Skip to content

Commit

Permalink
Merge pull request #168 from ION28/develop
Browse files Browse the repository at this point in the history
Merge Develop to Master for Release v0.4.0-alpha
  • Loading branch information
ION28 authored Feb 8, 2020
2 parents f810bc1 + 3b88e14 commit 3b8c797
Show file tree
Hide file tree
Showing 123 changed files with 5,044 additions and 1,713 deletions.
1 change: 1 addition & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
*.vcxproj.filters merge=union
9 changes: 5 additions & 4 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,21 +15,22 @@ jobs:
strategy:
matrix:
buildtype: [Release, Debug]
buildarch: [x64, x86]

runs-on: windows-2019

steps:
- uses: actions/checkout@v1

- name: Update submodules
run: git submodule update --init --recursive
run: git submodule update --init --recursive --remote

- name: Build BLUESPAWN-client
run: |
"%ProgramFiles(x86)%\Microsoft Visual Studio\2019\Enterprise\MSBuild\Current\Bin\MSBuild.exe" BLUESPAWN.sln /p:Configuration=${{ matrix.buildtype }}
"%ProgramFiles(x86)%\Microsoft Visual Studio\2019\Enterprise\MSBuild\Current\Bin\MSBuild.exe" BLUESPAWN.sln /p:Configuration=${{ matrix.buildtype }} /p:Platform=${{ matrix.buildarch }}
shell: cmd

- uses: actions/upload-artifact@master
with:
name: BLUESPAWN-client-${{ matrix.buildtype }}
path: artifacts\x64\${{ matrix.buildtype }}\BLUESPAWN-client.exe
name: BLUESPAWN-client-${{ matrix.buildarch }}-${{ matrix.buildtype }}
path: artifacts\${{ matrix.buildarch }}\${{ matrix.buildtype }}\BLUESPAWN-client.exe
5 changes: 4 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
.vs/
build/
artifacts/
BLUESPAWN-client/external/
BLUESPAWN-client/external/
*.user
*.filters
*.cache
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,6 @@
[submodule "BLUESPAWN-client/external/krabsetw"]
path = BLUESPAWN-client/external/krabsetw
url = https://github.com/microsoft/krabsetw
[submodule "BLUESPAWN-client/external/pe-sieve"]
path = BLUESPAWN-client/external/pe-sieve
url = https://github.com/hasherezade/pe-sieve
66 changes: 49 additions & 17 deletions BLUESPAWN-client/BLUESPAWN-client.vcxproj
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?>
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
Expand All @@ -19,26 +19,42 @@
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClInclude Include="external\pe-sieve\include\pe_sieve_types.h" />
<ClInclude Include="headers\hunt\Hunt.h" />
<ClInclude Include="headers\hunt\HuntInfo.h" />
<ClInclude Include="headers\hunt\HuntRegister.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1004.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1037.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1050.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1055.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1060.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1100.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1101.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1103.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1131.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1138.h" />
<ClInclude Include="headers\hunt\hunts\HuntT1182.h" />
<ClInclude Include="headers\hunt\RegistryHunt.hpp" />
<ClInclude Include="headers\hunt\hunts\HuntT1183.h" />
<ClInclude Include="headers\hunt\reaction\HuntTrigger.h" />
<ClInclude Include="headers\hunt\reaction\RemoveValue.h" />
<ClInclude Include="headers\hunt\reaction\SuspendProcess.h" />
<ClInclude Include="headers\hunt\RegistryHunt.h" />
<ClInclude Include="headers\hunt\Scope.h" />
<ClInclude Include="headers\mitigation\Mitigation.h" />
<ClInclude Include="headers\mitigation\MitigationRegister.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateM1025.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateM1042-LLMNR.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateM1042-NBT.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateM1042-WSH.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV1093.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV1153.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV3338.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV63597.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV63817.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV63825.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV63829.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV72753.h" />
<ClInclude Include="headers\mitigation\mitigations\MitigateV73519.h" />
<ClInclude Include="headers\monitor\ETW_Wrapper.h">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
Expand All @@ -51,8 +67,10 @@
<ClInclude Include="headers\user\iobase.h" />
<ClInclude Include="headers\util\configurations\CollectInfo.h" />
<ClInclude Include="headers\util\configurations\Registry.h" />
<ClInclude Include="headers\util\configurations\RegistryValue.h" />
<ClInclude Include="headers\util\configurations\ScheduledTasks.h" />
<ClInclude Include="headers\util\eventlogs\EventLogs.h" />
<ClInclude Include="headers\util\eventlogs\EventSubscription.h" />
<ClInclude Include="headers\util\filesystem\FileSystem.h" />
<ClInclude Include="headers\util\log\CLISink.h" />
<ClInclude Include="headers\util\log\DebugSink.h" />
Expand All @@ -68,12 +86,7 @@
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClInclude>
<ClInclude Include="headers\util\pe\Image_Loader.h">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClInclude>
<ClInclude Include="headers\util\pe\Image_Loader.h" />
<ClInclude Include="headers\util\pe\Import_Section.h">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
Expand Down Expand Up @@ -382,6 +395,8 @@
<ClInclude Include="grpc\generated\ReactionData.pb.h" />
<ClInclude Include="grpc\generated\ServerServices.grpc.pb.h" />
<ClInclude Include="grpc\generated\ServerServices.pb.h" />
<ClInclude Include="headers\util\processes\ProcessChecker.h" />
<ClInclude Include="headers\util\processes\ProcessUtils.h" />
</ItemGroup>
<ItemGroup>
<ClCompile Include="grpc\generated\ReactionData.grpc.pb.cc">
Expand Down Expand Up @@ -413,19 +428,35 @@
<ClCompile Include="src\hunt\hunts\HuntT1004.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1037.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1050.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1055.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1060.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1100.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1101.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1103.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1131.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1138.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1182.cpp" />
<ClCompile Include="src\hunt\hunts\HuntT1183.cpp" />
<ClCompile Include="src\hunt\reaction\HuntTrigger.cpp" />
<ClCompile Include="src\hunt\reaction\RemoveValue.cpp" />
<ClCompile Include="src\hunt\reaction\SuspendProcess.cpp" />
<ClCompile Include="src\hunt\RegistryHunt.cpp" />
<ClCompile Include="src\hunt\Scope.cpp" />
<ClCompile Include="src\mitigation\Mitigation.cpp" />
<ClCompile Include="src\mitigation\MitigationRegister.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateM1025.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateM1042-LLMNR.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateM1042-NBT.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateM1042-WSH.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV1093.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV1153.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV3338.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV63597.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV63817.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV63825.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV63829.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV72753.cpp" />
<ClCompile Include="src\mitigation\mitigations\MitigateV73519.cpp" />
<ClCompile Include="src\monitor\etw\ETW_Wrapper.cpp">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
Expand All @@ -436,8 +467,10 @@
<ClCompile Include="src\user\BLUESPAWN.cpp" />
<ClCompile Include="src\user\CLI.cpp" />
<ClCompile Include="src\util\configurations\CollectInfo.cpp" />
<ClCompile Include="src\util\configurations\Registry.cpp" />
<ClCompile Include="src\util\eventlogs\EventLogs.cpp" />
<ClCompile Include="src\util\configurations\RegistryKey.cpp" />
<ClCompile Include="src\util\configurations\RegistryValue.cpp" />
<ClCompile Include="src\util\eventlogs\EventSubscription.cpp" />
<ClCompile Include="src\util\filesystem\FileSystem.cpp" />
<ClCompile Include="src\util\log\CLISink.cpp" />
<ClCompile Include="src\util\log\DebugSink.cpp" />
Expand All @@ -451,12 +484,7 @@
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClCompile>
<ClCompile Include="src\util\pe\Image_Loader.cpp">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClCompile>
<ClCompile Include="src\util\pe\Image_Loader.cpp" />
<ClCompile Include="src\util\pe\Import_Section.cpp">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
Expand Down Expand Up @@ -490,21 +518,25 @@
<ClCompile Include="src\util\processes\Analyzer.cpp" />
<ClCompile Include="src\hunt\reaction\ReactLog.cpp" />
<ClCompile Include="src\hunt\reaction\Reaction.cpp" />
<ClCompile Include="src\util\processes\ProcessUtils.cpp" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\BLUESPAWN-common\CommonLib.vcxproj">
<Project>{25ae1d80-3e17-4e1d-bfb4-8afb375ebaf1}</Project>
</ProjectReference>
<ProjectReference Include="pe-sieve.vcxproj">
<Project>{bec01f8e-5892-3f6f-a741-5bbd1d0f4ef9}</Project>
</ProjectReference>
</ItemGroup>
<ItemDefinitionGroup>
<BuildLog>
<Path>$(SolutionDir)build\$(PlatformTarget)\$(Configuration)\$(MSBuildProjectName).log</Path>
</BuildLog>
<ClCompile>
<AdditionalIncludeDirectories>$(SolutionDir)BLUESPAWN-client\external\krabsetw\krabs;$(SolutionDir)BLUESPAWN-client\external\cxxopts\include;$(SolutionDir)BLUESPAWN-client\external\boost;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
<AdditionalIncludeDirectories>$(SolutionDir)BLUESPAWN-client\external\pe-sieve\include;$(SolutionDir)BLUESPAWN-client\external\krabsetw\krabs;$(SolutionDir)BLUESPAWN-client\external\cxxopts\include;$(SolutionDir)BLUESPAWN-client\external\boost;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
</ClCompile>
<Link>
<AdditionalDependencies>Secur32.lib;DbgHelp.lib;Wintrust.lib;%(AdditionalDependencies)</AdditionalDependencies>
<AdditionalDependencies>Secur32.lib;DbgHelp.lib;Wintrust.lib;Shlwapi.lib;%(AdditionalDependencies)</AdditionalDependencies>
</Link>
</ItemDefinitionGroup>
<PropertyGroup Label="Globals">
Expand Down
Loading

0 comments on commit 3b8c797

Please sign in to comment.