[ { "path": "Invoke-UserSimulator.ps1", "content": "function Invoke-UserSimulator {\r\n<#\r\n.SYNOPSIS\r\n\r\nSimulates common user behaviour on local and remote Windows hosts.\r\nAuthors: Barrett Adams (@peewpw) and Chris Myers (@swizzlez_)\r\n\r\n.DESCRIPTION\r\n\r\nPerforms different actions to simulate real user activity and is intended for use in a lab\r\nenvironment. It will browse the internet using Internet Explorer, attempt to map non-existant\r\nnetwork shares, and open emails with Outlook, including embeded links and attachments.\r\n\r\n.PARAMETER Standalone\r\n\r\nDefine if the script should run as a standalone script on the localhost or on remote systems.\r\n\r\n.PARAMETER ConfigXML\r\n\r\nThe configuration xml file to use when running on remote hosts.\r\n\r\n.PARAMETER IE\r\n\r\nRun the Internet Explorer simulation.\r\n\r\n.PARAMETER Shares\r\n\r\n Run the mapping shares simulation.\r\n \r\n.PARAMETER Email\r\n\r\nRun the opening email simulation.\r\n\r\n.PARAMETER All\r\n\r\nRun all script simulation functions (IE, Shares, Email).\r\n\r\n.EXAMPLE\r\n\r\nImport the script modules:\r\nPS>Import-Module .\\Invoke-UserSimulator.ps1\r\n\r\nRun only the Internet Explorer function on the local host:\r\nPS>Invoke-UserSimulator -StandAlone -IE\r\n\r\nConfigure remote hosts prior to running the script remotely:\r\nPS>Invoke-ConfigureHosts -ConfigXML .\\config.xml\r\n\r\nRun all simulation functionality on remote hosts configured in the config.xml file:\r\nPS>Invoke-UserSimulator -ConfigXML .\\config.xml -All\r\n\r\n#>\r\n [CmdletBinding()]\r\n Param(\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[switch]$StandAlone,\r\n\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[switch]$Email,\r\n\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[switch]$IE,\r\n\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[switch]$Shares,\r\n\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[switch]$All,\r\n\r\n\t\t[Parameter(Mandatory=$False)]\r\n\t\t[string]$ConfigXML\r\n )\r\n\r\n $RemoteScriptBlock = {\r\n\t# TOOL FUNCTIONS\r\n\r\n [CmdletBinding()]\r\n Param(\r\n [Parameter(Position = 0, Mandatory = $false)]\r\n [Int]$EmailInterval,\r\n\t\t\t\r\n [Parameter(Position = 1, Mandatory = $false)]\r\n [Int]$PageDuration,\r\n\t\t\t\r\n [Parameter(Position = 2, Mandatory = $false)]\r\n [Int]$LinkDepth,\r\n \r\n [Parameter(Position = 3, Mandatory = $false)]\r\n [Int]$MountInterval,\r\n\t\t\t\r\n [Parameter(Position = 4, Mandatory=$False)]\r\n [Int]$Email,\r\n\t\t\t\r\n [Parameter(Position = 5, Mandatory=$False)]\r\n [Int]$IE,\r\n\t\t\t\r\n [Parameter(Position = 6, Mandatory=$False)]\r\n [Int]$Shares,\r\n\t\t\t\r\n [Parameter(Position = 7, Mandatory=$False)]\r\n [Int]$All\r\n )\r\n\r\n # Creates an Outlook COM Object, then iterates through unread mail. Parses the mail\r\n # and opens links in IE. Downloads and executes any attachments in a Microsoft trusted\r\n # folder, resulting in automatic MACRO execution.\r\n $InvokeOpenEmail = {\r\n Param(\r\n [Parameter(Position = 0, Mandatory=$True)]\r\n [int]$Interval\r\n )\r\n\r\n While ($True) {\r\n\r\n Add-type -assembly \"Microsoft.Office.Interop.Outlook\"\r\n $Outlook = New-Object -comobject Outlook.Application\r\n $Outlook.visible = $True\r\n $namespace = $Outlook.GetNameSpace(\"MAPI\")\r\n $namespace.Logon(\"\",\"\",$false,$true)\r\n $namespace.SendAndReceive($false)\r\n Start-Sleep -s 60\r\n $inbox = $namespace.GetDefaultFolder([Microsoft.Office.Interop.Outlook.OlDefaultFolders]::olFolderInbox)\r\n $filepath = (\"C:\\Users\\\" + $env:username + \"\\AppData\\Roaming\\Microsoft\\Templates\")\r\n\r\n ForEach($mail in $inbox.Items.Restrict(\"[Unread] = True\")) {\r\n Write-Host \"Found Emails\"\r\n If ($mail.Attachments) {\r\n Write-Host \"Found attachments!!\"\r\n ForEach ($attach in $mail.Attachments) {\r\n Write-Host \"in attachment loop...\"\r\n $path = (Join-Path $filepath $attach.filename)\r\n $attach.saveasfile($path)\r\n Invoke-Item $path\r\n }\r\n }\r\n\t\t\t\t\t\r\n # URL Regex\r\n [regex]$regex = \"([a-zA-Z]{3,})://([\\w-]+\\.)+[\\w-]+(/[\\w- ./?%&=]*)*?\"\r\n $URLs = echo $mail.Body | Select-String -Pattern $regex -AllMatches\r\n\r\n ForEach ($object in $URLs.Matches) {\r\n $ie = new-object -COM \"InternetExplorer.Application\"\r\n $ie.visible=$true\r\n echo \"Parsed link:\" $object.Value\r\n $ie.navigate2($object.Value)\r\n\t\t\t\t\t\t$timeout = 0\r\n\t\t\t\t\t\tWhile ($ie.busy -And $timeout -lt 10) {\r\n\t\t\t\t\t\t\tStart-Sleep -milliseconds 1000\r\n\t\t\t\t\t\t\t$timeout += 1\r\n\t\t\t\t\t\t}\r\n Start-Sleep -s 15\r\n $ie.Quit()\r\n }\r\n\t\t\t\t\t\r\n # Set mail object as read\r\n $mail.Unread = $false\r\n }\r\n Start-Sleep -s $Interval\r\n }\r\n }\r\n $InvokeMapShares = {\r\n Param(\r\n [Parameter(Position = 0, Mandatory=$True)]\r\n [int]$Interval\r\n )\r\n\r\n While ($True) {\r\n $randShare = -join ((65..90) + (97..122) | Get-Random -Count 10 | % {[char]$_})\r\n New-PSDrive -Name \"K\" -PSProvider FileSystem -Root \"\\\\$randShare\\sendCreds\"\r\n Start-Sleep -s $Interval\r\n }\r\n }\r\n \r\n # Simulates a user browsing the Internet. Will open pseudo-random URLs\r\n $InvokeIETraffic = {\r\n Param(\r\n [Parameter(Position = 0, Mandatory=$True)]\r\n [int]$Interval,\r\n\r\n [Parameter(Position = 1, Mandatory=$True)]\r\n [int]$MaxLinkDepth\r\n )\r\n\r\n $URIs = \"https://news.google.com\",\"https://www.reddit.com\",\"https://www.msn.com\",\"http://www.cnn.com\",\"http://www.bbc.com\",\"http://www.uroulette.com\"\r\n $depth = 0\r\n\r\n $ie = New-Object -ComObject \"InternetExplorer.Application\"\r\n $ie.visible=$true \r\n While ($ie.Application -ne $null) {\r\n If ($depth -eq 0) {\r\n $requestUri = get-random -input $URIs\r\n }\r\n\t\t\t\t\r\n $depth = $depth + 1\r\n\r\n $ie.navigate2($requestUri)\r\n\t\t\t\t$timeout = 0\r\n While ($ie.busy -And $timeout -lt 10) {\r\n\t\t\t\t\tStart-Sleep -milliseconds 1000\r\n\t\t\t\t\t$timeout += 1\r\n\t\t\t\t}\r\n\r\n $linklist = New-Object System.Collections.ArrayList($null)\r\n ForEach ($link in $ie.document.getElementsByTagName(\"a\")) {\r\n If ($link.href.length -gt 1) {\r\n $linklist.add($link.href)\r\n echo $link.href\r\n }\r\n }\r\n\r\n $requestUri = get-random -input $linklist\r\n echo $requestUri\r\n echo $depth\r\n Start-Sleep -s $Interval\r\n If ($depth -eq $MaxLinkDepth) {\r\n $depth = 0\r\n }\r\n }\r\n }\r\n \r\n $emailJob = 0\r\n $ieJob = 0\r\n $shareJob = 0\r\n \r\n If ($Email -or $All) { $emailJob = Start-Job -ScriptBlock $InvokeOpenEmail -ArgumentList @($EmailInterval) -Name 'usersimemail' }\r\n If ($IE -or $All) { $ieJob = Start-Job -ScriptBlock $InvokeIETraffic -ArgumentList @($PageDuration, $LinkDepth) -Name 'usersimie' }\r\n If ($Shares -or $All) { $shareJob = Start-Job -ScriptBlock $InvokeMapShares -ArgumentList @($MountInterval) -Name 'usersimshares' }\r\n\r\n # Start health check loop\r\n\r\n $StartTime = Get-Date\r\n $TimeOut = New-TimeSpan -Hours 1\r\n While ($True) {\r\n Start-Sleep -Seconds 60\r\n\r\n If (($All -or $Email) -and $emailJob.State -ne 'Running') {\r\n $emailJob = Start-Job -ScriptBlock $InvokeOpenEmail -ArgumentList @($EmailInterval) -Name 'usersimemail'\r\n }\r\n If (($All -or $IE) -and $ieJob.State -ne 'Running') {\r\n $ieJob = Start-Job -ScriptBlock $InvokeIETraffic -ArgumentList @($PageDuration, $LinkDepth) -Name 'usersimie'\r\n }\r\n If (($All -or $Shares) -and $shareJob.State -ne 'Running') {\r\n $shareJob = Start-Job -ScriptBlock $InvokeMapShares -ArgumentList @($MountInterval) -Name 'usersimshares'\r\n }\r\n \r\n If ((New-TimeSpan -Start $StartTime -End (Get-Date)) -gt $TimeOut) {\r\n If ($All -or $Email) {\r\n Stop-Job -Job $emailJob\r\n Stop-Process -Name outlook\r\n Stop-Process -Name werfault\r\n }\r\n If ($All -or $IE) {\r\n Stop-Job -Job $ieJob\r\n Stop-Process -Name iexplore\r\n Stop-Process -Name werfault\r\n }\r\n If ($All -or $Shares) {\r\n Stop-Job -Job $shareJob\r\n }\r\n $StartTime = Get-Date\r\n }\r\n }\r\n }\r\n\t\r\n If ($StandAlone) {\r\n\t# CLIENT BEHAVIOR\r\n If ($ConfigXML) {\r\n [xml]$XML = Get-Content $ConfigXML\r\n $EmailInterval = $XML.usersim.email.checkinInterval\r\n $PageDuration = $XML.usersim.web.pageDuration\r\n $LinkDepth = $XML.usersim.web.linkDepth\r\n $MountInterval = $XML.usersim.shares.mountInterval\r\n } Else {\r\n $EmailInterval = 300\r\n $PageDuration = 20\r\n $LinkDepth = 10\r\n $MountInterval = 30\r\n }\r\n\r\n # Make sure variables have values of the right type\r\n\t\t$myEmailInterval = if ($EmailInterval) {$EmailInterval} else {300}\r\n\t\t$myPageDuration = if ($PageDuration) {$PageDuration} else {20}\r\n\t\t$myLinkDepth = if ($LinkDepth) {$LinkDepth} else {10}\r\n\t\t$myMountInterval = if ($MountInterval) {$MountInterval} else {30}\r\n\t\t$myEmail = if ($Email) {1} else {0}\r\n\t\t$myIE = if ($IE) {1} else {0}\r\n\t\t$myShares = if ($Shares) {1} else {0}\r\n\t\t$myAll = if ($All) {1} else {0}\r\n\t\t\r\n Invoke-Command -ScriptBlock $RemoteScriptBlock -ArgumentList @($myEmailInterval, $myPageDuration, $myLinkDepth, $myMountInterval, $myEmail, $myIE, $myShares, $myAll)\r\n } Else {\r\n\t# SERVER BEHAVIOR\r\n If (!$ConfigXML) {\r\n\t\t\tWrite-Host \"Please provide a configuration file with '-ConfigXML' flag.\"\r\n\t\t\tBreak\r\n\t\t}\r\n\t\t\r\n\t\t$ShareName = 'UserSim'\r\n\t\t\r\n\t\tCreate-UserSimShare \"C:\\UserSim\" $ShareName $RemoteScriptBlock\r\n\t\t\r\n\t\t[xml]$XML = Get-Content $ConfigXML\r\n\t\t$EmailInterval = $XML.usersim.email.checkinInterval\r\n\t\t$PageDuration = $XML.usersim.web.pageDuration\r\n\t\t$LinkDepth = $XML.usersim.web.linkDepth\r\n\t\t$MountInterval = $XML.usersim.shares.mountInterval\r\n\t\t$Server = $XML.usersim.serverIP\r\n\t\t\r\n\t\t$myEmailInterval = if ($EmailInterval) {$EmailInterval} else {300}\r\n\t\t$myPageDuration = if ($PageDuration) {$PageDuration} else {20}\r\n\t\t$myLinkDepth = if ($LinkDepth) {$LinkDepth} else {10}\r\n\t\t$myMountInterval = if ($MountInterval) {$MountInterval} else {30}\r\n\t\t$myEmail = if ($Email) {1} else {0}\r\n\t\t$myIE = if ($IE) {1} else {0}\r\n\t\t$myShares = if ($Shares) {1} else {0}\r\n\t\t$myAll = if ($All) {1} else {0}\r\n\t\t\r\n\t\t$TaskArgs = \"-exec bypass -w hidden -c ipmo \\\\$Server\\$ShareName\\UserSim.ps1;Invoke-UserSim $myEmailInterval $myPageDuration $myLinkDepth $myMountInterval $myEmail $myIE $myShares $myAll\"\r\n\r\n\t\t$XML.usersim.client | ForEach-Object { \r\n\r\n\t\t\t$myHost = $_.host\r\n\t\t\t$username = $_.username\r\n\t\t\t$password = $_.password\r\n\t\t\t$domain = $_.domain\r\n\t\t\t$DomainUser = $domain+'\\'+$username\r\n\t\t\r\n\t\t\tWrite-Host \"In foreach loop...\"\r\n\t\t\tWrite-Host \"$myHost\"\r\n\t\t\tcmdkey /delete:\"$myHost\"\r\n\t\t\tStart-RemoteUserSimTask $myHost $TaskArgs $DomainUser $password\r\n\t\t\tstart-sleep -s 1\r\n\t\t\tcmdkey /add:$myHost /user:\"$domain\\$username\" /pass:\"$password\"\r\n\t\t\tStart-Sleep -s 1\r\n\t\t\tmstsc.exe /v \"$myHost\"\r\n\t\t\tStart-Sleep -s 5\r\n\t\t\tcmdkey /delete:\"$myHost\"\r\n\r\n\t\t\tWrite-Host \"Starting usersim on '$myHost' with username '$username'\"\r\n\t\t}\r\n }\r\n}\r\n\r\nfunction Create-UserSimShare {\r\n [CmdletBinding()]\r\n Param(\r\n\t\t[Parameter(Position = 0, Mandatory=$True)]\r\n\t\t[String]$SharePath,\r\n\r\n\t\t[Parameter(Position = 1, Mandatory=$True)]\r\n\t\t[String]$ShareName,\r\n\r\n\t\t[Parameter(Position = 2, Mandatory=$True)]\r\n\t\t[Management.Automation.ScriptBlock]$ScriptBlock\r\n )\r\n\t\r\n\tIf (Test-Path $SharePath) {\r\n\t\tRemove-Item -Path $SharePath -Recurse -Force\r\n Start-Sleep -Milliseconds 400\r\n\t}\r\n\tNew-Item $SharePath -Type Directory \r\n\r\n\t$Shares=[WMICLASS]\"Win32_Share\"\r\n\r\n\t$old_shares = Get-WMIObject Win32_Share -Filter \"name='$ShareName'\"\r\n\tIf ($old_shares) { \r\n\t\tForEach ($share in $old_shares) {\r\n\t\t\t$delete = $share.Delete()\r\n\t\t}\r\n\t}\r\n\r\n\t$Shares.Create($SharePath,$ShareName,0)\r\n\t$functionString = \"function Invoke-UserSim {\" + $ScriptBlock + \"}\"\r\n $functionString | Out-File $SharePath\\UserSim.ps1\r\n}\r\n\r\nfunction Start-RemoteUserSimTask {\r\n [CmdletBinding()]\r\n Param(\r\n\t\t[Parameter(Position = 0, Mandatory=$True)]\r\n\t\t[String]$RemoteHost,\r\n\t\t\r\n\t\t[Parameter(Position = 1, Mandatory=$True)]\r\n\t\t[String]$TaskArguments,\r\n\t\t\r\n\t\t[Parameter(Position = 2, Mandatory=$True)]\r\n\t\t[String]$TaskUser,\r\n\r\n\t\t[Parameter(Position = 3, Mandatory=$True)]\r\n\t\t[String]$TaskPassword\r\n )\r\n\t\r\n\t$RemoteStart = {\r\n\t\tParam(\r\n\t\t\t[Parameter(Position = 0, Mandatory=$True)]\r\n\t\t\t[String]$TaskArguments,\r\n\t\t\t\r\n\t\t\t[Parameter(Position = 1, Mandatory=$True)]\r\n\t\t\t[String]$TaskUser,\r\n\t\t\t\r\n\t\t\t[Parameter(Position = 2, Mandatory=$True)]\r\n\t\t\t[String]$TaskPassword\r\n\t\t)\r\n\t\r\n\t\t$ExpTime = (Get-Date).AddMinutes(10).GetDateTimeFormats('s')[0]\r\n\t\t\r\n\t\t$ShedService = New-Object -comobject 'Schedule.Service'\r\n\t\t$ShedService.Connect('localhost')\r\n\r\n\t\t$Task = $ShedService.NewTask(0)\r\n\t\t$Task.RegistrationInfo.Description = 'Temporary User Sim Task'\r\n\t\t$Task.Settings.Enabled = $true\r\n\t\t$Task.Settings.AllowDemandStart = $true\r\n\t\t$Task.Settings.DeleteExpiredTaskAfter = 'PT5M'\r\n\r\n\t\t$trigger = $Task.Triggers.Create(11)\r\n\t\t$trigger.Enabled = $true\r\n\t\t$trigger.UserId = $TaskUser\r\n\t\t$trigger.StateChange = 3\r\n\t\t$trigger.EndBoundary = $ExpTime\r\n\t\t\r\n\t\t$trigger2 = $Task.Triggers.Create(9)\r\n\t\t$trigger2.Enabled = $true\r\n\t\t$trigger2.UserId = $TaskUser\r\n\t\t$trigger2.EndBoundary = $ExpTime\r\n\r\n\t\t$action = $Task.Actions.Create(0)\r\n\t\t$action.Path = \"powershell\"\r\n\t\t$action.Arguments = $TaskArguments\r\n\r\n\t\t$taskFolder = $ShedService.GetFolder(\"\\\")\r\n\t\t$taskFolder.RegisterTaskDefinition(\"UserSim\", $Task , 6, $TaskUser, $TaskPassword, 3)\r\n\t}\r\n\t\r\n\tInvoke-Command -ScriptBlock $RemoteStart -ArgumentList @($TaskArguments, $TaskUser, $TaskPassword) -ComputerName $RemoteHost\r\n}\r\n\r\nfunction Invoke-ConfigureHosts {\r\n<#\r\n.SYNOPSIS\r\n\r\nConfigure remote hosts in preperation for Invoke-UserSimulator\r\n\r\n.DESCRIPTION\r\n\r\nSets some registry keys to allow programatic access to Outlook and prevent the \"welcome\" window\r\nin Internet Explorer. Also adds the user to run as to the \"Remote Desktop Users\" group on the\r\nremote computer.\r\n\r\n.PARAMETER ConfigXML\r\n\r\nThe configuration xml file to use for host configuration on remote hosts.\r\n\r\n.EXAMPLE\r\n\r\nImport the script modules:\r\nPS>Import-Module .\\Invoke-UserSimulator.ps1\r\n\r\nConfigure remote hosts prior to running the script remotely:\r\nPS>Invoke-ConfigureHosts -ConfigXML .\\config.xml\r\n\r\n#>\r\n Param(\r\n\t\t[Parameter(Position = 0, Mandatory=$True)]\r\n\t\t[String]$ConfigXML\r\n )\r\n\r\n If (!$ConfigXML) {\r\n\t\t\tWrite-Host \"Please provide a configuration file with '-ConfigXML' flag.\"\r\n\t\t\tBreak\r\n\t} else {\r\n [xml]$XML = Get-Content $ConfigXML\r\n\r\n $XML.usersim.client | ForEach-Object {\r\n\r\n\t $myHost = $_.host\r\n\t $username = $_.username\r\n $domain = $_.domain\r\n $domUser = \"$domain\\$username\"\r\n\r\n $configBlock = {\r\n Param(\r\n\t\t [Parameter(Position = 0, Mandatory=$True)]\r\n\t\t [String]$domuser\r\n )\r\n net localgroup \"Remote Desktop Users\" $domuser /add\r\n\r\n $registryPath = \"HKLM:\\SOFTWARE\\Microsoft\\Office\\ClickToRun\\REGISTRY\\MACHINE\\Software\\Wow6432Node\\Microsoft\\Office\\16.0\\Outlook\\Security\"\r\n New-Item -Path $registryPath -Force\r\n Set-ItemProperty -Path $registryPath -Name ObjectModelGuard -Value 2 -Type DWord\r\n\r\n $registryPath = \"HKLM:\\SOFTWARE\\Microsoft\\Office\\ClickToRun\\REGISTRY\\MACHINE\\Software\\Microsoft\\Office\\16.0\\Outlook\\Security\"\r\n New-Item -Path $registryPath -Force\r\n Set-ItemProperty -Path $registryPath -Name ObjectModelGuard -Value 2 -Type DWord\r\n\r\n $registryPath = \"HKLM:\\Software\\Policies\\Microsoft\\Internet Explorer\\Main\"\r\n New-Item -Path $registryPath -Force\r\n Set-ItemProperty -Path $registryPath -Name DisableFirstRunCustomize -Value 1\r\n }\r\n\t\t\t\r\n Invoke-Command -ScriptBlock $configBlock -ArgumentList $domuser -ComputerName $myHost\r\n }\r\n }\r\n}" }, { "path": "README.md", "content": "# Invoke-UserSimulator\nSimulates common user behaviour on local and remote Windows hosts.\n\nInvoke-UserSimulator is a tool developed with the aim of improving the realism of penetration testing labs (or other lab environments) to more accurately mirror a real network with users that create various types of traffic. Currently supported user behaviours the tool simulates are:\n\n**Internet Explorer Browsing -** Creates an IE process and browses to a psuedo-random URL, then spiders the page for additional links to browse to. Simulates a user browsing the internet and creating web traffic on the network. \n\n**Mapping Shares -** Generates a random share name, and attempts to map it to the \"K\" drive. Creates LLMNR traffic on the network, allowing capturing network credentials via MitM attacks (Responder).\n\n**Opening Emails -** Creates and Outlook COM object and iterates through any unread mail of the logged in user. Downloads and executes any attachments, and browses to any embedded links in IE.\n\nThe script can be run on a local server, or numerous remote hosts at once. For running on remote hosts, the script includes a configuration function to preconfigure Remote Desktop Users and various \n\n### Requirements:\n**Windows -** The tool should work with any recent versions of Microsoft Windows (tested on Windows 7 through Server 2016). There is heavy use of PowerShell remoting, so when working with Windows 7 machines, some additional configuration will be required. \n\n**Microsoft Office -** When running the tool with -All or -Email flags, you'll need to have Outlook installed and configured to properly receive mail. Your users will also need to have working email addresses. If you plan on sending Macro phishing payloads, be sure the rest of the Office suite is installed as well.\n\n### Arguments:\n-Standalone\nDefine if the script should run as a standalone script on the localhost or on remote systems.\n\n-ConfigXML [filepath]\nThe configuration xml file to use for host configuration and when running on remote hosts.\n\n-ALL\nRun all script simulation functions (IE, Shares, Email).\n\n-IE\nRun the Internet Explorer simulation.\n\n-Shares\nRun the mapping shares simulation.\n\n-Email\nRun the opening email simulation.\n\n### Examples:\nImport the script modules:\n\n`PS>Import-Module .\\Invoke-UserSimulator.ps1`\n\nRun only the Internet Explorer function on the local host:\n\n`PS>Invoke-UserSimulator -StandAlone -IE`\n\nConfigure remote hosts prior to running the script remotely:\n\n`PS>Invoke-ConfigureHosts -ConfigXML .\\config.xml`\n\nRun all simulation functionality on remote hosts configured in the config.xml file:\n\n`PS>Invoke-UserSimulator -ConfigXML .\\config.xml -All`\n\n*View the sample.xml file for an example of the file ConfigXML takes.*\n\n### Walkthrough:\nYou can view a video walkthrough of the tool here: https://www.youtube.com/watch?v=lsC8mBKRZrs\n" }, { "path": "sample.xml", "content": "\r\n\r\n\t10.10.12.105\r\n\t\r\n\t\t60\r\n\t\r\n\t\r\n\t\t60\r\n\t\t5\r\n\t\r\n\t\r\n\t\t60\r\n\t\r\n\t\r\n\t\tDESK001.peew.pw\r\n\t\tpeew.pw\r\n\t\tjsmith\r\n\t\tPassw0rd!\r\n\t\r\n\t\r\n\t\tDESK002.peew.pw\r\n\t\tpeew.pw\r\n\t\tawilliams\r\n\t\tQwerty1234\r\n\t\r\n" } ]