New Features - M199205zn/IAS-CS4 GitHub Wiki

🧠 Advanced Features for Ethical Virus Simulations

🔸 1. Adware Simulator (Advanced)

Simulates persistent, hard-to-remove adware behavior.

  • Persistence mechanisms:
    • Auto-start with system (Registry for Windows, Launch Agents for macOS)
    • Drops multiple clones in different system folders
  • Injects ads into visited webpages using proxy/browser extension
  • Modifies browser homepage and search engine
  • Simulated tracking behavior:
    • Logs user’s browsing activity to a local file
    • Simulates exfiltration without actually sending data

🔸 2. Message Bait / Joke Virus (Advanced)

More interactive and immersive for training social engineering detection.

  • Randomized behavior: Varies messages or triggers based on system clock, keyboard activity, etc.
  • Fake ransomware lock screen with countdown timer (no actual file lock)
  • Speech synthesis: Makes the system talk using system voice
  • Prank file manipulator: Temporarily renames desktop files or folders to odd names (restores on shutdown)
  • Hacker aesthetic UI: Flashing terminal, fake hacking animations, etc.

🔸 3. Phishing Website Simulation (Advanced)

Mimics real-world attacks for anti-phishing training.

  • Dynamic templates: Can generate fake versions of multiple services (Google, Microsoft, Banks)
  • URL obfuscation:
    • Uses Unicode lookalike characters (ɢoogle.com)
    • Shortened links or QR codes
  • Browser fingerprinting:
    • Logs screen size, OS, browser type
    • Gives user a warning after submission like: "You've been phished – here's what you missed"
  • Self-destructs after a click or shows "This was a test"

🔸 4. Bank Email Scam Simulator (Advanced)

Mimics highly convincing spear-phishing emails for internal security drills.

  • Email spoofing (in controlled environments):
    • Simulates From: headers to look legitimate
    • Uses SPF/DKIM failure indicators
  • Targeted personalization:
    • Pulls employee name, department, or role (fed via CSV in lab)
    • Custom payloads per recipient
  • Simulated credential harvesting:
    • Fake login form logs entries and instantly provides a warning
    • Includes teaching modal: "How to spot fake emails like this"

🔸 5. Advanced Logging and Reporting

For post-simulation analysis.

  • Tracks how long it took for the user to react
  • Monitors whether users clicked suspicious links
  • Generates reports on user actions (e.g., who reported the email, who clicked it, who ignored)
  • Integrates with learning dashboards or LMS
  • Stores logs locally or uploads to a secure dashboard for instructors

🔸 6. AI-Driven Bait Generator

Uses GPT or LLMs to generate personalized bait messages.

  • Trains on internal company lingo or recent announcements to craft believable emails
  • Changes tone/style based on recipient’s position (e.g., “urgent HR notice” vs. “new admin update”)
  • Can simulate fake chat messages, SMS, or WhatsApp phishing

⚠️ Important Safeguards

For all advanced features:

  • Must include failsafe deactivation (e.g., secret key or hotkey)
  • Must be tested only in isolated/sandboxed environments
  • Must have explicit user consent and institutional approval