Each section in the script has a variety of different functions for realising the corresponding tactic. For example, within the ‘Defense Evasion’ tactic, the functions inside include ‘Disable network interface’, ‘Turn off Windows Firewall’ and ‘Clear Security Log’. These functions do exactly as they describe to simulate an adversary performing these actions. These actions can then be run and tested on a machine or network, to see how they cope with these forms of attacks. This allows the user to analyse the affects of an adversary, post-compromise, and help to determine what measures should be in place to mitigate or defend against them.
Below is an excerpt of Bani’s article found on Microsoft’s TechNet blog, showing how to implement Invoke-Adversary. You can find the full article here: https://blogs.technet.microsoft.com/motiba/2018/04/09/invoke-adversary-simulating-adversary-operations/