Public/Get-AttckMalware.ps1

<#
.SYNOPSIS
    Get-AttckMalware gives the user access to all Malware defined within the Mitre ATT&CK framework
.DESCRIPTION
    Get-AttckMalware can access all Malware defined within the Mitre ATT&CK framework.
    You can also select a single Malware object by providing a Name value
.PARAMETER Name
    A argument completer parameter to retrieve data about a specific Malware by Name
.EXAMPLE
    Access All Malware Information
    C:/> Get-AttckMalware
.EXAMPLE
    Retrieve a specific Malware by Name
    C:/> Get-AttckMalware -Name 'Agent Tesla'
.EXAMPLE
    Retrieve which actors use all or specific piece of Malware
    C:/> (Get-AttckMalware -Name 'Agent Tesla').Actors()
.EXAMPLE
    Retrieve which techniques apply to a specific piece of Malware
    C:/> (Get-AttckMalware -Name 'Agent Tesla').Techniques()
.EXAMPLE
    Retrieve a Malware by Id
    C:/> Get-AttckMitigation -Id 'S0071'
.OUTPUTS
    PSAttck.Enterprise.Malware
.NOTES
    Created By: Josh Rickard (MSAdministrator)
    Date: 21JAN2020
#>

function Get-AttckMalware {
    [CmdletBinding(DefaultParameterSetName='malware',
                   PositionalBinding=$false,
                   HelpUri = 'http://www.microsoft.com/')]
    Param (
        # Get a Malware object by name
        [Parameter(Mandatory=$false,
                   Position=0,
                   ValueFromPipeline=$true,
                   ParameterSetName='malware')]
        [string]
        $Name,

        # Get a Malware object by id
        [Parameter(Mandatory=$false,
                   Position=1,
                   ValueFromPipeline=$true,
                   ParameterSetName='malware')]
        [string]
        $Id
    )

    begin {
        Write-Verbose -Message 'Getting AttckMalware Object'
    }

    process {
        $PSAttckJson.objects.ForEach({
            if($_.type -eq 'malware'){
                if ($PSBoundParameters.ContainsKey('Name')){
                    if ($_.name -eq $Name){
                        [EnterpriseMalware]::new($_) | Add-ObjectDetail -TypeName PSAttck.Enterprise.Malware
                    }
                }
                elseif ($PSBoundParameters.ContainsKey('Id')){
                    foreach ($ref in $_.external_references){
                        if ($ref.source_name -eq 'mitre-attack' -and $ref.external_id -eq $Id){
                            [EnterpriseMalware]::new($_) | Add-ObjectDetail -TypeName PSAttck.Enterprise.Malware
                        }
                    }
                }
                else{
                    [EnterpriseMalware]::new($_) | Add-ObjectDetail -TypeName PSAttck.Enterprise.Malware
                }
            }
        })
    }

    end {
    }
}