Better separation and organization of code in Hunts

ION28 / BLUESPAWN

An Active Defense and EDR software to empower Blue Teams

GNU General Public License v3.0

1.22k stars 169 forks source link

Better separation and organization of code in Hunts #369

Closed ION28 closed 3 years ago

ION28 commented 3 years ago

As hunts grow larger due to subtechniques, add macros/functions to better organize them structurally.

from Jack in Discord

HuntT1555::Subtechnique001(IN CONST Scope& scope){
    SUBTECHNIQUE_INIT(001, Bad Stuff);

    HUNT_SUBSECTION(1, Intensive)
    // do stuff
    HUNT_END_SUBSECTION()

    HUNT_SUBSECTION(2, Normal)
    // do stuff
    HUNT_END_SUBSECTION()

    END_SUBTECHNIQUE()
}

Jack-McDowell commented 3 years ago

Addressed by client-subtechniques in #370