Alex Flores

How do feel about the pattern that some file transfer client and programs like vim use to handle this; preceding the local command with a `!`? ie: `!ls` or `!taskkill`

I use graftcp for this. Proxychains uses LDPRELOAD to hijack linked library calls. Go binaries don't use linked libs, so it doesn't work. Graftcp will hijack syscalls, though, to achieve...

@eth0izzle does your ideal implementation 1. replace yaml with YARA? 2. add yara as an option, leaving yaml? 3. add yara as the new default, making yaml optional? For 2...

Could also potentially use both. Since yara won't do filename or extension matching, perhaps we leave the yaml config file for the `filename` and `extension` `parts`. Eliminate `contents` as a...

I haven't @eth0izzle. Just spent some of today reading through the project, getting a feel for where I'd put the code for each option. Glad I checked!

Would certainly make it easier. ... I started typing some other ideas, re-read them, and deleted them with extreme prejudice. It involved words like 'wrap with cgo', 'precompile', 'shellcode', and...

Oh awesome! Initial reports: - Had to delete `outputs.raw` from `config.yaml` to get it to run. It was yelling at me about a missing key. - With `outputs.file.path` and `outputs.file.type`...

WIPing this after discussion in #635

I changed logon type we're passing to `LogonUser` to LOGON_INTERACTIVE and appears to be working now. According to MSDN re: LOGON_NEW_CREDENTIALS > This logon type allows the caller to clone...

fysa: LOGON_INTERACTIVE > This logon type is intended for users who will be interactively using the computer, such as a user being logged on by a terminal server, remote shell,...