Skip to content

Releases: DataDog/stratus-red-team

v2.5.2

08 Mar 19:40
590516a
Compare
Choose a tag to compare

Changelog

Bug fixes:

  • c6e1f68 Fix max duration parameter of RolesAnywhere attack technique (closes #331) (#332)

Docs:

  • 370a454 Add references to aws.persistence.iam-create-admin-user
  • c098e26 Add references to aws.persistence.iam-create-user-login-profile

Chores:

  • fad1e4a Brew formula update for stratus-red-team version v2.5.1
  • bb3b3e3 Bump actions/checkout from 3.2.0 to 3.3.0 (#328)
  • ca0ad37 Bump actions/upload-artifact from 3.1.0 to 3.1.2 (#329)
  • c513cfe Bump alpine from 3.17.1 to 3.17.2 (#325)
  • d1fd5a3 Bump dominikh/staticcheck-action from 1.2.0 to 1.3.0 (#326)
  • d4ac89a Bump github/codeql-action from 2.2.1 to 2.2.5 (#330)
  • 590516a Bump golang from 1.19.5-alpine3.16 to 1.20.1-alpine3.16 (#324)
  • eb63922 Bump golang.org/x/net in /v2 (#320)
  • efc8da3 Bump golang.org/x/text from 0.3.7 to 0.3.8 in /v2 (#316)
  • 48f0fe5 Bump step-security/harden-runner from 2.1.0 to 2.2.0 (#327)

v2.5.1

13 Feb 08:17
52e2381
Compare
Choose a tag to compare

Changelog

Bug fixes:

Documentation:

  • 52e2381 Added a "Community" section in README

Chores:

  • c8dbe33 Brew formula update for stratus-red-team version v2.5.0
  • 3e1d65c Bump actions/setup-python from 4.4.0 to 4.5.0 (#311)
  • 6ac9945 Bump alpine from 3.17.0 to 3.17.1 (#306)
  • 05b51d2 Bump docker/build-push-action from 3.2.0 to 4.0.0 (#307)
  • a4eea38 Bump github/codeql-action from 2.1.37 to 2.2.1 (#309)
  • 5dfc3b4 Bump golang from 1.19.4-alpine3.16 to 1.19.5-alpine3.16 (#312)
  • a7bf413 Bump ossf/scorecard-action from 2.0.4 to 2.1.2 (#308)
  • 51e58b8 Bump step-security/harden-runner from 2.0.0 to 2.1.0 (#310)

v2.5.0

30 Jan 21:58
b08d3b9
Compare
Choose a tag to compare

Changelog

Enhancements:

  • bedcae3 Properly encapsulate providers to allow for different detonation UUIDs (#295)

Bug fixes:

  • fad7958 Fix GCP attack technique failing to impersonate service accounts (clo… (#304)
  • f74f1d2 Fix GCP attack technique name length (closes #294) (#303)
  • b08d3b9 Fix broken GCP technique (#305)
  • f969b77 Fix incorrect length in name generation of gcp.privilege-escalation.impersonate-service-accounts (closes #296) (#297)
  • 106b04f Fix resource name lengths in Azure attack techniques (closes #301) (#302)

Chores and minor changes:

  • 8e86722 Bump actions/checkout from 3.1.0 to 3.2.0 (#288)
  • 29a132e Bump actions/setup-go from 3.3.0 to 3.5.0 (#287)
  • cbb315f Bump actions/setup-python from 4.3.0 to 4.4.0 (#289)
  • 176333c Bump github/codeql-action from 2.1.29 to 2.1.37 (#286)
  • 1ebed0a Bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 (#285)
  • 0021dc2 Bump step-security/harden-runner from 1.5.0 to 2.0.0 (#290)
  • c76e8d9 Update revert log message in Azure disk exfiltration attack technique (#300)

v2.4.10

07 Dec 11:35
f193d0a
Compare
Choose a tag to compare

Changelog

Bug fixes:

  • f193d0a Remove requirement for default VPC and default subnets from aws.exfiltration.rds-share-snapshot. Add output indicating if an attack technique is slow (#284). Thanks @briandefiant for the contribution!

Misc:

  • cc6941e Bump alpine from 3.16.2 to 3.17.0 (#281)
  • 8c82f31 Bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 (#282)
  • 685f847 Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3 (#283)

v2.4.9

22 Nov 10:32
26ea6d4
Compare
Choose a tag to compare

Changelog

Bug fixes:

  • Fix roles trust policy in some edge cases for 4 attack techniques (#224), thanks @mario-areias!

Enhancements:

Other:

  • Bump dependencies
  • Add Terraform linting in CI
  • make docs now generates a YAML file with all available attack techniques (#218), thanks @mario-areias!)

v2.4.8

30 Sep 15:13
021f27f
Compare
Choose a tag to compare

Changelog

  • 4898e6b Allow dependabot to open up to 20 PRs for Go dependencies
  • f70e4c5 Brew formula update for stratus-red-team version v2.4.6
  • 1d95a22 Bump actions/setup-go from 2.2.0 to 3.3.0 (#197)
  • 26d4979 Bump actions/setup-python from 2.3.2 to 4.2.0 (#196)
  • 4e52781 Bump actions/upload-artifact from 3.0.0 to 3.1.0 (#199)
  • e3bb532 Bump github.com/Azure/azure-sdk-for-go/sdk/azcore in /v2 (#206)
  • 42cb865 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity in /v2 (#215)
  • a969f83 Bump github.com/aws/aws-sdk-go-v2/service/ec2 in /v2 (#203)
  • 1929d18 Bump github.com/aws/aws-sdk-go-v2/service/lambda in /v2 (#216)
  • 695caa9 Bump github.com/aws/aws-sdk-go-v2/service/organizations in /v2 (#209)
  • 36974bb Bump github.com/aws/aws-sdk-go-v2/service/rds in /v2 (#205)
  • 6675a2a Bump github.com/aws/aws-sdk-go-v2/service/rolesanywhere in /v2 (#200)
  • 021f27f Bump github.com/aws/aws-sdk-go-v2/service/s3 in /v2 (#212)
  • 7aeb23d Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager in /v2 (#204)
  • 9179402 Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.20.0 to 1.30.0 in /v2 (#201)
  • 347550c Bump github.com/hashicorp/go-version from 1.5.0 to 1.6.0 in /v2 (#217)
  • 2f573b9 Bump github.com/hashicorp/hc-install from 0.3.2 to 0.4.0 in /v2 (#202)
  • b05d1ad Bump github.com/hashicorp/terraform-exec from 0.15.0 to 0.17.3 in /v2 (#214)
  • ff3e281 Bump github.com/jedib0t/go-pretty/v6 from 6.2.4 to 6.3.9 in /v2 (#211)
  • 6b920a4 Bump github.com/stretchr/testify from 1.7.0 to 1.8.0 in /v2 (#213)
  • 7449f32 Bump github/codeql-action from 1.0.26 to 2.1.26 (#198)
  • 3671957 Bump google.golang.org/api from 0.63.0 to 0.98.0 in /v2 (#207)
  • 4050fd7 Bump k8s.io/apimachinery from 0.23.3 to 0.25.2 in /v2 (#208)
  • 1b12ae5 Change badge order in README
  • 9f614af Change dependabot interval to 'daily'

v2.4.7

30 Sep 13:36
021f27f
Compare
Choose a tag to compare

Changelog

Chores - update dependencies:

  • 4898e6b Allow dependabot to open up to 20 PRs for Go dependencies
  • f70e4c5 Brew formula update for stratus-red-team version v2.4.6
  • 1d95a22 Bump actions/setup-go from 2.2.0 to 3.3.0 (#197)
  • 26d4979 Bump actions/setup-python from 2.3.2 to 4.2.0 (#196)
  • 4e52781 Bump actions/upload-artifact from 3.0.0 to 3.1.0 (#199)
  • e3bb532 Bump github.com/Azure/azure-sdk-for-go/sdk/azcore in /v2 (#206)
  • 42cb865 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity in /v2 (#215)
  • a969f83 Bump github.com/aws/aws-sdk-go-v2/service/ec2 in /v2 (#203)
  • 1929d18 Bump github.com/aws/aws-sdk-go-v2/service/lambda in /v2 (#216)
  • 695caa9 Bump github.com/aws/aws-sdk-go-v2/service/organizations in /v2 (#209)
  • 36974bb Bump github.com/aws/aws-sdk-go-v2/service/rds in /v2 (#205)
  • 6675a2a Bump github.com/aws/aws-sdk-go-v2/service/rolesanywhere in /v2 (#200)
  • 021f27f Bump github.com/aws/aws-sdk-go-v2/service/s3 in /v2 (#212)
  • 7aeb23d Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager in /v2 (#204)
  • 9179402 Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.20.0 to 1.30.0 in /v2 (#201)
  • 347550c Bump github.com/hashicorp/go-version from 1.5.0 to 1.6.0 in /v2 (#217)
  • 2f573b9 Bump github.com/hashicorp/hc-install from 0.3.2 to 0.4.0 in /v2 (#202)
  • b05d1ad Bump github.com/hashicorp/terraform-exec from 0.15.0 to 0.17.3 in /v2 (#214)
  • ff3e281 Bump github.com/jedib0t/go-pretty/v6 from 6.2.4 to 6.3.9 in /v2 (#211)
  • 6b920a4 Bump github.com/stretchr/testify from 1.7.0 to 1.8.0 in /v2 (#213)
  • 7449f32 Bump github/codeql-action from 1.0.26 to 2.1.26 (#198)
  • 3671957 Bump google.golang.org/api from 0.63.0 to 0.98.0 in /v2 (#207)
  • 4050fd7 Bump k8s.io/apimachinery from 0.23.3 to 0.25.2 in /v2 (#208)
  • 1b12ae5 Change badge order in README
  • 9f614af Change dependabot interval to 'daily'

v2.4.6

30 Sep 10:19
Compare
Choose a tag to compare

Changelog

CI tests and hardening. No functional changes.

v2.4.5

30 Sep 09:12
18fb16a
Compare
Choose a tag to compare

Changelog

CI tests and hardening. No functional changes.

v2.4.4

30 Sep 09:08
18fb16a
Compare
Choose a tag to compare

Changelog

CI tests and hardening. No functional changes.