Scripting Engine

[ILightThings]

I've been playing around with the idea of integrating a scripting engine.

The biggest barrier to contributions is impackets (or lack of) documentation. Like a lot of large tools (nmap, metasploit, etc), adding a scripting engine would allow for simpler execution of modules. We see a lot of modules being added which although provide value, seem to implement their own way of execution.

Examples are LDAP Queries, Registry queries, Using Powershell for execution, Running RPC Queries.

I think it might be worth exploring implementing a scripting engine to normalize processes to best practices and allow for more contributions will less technical skill.

[Marshall-Hallenbeck]

What sort of scripting engine did you have in mind?

I definitely agree, the modules are a mess. Many were created during the Python2 days and haven't been updated, and the ones we have managed to update recently are still... not great. Not that the code is bad, its that there's a TON of reuse like simply connecting to a remote host, etc.

I think a good solution would be to actually break this functionality out into functions and then modules can just use them, passing around connection objects or whatever, but a scripting engine could be cool - how would that work?

[ILightThings]

Your idea is more or less what the goal would be. Adding an abstraction layer to allows for easier to read code. I don’t have the specific of how the scripting engine would work, but abstraction is a good place to start. 

[sudesh0sudesh]

Hey Guys, Sorry for not asking in right thread in advance.

I am thinking of pushing a slightly not opsec safe module, where it disables defender and enables at the end. Will you guys accept it ?

[ILightThings]

??? You might want to make your own discussion thread.

[sudesh0sudesh]

Will do that, Thank you