Getting started on Windows

A guide to installing and using AtomicTestHarnesses.

Contents

• Contents
• Prepare your environment
• Install AtomicTestHarnesses
  • Installing from the PowerShell Gallery
  • Installing as an auto-loaded module
  • Installing as an explicit import
  • Fixing common problems
• Explore AtomicTestHarnesses
• Next steps

Prepare your environment

Before you install AtomicTestHarnesses, make sure you have the following:

• PowerShell version 5 or later. See Installing PowerShell for more information.
• Permission to test. Always ask your environment owner for permission before executing a test.

Install AtomicTestHarnesses

There are three ways to install AtomicTestHarnesses: from the PowerShell Gallery, from GitHub as an auto-loaded module, or from GitHub as an explicit import.

Installing from the PowerShell Gallery

For most users, installing AtomicTestHarnesses from the PowerShell Gallery is the most straightforward method.

Open PowerShell and run the following command:

Install-Module -Name AtomicTestHarnesses -Scope CurrentUser

Installing as an auto-loaded module

To auto-load AtomicTestHarnesses, download the repository from GitHub and place it in a module directory. There are multiple module directories by default, each with their own scope and permissions. For example, to make AtomicTestHarnesses available to all users, copy AtomicTestHarnesses to %ProgramFiles%\WindowsPowerShell\Modules.

You can view a list of available directories by executing the following command:

(Get-Item Env:\PSModulePath).Value.Split(';')

Installing as an explicit import

To explicity import AtomicTestHarnesses, download the repository from GitHub and call Import-Module on the AtomicTestHarnesses.psd1 file. For example:

Import-Module C:\Users\Test\Desktop\AtomicTestHarnesses\AtomicTestHarnesses.psd1

Fixing common problems

If you download AtomicTestHarnesses from GitHub, your machine might mark the module as untrustworthy. You can unmark the module by executing the following command:

Get-ChildItem -Path Path\To\AtomicTestHarnesses -Recurse | Unblock-File

If you're explicitly importing AtomicTestHarnesses and your machine has Pester version 3.4.0, you'll need to call Import-Module with the -SkipPublisherCheck and -Force flags enabled. For example:

Import-Module C:\Users\Test\Desktop\AtomicTestHarnesses\AtomicTestHarnesses.psd1 -SkipPublisherCheck -Force

Explore AtomicTestHarnesses

After installing the module, you can view the list of available functions by running the following command:

Get-Command -Module AtomicTestHarnesses

To learn more about a particular function, run the following:

Get-Help -Name <function name> -Full

Next steps

You can use the functions exposed by Get-Command to test your detection coverage against different attack techniques.

To learn more about using Pester to ensure that your tests run correctly, see Validating tests with Pester.