Skip to content

v1.3.4

Latest
Latest
Compare
Choose a tag to compare
@beatro0t beatro0t released this 25 Aug 12:49
v1.3.4
b5eec74

Bug Fixes

  • Fixes inoperable UI redact selection
  • Fixes UI database URI generation issue with non-standard ports
  • Fixes UI search highlighting
  • Fixes profile --create creation bug
  • Fixes unhandled IllegalLocationConstraintException and UnauthorizedOperation ingestion exceptions
  • Fixes unhandled error when EC2 instance user data is unavailable (thanks @bytebutcher)
  • Fixes inability to load multiline CSV data
  • Fixes erroneous non-dependent source node attack exclusion
  • Fixes Grants and CreateAction attack definition option interoperability
  • Fixes attack computation off-by-one logic error
  • Fixes ignored action conditions in attack definition Cypher values
  • Fixes discovered attacks tally
  • Fixes inadvertent Generic Policy deletion
  • Fixes console message style overlap

Improvements

  • Upgrades Neo4j from 3.5.13 to 4.3.2
  • Adds Neo4j APOC support
  • Updates Ingestor resource model logic
  • Adds NatGateway EC2 ingestion support
  • Adds EC2 PlacementGroup Instance associations
  • Removes redundant RouteTable associations
  • Adds explicit Admin relationship to all resources
  • Adds UI search re-add and resource selection functionality
  • Adds UI tag-based resource searching
  • Adds UI PermissionsBoundary property resolution and edge stylization
  • Updates dynamic graph stylization
  • Adds AffectsGeneric attack definition option
  • Adds ordering by --only-attacks if specified
  • Adds support for list-based attack definition Descriptions
  • Standardizes CreatePolicy attack logic
  • Adds caching logic for attack definition translation
  • Removes profile notice from --verbose
  • Adds console tasklist support for function-based wait and done parameters
  • Adds UI search visibility toggling using Ctrl + s

Other Changes

  • Defaults ingestion to --verbose (graphical output replaced with --pretty)
  • Updates UI graph defaults to display unknown nodes and edges
  • Updates attack placeholder syntax from ${A}.B to ${A.B}
  • Updates attack pruning to remove patterns with outdegree 0
  • Updates UI path searching to incorporate weight (deprecates some attack pruning logic)
  • Removes Domain principal exclusion
  • Removes legacy Grants option from CreateRole attack definition
  • Removes User Depends from CreateGroup attack definition
  • Updates attack definition placeholder regex
  • Updates the ARN for Effective Admin
  • Updates the hotkey for running an advanced query to Ctrl + enter
  • Fixes spelling mistake in cli.py (thanks @dmyates)

Contributors

dmyates and bytebutcher
Assets 2
Loading