
 922 |             $ChocoAddPackageButton.Enabled = $false
 923 |         }
 924 |     })
 925 | 
 926 |     $CommandoChocoManager.controls.AddRange(@($ChocoPackageTextBox,$ChocoAddPackageButton,$ChocoAboutGroup,$ChocoPackageErrorLabel,$ChocoPackageLabel,$ChocoFindPackageButton))
 927 |     $ChocoAboutGroup.controls.AddRange(@($ChocoAboutHeadingLabel,$ChocoAboutLabel,$ChocoLearnMoreLabel,$ChocoLinkLabel))
 928 | }
 929 | 
 930 | #################################################################################################
 931 | #################################################################################################
 932 | ###################################### Installer Functions ######################################
 933 | #################################################################################################
 934 | #################################################################################################
 935 | 
 936 | ################################# Functions that conduct Pre-Install Checks #################################
 937 | 
 938 | function Check-Admin {
 939 |     $currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
 940 |     return $currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
 941 | }
 942 | function Check-ExecutionPolicy {
 943 |     return (Get-ExecutionPolicy).ToString() -eq "Unrestricted"
 944 | }
 945 | function Check-DefenderAndTamperProtection {
 946 |     $defender = Get-WmiObject -Namespace "root\Microsoft\Windows\Defender" -Class MSFT_MpPreference
 947 |     if ($defender.DisableRealtimeMonitoring) {
 948 |         if (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection" -ea 0) {
 949 |             return (Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows Defender\Features" -Name "TamperProtection").TamperProtection -ne 5
 950 |         }
 951 |     }
 952 |     return $false
 953 | }
 954 | function Check-SupportedOS {
 955 |     $osVersion = (Get-WmiObject -class Win32_OperatingSystem).BuildNumber
 956 |     $testedVersions = @(19045, 22621)
 957 |     return $osVersion -in $testedVersions
 958 | }
 959 | function Check-VM {
 960 |     $virtualModels = @('VirtualBox', 'VMware', 'Virtual Machine', 'Hyper-V')
 961 |     $computerSystemModel = (Get-WmiObject win32_computersystem).model
 962 |     $isVirtualModel = $false
 963 |     
 964 |     foreach ($model in $virtualModels) {
 965 |         if ($computerSystemModel.Contains($model)) {
 966 |             $isVirtualModel = $true
 967 |             break
 968 |         }
 969 |     }
 970 | 
 971 |     if (!$isVirtualModel) {
 972 |         return $false
 973 |     } else {
 974 |         return $true
 975 |     }
 976 | }
 977 | function Check-Storage {
 978 |     $disk = Get-PSDrive (Get-Location).Drive.Name
 979 |     Start-Sleep -Seconds 1
 980 |     if (($disk.used + $disk.free)/1GB -gt 68.8) {
 981 |         return $true
 982 |     } else {
 983 |         return $false
 984 |     }
 985 | }
 986 | 
 987 | ################################# Functions that change pre-install check configs #################################
 988 | 
 989 | function Check-ChocoBoxstarterVersions {
 990 |     $boxstarterVersionGood = $false
 991 |     $chocolateyVersionGood = $false
 992 |     if(${Env:ChocolateyInstall} -and (Test-Path "${Env:ChocolateyInstall}\bin\choco.exe")) {
 993 |         $chocoVersion = choco --version
 994 |         $chocolateyVersionGood = [System.Version]$chocoVersion -ge [System.Version]"0.10.13"
 995 |         choco info -l -r "boxstarter" | ForEach-Object { $name, $chocoVersion = $_ -split '\|' }
 996 |         $boxstarterVersionGood = [System.Version]$chocoVersion -ge [System.Version]"3.0.0"
 997 |         if ($chocolateyVersionGood -and $boxstarterVersionGood) {
 998 |             return $true
 999 |         } else {
1000 |             return $false
1001 |         }
1002 |     } else {
1003 |         return $false
1004 |     }
1005 | }
1006 | 
1007 | function Check-ChocoBoxstarterInstalls {
1008 |     [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
1009 |     Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://boxstarter.org/bootstrapper.ps1'))
1010 |     Get-Boxstarter -Force
1011 | 
1012 |     # Fix verbosity issues with Boxstarter v3
1013 |     # See: https://github.com/chocolatey/boxstarter/issues/501
1014 |     $fileToFix = "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\Chocolatey.ps1"
1015 |     $offendingString = 'if ($val -is [string] -or $val -is [boolean]) {'
1016 |     if ((Get-Content $fileToFix -raw) -contains $offendingString) {
1017 |         $fixString = 'if ($val -is [string] -or $val -is [boolean] -or $val -is [system.management.automation.actionpreference]) {'
1018 |         ((Get-Content $fileToFix -raw) -replace [regex]::escape($offendingString),$fixString) | Set-Content $fileToFix
1019 |     }
1020 |     $fileToFix = "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\invoke-chocolatey.ps1"
1021 |     $offendingString = 'Verbose           = $VerbosePreference'
1022 |     if ((Get-Content $fileToFix -raw) -contains $offendingString) {
1023 |         $fixString = 'Verbose           = ($global:VerbosePreference -eq "Continue")'
1024 |         ((Get-Content $fileToFix -raw) -replace [regex]::escape($offendingString),$fixString) | Set-Content $fileToFix
1025 |     }
1026 | }
1027 | function Check-BoxstarterConfig {
1028 |     $Boxstarter.RebootOk = (-not $noReboots.IsPresent)
1029 |     $Boxstarter.AutoLogin = $true
1030 |     $Boxstarter.SuppressLogging = $True
1031 |     $global:VerbosePreference = "SilentlyContinue"
1032 |     Set-BoxstarterConfig -NugetSources "$env:USERPROFILE\Desktop;.;https://www.myget.org/F/vm-packages/api/v2;https://chocolatey.org/api/v2"
1033 | }
1034 | 
1035 | function Check-ChocoConfig {
1036 |     choco sources add -n="vm-packages" -s "$env:USERPROFILE\Desktop;.;https://www.myget.org/F/vm-packages/api/v2;https://chocolatey.org/api/v2" --priority 1
1037 |     choco feature enable -n allowGlobalConfirmation
1038 |     choco feature enable -n allowEmptyChecksums
1039 |     $cache = "${Env:LocalAppData}\ChocoCache"
1040 |     New-Item -Path $cache -ItemType directory -Force | Out-Null
1041 |     choco config set cacheLocation $cache
1042 | }
1043 | 
1044 | ################################# Functions that Get Profiles and Packages #################################
1045 | 
1046 | function Get-ProfileData {
1047 |     $profilesFolder = Join-Path $PSScriptRoot "./Profiles/"
1048 |     $profiles = @()
1049 | 
1050 |     # Loop over the profiles folder
1051 |     Get-ChildItem -Path $profilesFolder -Filter "*.xml" | ForEach-Object {
1052 |         $xmlContent = [xml](Get-Content $_.FullName)
1053 |         $profileName = $_.BaseName
1054 |         $diskSize = $xmlContent.config.envs.env | Where-Object { $_.name -eq "MIN_DISK_SPACE" } | Select-Object -ExpandProperty value
1055 | 
1056 |         # Write the profile metadata to a variable
1057 |         $profiles += [PSCustomObject]@{
1058 |             ProfileName = $profileName
1059 |             DiskSize    = $diskSize
1060 |             XmlPath     = $_.FullName
1061 |         }
1062 |     }
1063 | 
1064 |     return $profiles
1065 | }
1066 | 
1067 | function Get-PackagesFromProfile {
1068 |     param (
1069 |         [string]$ProfileName
1070 |     )
1071 | 
1072 |     # Get the XML profile path for the specified profile
1073 |     $profilePath = $global:profileData | Where-Object { $_.ProfileName -eq $ProfileName } | Select-Object -ExpandProperty XmlPath
1074 | 
1075 |     # Read the XML profile and pull the package names out
1076 |     if ($profilePath) {
1077 |         $xmlContent = [xml](Get-Content $profilePath)
1078 |         $packages = $xmlContent.config.packages.package
1079 |         return $packages
1080 |     }
1081 |     else {
1082 |         Write-Host "[!] Profile not found." -ForegroundColor Red
1083 |         return @()
1084 |     }
1085 | }
1086 | 
1087 | function Get-AvailablePackages {
1088 |     $apiUrl = "https://www.myget.org/F/vm-packages/Packages"
1089 |     $destination = Join-Path $PSScriptRoot "./available_packages.xml"
1090 |     $blockList = @("flarevm.installer.vm", "common.vm", "debloat.vm", "installer.vm")
1091 | 
1092 |     $packages = @()
1093 | 
1094 |     # Define XML namespaces
1095 |     $nsManager = New-Object -TypeName "System.Xml.XmlNamespaceManager" -ArgumentList (New-Object System.Xml.XmlDocument).NameTable
1096 |     $nsManager.AddNamespace("atom", "http://www.w3.org/2005/Atom")
1097 |     $nsManager.AddNamespace("d", "http://schemas.microsoft.com/ado/2007/08/dataservices")
1098 |     $nsManager.AddNamespace("m", "http://schemas.microsoft.com/ado/2007/08/dataservices/metadata")
1099 | 
1100 |     do {
1101 |         # Download the XML from MyGet API
1102 |         try {
1103 |             Invoke-WebRequest -Uri $apiUrl -OutFile $destination -ErrorAction Stop
1104 |         }
1105 |         catch {
1106 |             Write-Error "Failed to download available_packages.xml. Error: $_"
1107 |             exit
1108 |         }
1109 | 
1110 |         # Load the XML content
1111 |         $xmlContent = [xml](Get-Content $destination)
1112 | 
1113 |         # Extract package information from the XML
1114 |         $xmlContent.SelectNodes("//atom:entry", $nsManager) | ForEach-Object {
1115 |             $isLatestVersion = $_.SelectSingleNode("m:properties/d:IsLatestVersion", $nsManager).InnerText
1116 | 
1117 |             # There are multiple versions of packages, but we only display the latest
1118 |             if ($isLatestVersion -eq "true") {
1119 |                 $packageName = $_.SelectSingleNode("m:properties/d:Id", $nsManager).InnerText
1120 |                 $packageAuthor = $_.SelectSingleNode("atom:author/atom:name", $nsManager).InnerText
1121 |                 $packageVersion = $_.SelectSingleNode("m:properties/d:Version", $nsManager).InnerText
1122 |                 $packageSummary = $_.SelectSingleNode("m:properties/d:Description", $nsManager).InnerText
1123 | 
1124 |                 # Check if package name is not in the blocklist
1125 |                 if ($packageName -notin $blockList) {
1126 |                     $packages += [PSCustomObject]@{
1127 |                         PackageName   = $packageName
1128 |                         PackageAuthor = $packageAuthor
1129 |                         PackageVersion = $packageVersion
1130 |                         PackageSummary = $packageSummary
1131 |                     }
1132 |                 }
1133 |             }
1134 |         }
1135 | 
1136 |         # Check if there is a next link in the XML and set the API URL to that link if it exists
1137 |         $nextLink = $xmlContent.SelectSingleNode("//atom:link[@rel='next']/@href", $nsManager)
1138 |         $apiUrl = $nextLink."#text"
1139 |     }
1140 |     while ($apiUrl -ne $null)
1141 | 
1142 |     return $packages
1143 | }
1144 | 
1145 | function Get-ChocoPackage {
1146 |     param (
1147 |         [Parameter(Mandatory=$true)]
1148 |         [string]$PackageName
1149 |     )
1150 | 
1151 |     try {
1152 |         # Call Chocolatey API to get package metadata
1153 |         $response = Invoke-RestMethod -Uri ('https://community.chocolatey.org/api/v2/Packages()?$filter=Id%20eq%20%27' + $PackageName + '%27&$orderby=Version%20desc&$top=1')
1154 | 
1155 |         if (!$response) {
1156 |             return $false
1157 |         }
1158 | 
1159 |         return [PSCustomObject]@{
1160 |             PackageName = $PackageName
1161 |             PackageAuthor = $response.author.name
1162 |             PackageVersion = $response.properties.version
1163 |             PackageSummary = $response.summary.InnerText
1164 |         }
1165 |     }
1166 |     catch {
1167 |         return $false
1168 |     }
1169 | }
1170 | 
1171 | 
1172 | ################################# Functions that Set GUI Controls #################################
1173 | 
1174 | function Set-SelectedPackages {
1175 |     
1176 |     # Get the packages for the specified profile
1177 |     $packagesFromProfile = Get-PackagesFromProfile -ProfileName $global:selectedProfile
1178 | 
1179 |     if (-not $null -eq $packagesFromProfile) {
1180 |         # Update the SelectedPackagesList with the packages from the profile
1181 |         $SelectedPackagesList.Items.Clear()
1182 |         $SelectedPackagesList.Items.AddRange($packagesFromProfile.name)
1183 | 
1184 |         # Update the count labels
1185 |         $SelectedCountLabel.text = "Total: $($SelectedPackagesList.Items.count)"
1186 |     }
1187 | }
1188 | 
1189 | function Set-AvailablePackages {
1190 |     
1191 |     # Update the AvailablePackagesList with all the package names from the $global:packageData that are not in the $SelectedPackagesList.Items
1192 |     $AvailablePackagesList.Items.Clear()
1193 | 
1194 |     $filteredPackages = $global:packageData.PackageName | Where-Object { $_ -notin $SelectedPackagesList.Items }
1195 |     
1196 |     # Add items only if there are items to add
1197 |     if ($filteredPackages.Count -gt 0) {
1198 |         $AvailablePackagesList.Items.AddRange($filteredPackages)
1199 |     }
1200 | 
1201 |     # Update the count labels
1202 |     $AvailableCountLabel.text = "Total: $($AvailablePackagesList.Items.count)"
1203 | }
1204 | 
1205 | 
1206 | 
1207 | function Set-PackageInformation {
1208 |     param (
1209 |         [string]$PackageName
1210 |     )
1211 | 
1212 |     if ($PackageName -notmatch "\.vm$") {
1213 |         $package = Get-ChocoPackage -PackageName $PackageName
1214 |     } else {
1215 |         # Get the available package list
1216 |         $package = $global:packageData | Where-Object { $_.PackageName -eq $PackageName }
1217 |     }
1218 | 
1219 |     # Populate the package information fields
1220 |     if ($package) {
1221 |         $Description.Text = $package.PackageSummary
1222 |         $Authors.Text     = $package.PackageAuthor
1223 |         $Version.Text     = $package.PackageVersion
1224 |     } else {
1225 |         Write-Host "[!] Package not found."
1226 |     }
1227 | }
1228 | 
1229 | 
1230 | function Set-ProfilePreset {
1231 |     param (
1232 |         [string]$ProfileName
1233 |     )
1234 | 
1235 |     # Change the selected profile
1236 |     $global:selectedProfile = $ProfileName
1237 | 
1238 |     # Re-render the package lists
1239 |     Set-SelectedPackages
1240 |     Set-AvailablePackages
1241 | 
1242 |     # Check if SelectedPackagesList is empty
1243 |     if ($SelectedPackagesList.Items.Count -gt 0) {
1244 |         # If not empty, set the package info to the first package in the selected list
1245 |         Set-PackageInformation -PackageName $SelectedPackagesList.Items[0]
1246 |     }
1247 |     else {
1248 |         # If empty, set the package info to the first package in the available list
1249 |         Set-PackageInformation -PackageName $AvailablePackagesList.Items[0]
1250 |     }
1251 | }
1252 | 
1253 | ################################# Functions that Select Packages #################################
1254 | 
1255 | function Add-SelectedPackage {
1256 | 
1257 |     $selectedItem = $AvailablePackagesList.SelectedItem
1258 | 
1259 |     # Move the selected package over to selected listbox from available
1260 |     if ($selectedItem) {
1261 |         $SelectedPackagesList.Items.Add($selectedItem)
1262 |         $AvailablePackagesList.Items.Remove($selectedItem)
1263 | 
1264 |         # Update the total counts
1265 |         $SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
1266 |         $AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
1267 |     }
1268 | }
1269 | 
1270 | function Add-AllPackages {
1271 |     # Move all items from $AvailablePackagesList.Items to $SelectedPackagesList.Items
1272 |     foreach ($item in $AvailablePackagesList.Items) {
1273 |         $SelectedPackagesList.Items.Add($item)
1274 |     }
1275 | 
1276 |     # Empty out the $AvailablePackagesList.Items
1277 |     $AvailablePackagesList.Items.Clear()
1278 | 
1279 |     # Update the count labels
1280 |     $SelectedCountLabel.text = "Total: $($SelectedPackagesList.Items.Count)"
1281 |     $AvailableCountLabel.text = "Total: $($AvailablePackagesList.Items.Count)"
1282 | }
1283 | 
1284 | function Remove-SelectedPackage {
1285 |     $selectedItem = $SelectedPackagesList.SelectedItem
1286 | 
1287 |     # Move over the selected package from selected list to available
1288 |     if ($selectedItem) {
1289 |         $AvailablePackagesList.Items.Add($selectedItem)
1290 |         $SelectedPackagesList.Items.Remove($selectedItem)
1291 | 
1292 |         # Update the total counts
1293 |         $SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
1294 |         $AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
1295 |     }
1296 | }
1297 | 
1298 | function Remove-AllPackages {
1299 | 
1300 |     # Add each item from selected to available
1301 |     foreach ($item in $SelectedPackagesList.Items) {
1302 |         $AvailablePackagesList.Items.Add($item)
1303 |     }
1304 | 
1305 |     # Clear out the selected listbox
1306 |     $SelectedPackagesList.Items.Clear()
1307 | 
1308 |     $SelectedCountLabel.Text = "Total: $($SelectedPackagesList.Items.Count)"
1309 |     $AvailableCountLabel.Text = "Total: $($AvailablePackagesList.Items.Count)"
1310 | }
1311 | 
1312 | ################################# Functions that Save Profiles #################################
1313 | 
1314 | function Save-Profile {
1315 |     param (
1316 |         [string]$ProfilePath = $(Join-Path -Path $PSScriptRoot (".\Profiles" + "\Custom.xml"))
1317 |     )
1318 | 
1319 |     # Get the path to the XML of the preset we're basing the profile on and read it into memory
1320 |     $selectedProfilePath = ($global:profileData | Where-Object { $_.ProfileName -eq $global:selectedProfile }).XmlPath
1321 |     [xml]$xmlContent = Get-Content -Path $selectedProfilePath
1322 | 
1323 |     # Remove the profile if one already exists with the same name
1324 |     if (Test-Path -Path $ProfilePath) {
1325 |         Remove-Item -Path $ProfilePath -Force
1326 |     }
1327 | 
1328 |     # Clear out the packages section of the preset
1329 |     $packagesNode = $xmlContent.config.packages
1330 |     $packagesNode.RemoveAll()
1331 | 
1332 |     # Overwrite the packages section with our own from the selected packages listbox
1333 |     foreach ($item in $SelectedPackagesList.Items) {
1334 |         $packageNode = $xmlContent.CreateElement("package")
1335 |         $packageNode.SetAttribute("name", $item)
1336 |         $packagesNode.AppendChild($packageNode)
1337 |     }
1338 | 
1339 |     $xmlContent.Save($ProfilePath)
1340 |     $global:profileData = Get-ProfileData
1341 | }
1342 | 
1343 | function Save-ProfileAs {
1344 | 
1345 |     $Title = "Save CommandoVM Profile As"
1346 |     $Filter = "XML Files (*.xml)|*.xml|All Files (*.*)|*.*"
1347 |     $InitialDirectory = Join-Path $PSScriptRoot ".\Profiles"
1348 | 
1349 |     # Create a save-as dialog window at the profiles directory
1350 |     $saveFileDialog = New-Object System.Windows.Forms.SaveFileDialog
1351 |     $saveFileDialog.Title = $Title
1352 |     $saveFileDialog.Filter = $Filter
1353 |     $saveFileDialog.InitialDirectory = $InitialDirectory
1354 | 
1355 |     $result = $saveFileDialog.ShowDialog()
1356 | 
1357 |     # If the user picks a file location, we will pass it to Save-Profile
1358 |     if ($result -eq "OK") {
1359 |         Save-Profile -ProfilePath $saveFileDialog.FileName
1360 |     }
1361 | }
1362 | 
1363 | ################################# Functions that Install Packages #################################
1364 | 
1365 | function Install-Profile {
1366 |     param (
1367 |         [Parameter(Mandatory = $false)]
1368 |         [string]$ProfileName,
1369 | 
1370 |         [Parameter(Mandatory = $false)]
1371 |         [string]$ProfilePath
1372 |     )
1373 |     Write-Host "[+] Settings updated, beginning install. Please wait for a popup letting you know the installation is complete!" -ForegroundColor Green
1374 |     if (-not $ProfileName -and -not $ProfilePath) {
1375 |         throw "Either ProfileName or ProfilePath must be specified."
1376 |     }
1377 | 
1378 |     try {
1379 |         if (Check-ChocoBoxstarterVersions) {
1380 |             Write-Host "[+] Setting Boxstarter config"
1381 |             Check-BoxstarterConfig
1382 |             Write-Host "[+] Setting Chocolatey config"
1383 |             Check-ChocoConfig
1384 |         } else {
1385 |             Write-Host "[+] Installing Boxstarter"
1386 |             Check-ChocoBoxstarterInstalls
1387 |             Write-Host "[+] Setting Boxstarter config"
1388 |             Check-BoxstarterConfig
1389 |             Write-Host "[+] Setting Chocolatey config"
1390 |             Check-ChocoConfig
1391 |         }
1392 | 
1393 |         # Set environment variable for Commando VM
1394 |         [Environment]::SetEnvironmentVariable('VMname', 'Commando VM', [EnvironmentVariableTarget]::Machine)
1395 | 
1396 |         Import-Module "${Env:ProgramData}\boxstarter\boxstarter.chocolatey\boxstarter.chocolatey.psd1" -Force
1397 |         
1398 |         # Install base packages
1399 |         Write-Host "[+] Installing the common.vm shared module" -ForegroundColor Yellow
1400 |         choco install common.vm -y --force
1401 |         refreshenv
1402 |         Import-Module "$Env:ProgramData\_VM\vm.common\vm.common.psm1" -DisableNameChecking -Force
1403 |         VM-Write-Log "INFO" "Common libraries installed."
1404 | 
1405 |         Write-Host "[+] Installing the debloat.vm debloater and performance package"
1406 |         choco install debloat.vm -y --force
1407 |         VM-Write-Log "INFO" "Debloating and performance enhancements completed"
1408 | 
1409 |         # Set profile to be installed
1410 |         if (-not $ProfilePath) {
1411 |             $ProfilePath = Join-Path $PSScriptRoot ("\Profiles\" + $ProfileName + ".xml")
1412 |         }
1413 |         
1414 |         $destinationPath = Join-Path ${Env:VM_COMMON_DIR} "packages.xml"
1415 | 
1416 |         if (Test-Path $ProfilePath) {
1417 |             Copy-Item $ProfilePath $destinationPath -Force
1418 |             VM-Write-Log "INFO" "Copied profile $ProfilePath to $destinationPath"
1419 |             Write-Host "[+] Profile copied to %VM_COMMON_DIR%: $ProfileName" -ForegroundColor Green
1420 |         } else {
1421 |             Write-Host "[!] Error: Profile not found: $ProfileName" -ForegroundColor Red
1422 |         }
1423 |         
1424 |         # Set Windows OS VM configuration file
1425 |         $configPath = Join-Path ${Env:VM_COMMON_DIR} "config.xml"
1426 |         $configSource = Join-Path $PSScriptRoot "Profiles\Configs"
1427 |         $osVersion = VM-Get-WindowsVersion
1428 |         if ($osVersion -eq "Win10" -and -not $victim.IsPresent){
1429 |             VM-Write-Log "INFO" "Windows 10 detected, setting win10config.xml for configuration file."
1430 |             Copy-Item $(Join-Path $configSource "win10config.xml") $configPath -Force
1431 |         } elseif ($osVersion -eq "Win10" -and $victim.IsPresent){
1432 |             VM-Write-Log "INFO" "Windows 10 Victim detected, setting win10victimconfig.xml for configuration file."
1433 |             Copy-Item $(Join-Path $configSource "win10victimconfig.xml") $configPath -Force
1434 |         } elseif ($osVersion -eq "Win11" -and -not $victim.IsPresent) {
1435 |             VM-Write-Log "INFO" "Windows 11 detected, setting win11config.xml for configuration file."
1436 |             Copy-Item $(Join-Path $configSource "win11config.xml") $configPath -Force
1437 |         } elseif ($osVersion -eq "Win11" -and $victim.IsPresent) {
1438 |             VM-Write-Log "INFO" "Windows 11 Victim detected, setting win11victimconfig.xml for configuration file."
1439 |             Copy-Item $(Join-Path $configSource "win11victimconfig.xml") $configPath -Force
1440 |         } elseif ($osVersion -eq "Win11ARM" -and -not $victim.IsPresent) {
1441 |             VM-Write-Log "INFO" "Windows 11 ARM detected, setting win11armconfig.xml for configuration file."
1442 |             Copy-Item $(Join-Path $configSource "win11armconfig.xml") $configPath -Force
1443 |         } elseif ($osVersion -eq "Win11ARM" -and $victim.IsPresent) {
1444 |             VM-Write-Log "INFO" "Windows 11 ARM Victim detected, setting win11armvictimconfig.xml for configuration file."
1445 |             Copy-Item $(Join-Path $configSource "win11armvictimconfig.xml") $configPath -Force
1446 |         } else {
1447 |             VM-Write-Log "WARN" "Unknown OS, choosing win10config.xml for configuration file."
1448 |             Copy-Item $(Join-Path $configSource "win10config.xml") $configPath -Force
1449 |         }
1450 | 
1451 |         # Set background file
1452 |         $backgroundImage = "${Env:VM_COMMON_DIR}\background.png"
1453 |         if ($victim.IsPresent){
1454 |             $sourceImage = Join-Path $PSScriptRoot "Images\background-victim.png"
1455 |         } else {
1456 |             $sourceImage = Join-Path $PSScriptRoot "Images\background.png"
1457 |         }
1458 |         Copy-Item $sourceImage $backgroundImage -Force
1459 | 
1460 |         # Set ico file
1461 |         $icoImage = "${Env:VM_COMMON_DIR}\vm.ico"
1462 |         $sourceIco = Join-Path $PSScriptRoot "Images\commando.ico"
1463 |         Copy-Item -Path $sourceIco -Destination $icoImage
1464 |         
1465 |         # Begin the package install
1466 |         Write-Host "Installing profile: $ProfileName" -ForegroundColor Yellow
1467 |         $PackageName = "installer.vm"
1468 |         if ($noPassword.IsPresent -or ($global:credentials -eq "")) {
1469 |             $Boxstarter.NoPassword = $true
1470 |             Install-BoxstarterPackage -PackageName $PackageName
1471 |         } else {
1472 |             $Boxstarter.NoPassword = $false
1473 |             Install-BoxstarterPackage -PackageName $PackageName -Credential $global:credentials
1474 |         }
1475 |     }
1476 |     catch {
1477 |         Write-Host "[!] Error: Failed to install profile: $PackageName" -ForegroundColor Red
1478 |         Write-Host $_.Exception.Message -ForegroundColor Red
1479 |     }
1480 | }
1481 | 
1482 | ################################# Functions that Open GUI Windows #################################
1483 | 
1484 | function Open-CheckManager {
1485 | 
1486 |     if ($CommandoChecksManager.ShowDialog() -ne [System.Windows.Forms.DialogResult]::OK) {
1487 |         exit
1488 |     }
1489 | }
1490 | 
1491 | function Open-Installer {
1492 | 
1493 |     # Populate the profile selector combo box
1494 |     $ProfileSelector.Items.Clear()
1495 |     $ProfileSelector.Items.AddRange($global:profileData.ProfileName)
1496 | 
1497 |     # Set the value of the profile selector to default
1498 |     $ProfileSelector.Text = $global:selectedProfile
1499 | 
1500 |     [void]$CommandoInstaller.ShowDialog()
1501 | }
1502 | 
1503 | function Open-ProfileManager {
1504 | 
1505 |     # Populate the combo box with profile names from the $global:profileData array
1506 |     $PresetSelector.Items.Clear()
1507 |     $PresetSelector.Items.AddRange($global:profileData.ProfileName)
1508 | 
1509 |     # Set the value of $PresetSelector.Text to $global:selectedProfile
1510 |     $PresetSelector.Text = $global:selectedProfile
1511 | 
1512 |     # Render the package lists
1513 |     Set-SelectedPackages
1514 |     Set-AvailablePackages
1515 | 
1516 |     # Check if SelectedPackagesList is empty
1517 |     if ($SelectedPackagesList.Items.Count -gt 0) {
1518 |         # If not empty, set the package info to the first package in the selected list
1519 |         Set-PackageInformation -PackageName $SelectedPackagesList.Items[0]
1520 |     }
1521 |     else {
1522 |         # If empty, set the package info to the first package in the available list
1523 |         Set-PackageInformation -PackageName $AvailablePackagesList.Items[0]
1524 |     }
1525 | 
1526 |     [void]$CommandoProfileManager.ShowDialog()
1527 | }
1528 | 
1529 | 
1530 | function Open-AddChocoPackage {
1531 | 
1532 |     $ChocoPackageTextBox.Text = ""
1533 |     $ChocoPackageErrorLabel.Visible = $false
1534 |     $ChocoAddPackageButton.Enabled = $false
1535 | 
1536 |     if ($CommandoChocoManager.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK) {
1537 |         $SelectedPackagesList.Items.Add($ChocoPackageTextBox.Text)
1538 |         $SelectedCountLabel.Text = "Total: " + $SelectedPackagesList.Items.Count
1539 |     }
1540 | }
1541 | 
1542 | function Open-PasswordEntry {
1543 |     $PasswordInfoLabel.Visible = $true
1544 |     $PasswordTextBox.Text = ""
1545 |     
1546 |     if ($CommandoPasswordManager.ShowDialog() -eq [System.Windows.Forms.DialogResult]::OK)
1547 |     {
1548 |         $Password = $PasswordTextBox.Text
1549 |         if ($Password -ne "") {
1550 |             $SecurePassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
1551 |             $global:credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $env:username, $SecurePassword
1552 |         }
1553 |         [void]$CommandoInstaller.Close()
1554 |         return $true
1555 |     } else {
1556 |         return $false
1557 |     }
1558 | }
1559 | 
1560 | #################################################################################################
1561 | #################################################################################################
1562 | ###################################### Installer Workflows ######################################
1563 | #################################################################################################
1564 | #################################################################################################
1565 | 
1566 | # QuickEdit and Insert modes can sometimes freeze the powershell.exe window
1567 | Set-ItemProperty -Path 'HKCU:\Console' -Name 'QuickEdit' -Value 0
1568 | Set-ItemProperty -Path 'HKCU:\Console' -Name 'InsertMode' -Value 0
1569 | 
1570 | # Setting global variables
1571 | $global:checksPassed = $true
1572 | $osInfo = Get-ComputerInfo
1573 | $osArchitecture = $osInfo.OSArchitecture
1574 | if ($osArchitecture -match "ARM") {
1575 |     $global:selectedProfile = "Default - ARM"
1576 | } else{
1577 |     $global:selectedProfile = "Default"
1578 | }
1579 | $global:credentials = ""
1580 | 
1581 | ################################# GUI Workflow #################################
1582 | 
1583 | if (-not $cli.IsPresent) {
1584 | 
1585 |     if (-not $skipChecks.IsPresent) {
1586 | 
1587 |         # Make sure that the user completed all pre-install steps
1588 |         if (Check-Admin) {
1589 |             $RunningAsAdmin.Text = "True"
1590 |             $RunningAsAdmin.ForeColor = $successColor
1591 |         } else {
1592 |             $global:checksPassed = $false
1593 |         }
1594 | 
1595 |         if (Check-ExecutionPolicy) {
1596 |             $ExecutionPolicy.Text = "True"
1597 |             $ExecutionPolicy.ForeColor = $successColor
1598 |         } else {
1599 |             $global:checksPassed = $false
1600 |         }
1601 | 
1602 |         if (-not $victim.IsPresent) {
1603 |             if (Check-DefenderAndTamperProtection) {
1604 |                 $WindowsDefender.Text = "True"
1605 |                 $WindowsDefender.ForeColor = $successColor
1606 |             }
1607 |         } else {
1608 |             $WindowsDefender.Text = "Skip"
1609 |             $WindowsDefender.ForeColor = $skippedColor
1610 |             $global:selectedProfile = "Victim"
1611 |         }
1612 |         if (-not $victim.IsPresent) {
1613 |             if (Check-DefenderAndTamperProtection) {
1614 |                 $WindowsDefender.Text = "True"
1615 |                 $WindowsDefender.ForeColor = $successColor
1616 |             }
1617 |         } else {
1618 |             $WindowsDefender.Text = "Skip"
1619 |             $WindowsDefender.ForeColor = $skippedColor
1620 |             $global:selectedProfile = "Victim"
1621 |         }
1622 | 
1623 |         if (Check-SupportedOS) {
1624 |             $WindowsRelease.Text = "True"
1625 |             $WindowsRelease.ForeColor = $successColor
1626 |         } else {
1627 |             $global:checksPassed = $false
1628 |         }
1629 | 
1630 |         if (Check-VM) {
1631 |             $RunningVM.Text = "True"
1632 |             $RunningVM.ForeColor = $successColor
1633 |         } else {
1634 |             $global:checksPassed = $false
1635 |         }
1636 | 
1637 |         if (Check-Storage) {
1638 |             $EnoughHardStorage.Text = "True"
1639 |             $EnoughHardStorage.ForeColor = $successColor
1640 |         } else {
1641 |             $global:checksPassed = $false
1642 |         }
1643 | 
1644 |         if ($global:checksPassed) {
1645 |             $ChecksCompleteButton.enabled = $true
1646 |         }
1647 | 
1648 |         Open-CheckManager
1649 |     }
1650 |     
1651 |     if ($global:checksPassed -or $skipChecks.IsPresent) {
1652 | 
1653 |         # Fetch profiles and packages
1654 |         Write-Host "[+] Retrieving available packages from MyGet. Please wait."
1655 |         $global:profileData = Get-ProfileData
1656 |         $global:packageData = Get-AvailablePackages
1657 | 
1658 |         Write-Host "[+] Beginning graphical install"
1659 | 
1660 |         Open-Installer
1661 |     }
1662 | }
1663 | 
1664 | ################################# CLI Workflow #################################
1665 | 
1666 | if ($cli.IsPresent) {
1667 | 
1668 |     Write-Host "`n$asciiArt" -ForegroundColor Red
1669 |     Write-Host "`t`tComplete Mandiant Offensive VM - Version 3.0" -ForegroundColor Red
1670 |     Write-Host "`t`t`tcommandovm@mandiant.com" -ForegroundColor DarkYellow
1671 | 
1672 |     if ($customProfile -eq "") {
1673 |         Write-Host "[+] No profile specified, selecting default"
1674 |         $customProfile = Join-Path $PSScriptRoot "Profiles/Default.xml"
1675 |     }
1676 | 
1677 |     if (-not $noPassword.IsPresent) {
1678 |         # Get user credentials for autologin during reboots
1679 |         if ([string]::IsNullOrEmpty($password)) {
1680 |             Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\PowerShell\1\ShellIds" -Name "ConsolePrompting" -Value $True
1681 |             Start-Sleep -Milliseconds 500
1682 |             Write-Host "[+] No password provided. Enter it now or use -noPassword if blank."
1683 |             $global:credentials = Get-Credential ${Env:username}
1684 |         } else {
1685 |             $securePassword = ConvertTo-SecureString -String $password -AsPlainText -Force
1686 |             $global:credentials = New-Object -TypeName "System.Management.Automation.PSCredential" -ArgumentList ${Env:username}, $securePassword
1687 |         }
1688 |     }
1689 | 
1690 |     if (-not $skipChecks.IsPresent) {
1691 |         # Make sure that the user completed all pre-install steps
1692 |         Write-Host "=================== CommandoVM Pre-Installation Checks ==================="
1693 | 
1694 |         if (Check-Admin) {
1695 |             Write-Host "`t[+] Running as administrator" -ForegroundColor Green
1696 |         } else {
1697 |             $global:checksPassed = $false
1698 |             Write-Host "`t[-] Not running as administrator" -ForegroundColor Red
1699 |         }
1700 | 
1701 |         if (Check-ExecutionPolicy) {
1702 |             Write-Host "`t[+] Execution policy is unrestricted" -ForegroundColor Green
1703 |         } else {
1704 |             $global:checksPassed = $false
1705 |             Write-Host "`t[-] Execution policy is not unrestricted" -ForegroundColor Red
1706 |         }
1707 |         
1708 |         if (-not $victim.IsPresent) {
1709 |             if (Check-DefenderAndTamperProtection) {
1710 |                 Write-Host "`t[+] Windows Defender and Tamper Protection are disabled" -ForegroundColor Green
1711 |             } else {
1712 |                 $global:checksPassed = $false
1713 |                 Write-Host "`t[-] Windows Defender and Tamper Protection are enabled" -ForegroundColor Red
1714 |             }
1715 |         } else {
1716 |             Write-Host "`t[+] Skipping Windows Defender checks"
1717 |         }
1718 |         if (-not $victim.IsPresent) {
1719 |             if (Check-DefenderAndTamperProtection) {
1720 |                 Write-Host "`t[+] Windows Defender and Tamper Protection are disabled" -ForegroundColor Green
1721 |             } else {
1722 |                 $global:checksPassed = $false
1723 |                 Write-Host "`t[-] Windows Defender and Tamper Protection are enabled" -ForegroundColor Red
1724 |             }
1725 |         } else {
1726 |             Write-Host "`t[+] Skipping Windows Defender checks"
1727 |         }
1728 | 
1729 |         if (Check-SupportedOS) {
1730 |             Write-Host "`t[+] Current Windows release is supported by CommandoVM" -ForegroundColor Green
1731 |         } else {
1732 |             $global:checksPassed = $false
1733 |             Write-Host "`t[-] Current Windows release is not supported by CommandoVM" -ForegroundColor Red
1734 |         }
1735 | 
1736 |         if (Check-VM) {
1737 |             Write-Host "`t[+] Virtual Machine detected" -ForegroundColor Green
1738 |         } else {
1739 |             $global:checksPassed = $false
1740 |             Write-Host "`t[-] Virtual Machine not detected" -ForegroundColor Red
1741 |         }
1742 | 
1743 |         if (Check-Storage) {
1744 |             Write-Host "`t[+] At least 70GB of storage detected" -ForegroundColor Green
1745 |         } else {
1746 |             $global:checksPassed = $false
1747 |             Write-Host "`t[-] At least 70GB of storage not found" -ForegroundColor Red
1748 |         }
1749 |     }
1750 | 
1751 |     if ($global:checksPassed -or $skipChecks.IsPresent) {
1752 |         Write-Host "===================== Installing CommandoVM ====================="
1753 |         Install-Profile -ProfileName $customProfile
1754 |     } else {
1755 |         Write-Host "`n[+] Some checks failed. Use the -skipChecks flag if you know what you are doing"
1756 |     }
1757 | }
1758 | 


--------------------------------------------------------------------------------