Spencer McIntyre

To be honest we're not exactly taking feature requests right now.

From the change log, this would be a bit of a deal breaker for us since we are pinned to 3.4 support for the Windows build. ``` * Deprecated support...

I like it. I think I'll end up changing it to be `client.visits` where it's then an array of visit objects. That would change the first line to `client.visits[-1].ip !=...

Yeah, we'll just need a review from someone. @securestate/king-phisher any takers?

Pretty sure that one issue is that the payload is so large due to being encoded 1000 times that this line below causes `addressOfEntryPoint` to be negative. https://github.com/rapid7/metasploit-framework/blob/2f1949d02101e17cbdf62dfc2ff1aeaccdc9fc62/lib/msf/util/exe.rb#L420 It doesn't...

It's possible and I've been asked about it before. It would just be *alot* of work.

The ideal implementation would likely involve: 1) A new function / callable datatype. New data types are *a lot* of work. 2) Parser support for making a function call. 3)...

Yeah you'd want to use a rule like this: `event.title and [item for item in event.items if item&['computerinfo'] and [resource for resource in item['computerinfo']['resources'] if resource&['companyassigned'] == 'Yes']]` That leverages...

Let me think about it. I'll admit I like the syntax you're proposing. I think I could make it backwards compatible and relatively intuitive if I used `#` instead of...

Alright, I've given this alot of thought and I think the best way to move forward with this is to separate out the command and parsing logic a bit more....