DEMO VIDEO

Overview/Statement

This is the final report for the Cyber Security Survival Kit project for my senior capstone project. Overall a lot of progress has been made and completed at this point. The early on weeks were all the heavy lifting and these next few days are wrapping up for presentations and documentation. But that will be addressed in the objectives this sprint.

Attempt scripting with software testing

The attempt worked! I successfully programed a GUI to work in PowerShell!

Going through the code section of the page here will show many different iterations of the GUI script. Originally this was working off of a template that used excel spreadsheets as a simple way to create a GUI. I found that difficult to work and manage so instead I took the route of configuring it all on my own. This took so much time to fully figure out the method of Windows Forums. Plenty of adjusting and eventually I made the code much simpler by introducing for loops, although that wasn't fully negated if you look at the button pressed part. But for a PowerShell GUI it looks great, im very proud that I got it up and running in such a short period of time!

From there I made a separate script called actions.ps1 which includes all the actual commands for the buttons. However this introduced a potential security risk as what would prevent someone from modifying the files so when the script is called it runs whatever an attacker chooses? To negate this I added a security check. Included within the GUI script is a file checker. The checker downloads a copy of the actions.ps1 file and compares the hash. If the hash matches exactly then the GUI boots, if not then an error pops and the script is halted! The GUI script will be converted to an exe when the presentation is submitted as well. I feel this makes it organized but also very easy to read and manage which was the intention for anyone to try and read and understand.

For the features, one issue I kept bumping into was the fact that pressing a button froze the GUI in place until the command ran but never showed what it was doing on a PowerShell window. To solve this I added a command:

# Opens a powershell admin window for commands to run!
# Manual will mention to have admin escalation require passwords before using
Start-Process powershell.exe -Verb RunAs -ArgumentList "-NoExit", "-Command", "any command you want!"

But all the features work besides the manual, the only reason why is because its not done so for now its a simple 8.8.8.8 command. The manual will be done in the next day or so. The script will be updated accordingly.

Compile all software

This was originally going to be the backup for my project and have the software and techniques on a google doc instead of a PowerShell GUI. However since I got the GUI to work with flying colors, there was no need to worry and just to focus on making the software work!

Test attack against machine

This section also changed a bit. I feel that the attack lessened its impact overtime. While its very important. I feel that showing the features worked with the time I had. I still will have a simple trigger for a malicious script on the machine, but mostly for the windows defender scan feature so the document isnt just blank to show it works!

Documentation Pages

The documentation is still being wrapped up. I just need to grab a bunch of screenshots from a fresh install which I'm also doubling as a recording for the presentation. This manual will also technically be my final report as it goes over all the bells and whistles the software has. Needs to be finished before the 28th of April which is plenty of time as it will be done by tomorrow as of writing this.

Presentation

This is also being prepared as we do not have the exact requirements for the presentation as of yet. However the main thing I want to do is record the software rather then demo it in person. This is mostly just to save time as the installs can take a lot of time to do so I will be able to speed up the process for a clean and quick presentation. This will also simply explain what all the buttons do before the video aswell. I expect this to be done shortly after the report.

Final Report

As mentioned before, this has now become the documentation pages so this will close when the manual has been finished!

Teacher Meeting

(Taken from card comment) For my meeting there was only so much to be said. I had a lot of work to do from my previous meeting. But as I have been creating and working throughout the past few weeks taking the pitched features from last meeting. This was the use of security of my software and scripts and a "stats for nerds" log feature.

Not only has the GUI been improved from scratch, and all the buttons work properly. For security I have implemented two methods. First the main GUI program has a file check function. Copies of all the files are pulled from this GitHub and the hash is compared. If they don't match by even a single character, then an error pops and the script ceases. Ontop of that the program has been converted into an executable file.

Overall the program is in a presentable state. I just need to wrap up my documentation and move all the files into a complete package. Most likely a zip file just to compress the file into a 1.0 state. My demo will be recorded in order to prevent any errors from displaying during a live demo and freaking out why it didnt decide to work.