Releases: DataDog/stratus-red-team
Releases · DataDog/stratus-red-team
v2.19.1
Changelog
- ced3b50 Brew formula update for stratus-red-team version v2.19.0 (#586)
- 2313a93 Bump actions/checkout from 4.2.0 to 4.2.2 (#589)
- 50a20a9 Bump actions/setup-go from 5.0.2 to 5.1.0 (#592)
- 41e3d44 Bump actions/setup-python from 5.2.0 to 5.3.0 (#588)
- cadcccf Bump actions/upload-artifact from 4.4.0 to 4.4.3 (#590)
- 6c86e1a Bump github/codeql-action from 3.26.10 to 3.27.0 (#587)
- c8b558f Bump golang from 1.21.13-alpine3.20 to 1.23.2-alpine3.20 (#591)
- 79f30e2 [CI] Attempt using a different runner for release job
- fd0755c [CI] Fix Goreleaser timeout
- ab1fcf9 feat(deps): bump s3 deps (#593)
v2.19.0
Changelog
New attack technique by @siigil: Access Virtual Machine using Bastion shareable link (Azure)
Contributors
siigil
Assets 11
v2.18.0
Changelog
New features:
- New attack technique: Invoke Bedrock Model (#581) by @Brucedh and @christophetd
Contributors
christophetd and Brucedh
Assets 11
v2.17.0
1868753
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
Features:
- 5627c46 Entra ID support + AU techniques (#566)
- a76bd4a New AWS attack technique: Update IAM user login profile #554 (#558)
Enhancements:
- 0381e8b Add Grimoire detonation datasets to the docs (#547)
- 7afda93 Add ransomware references (#553)
- 080eec0 Add references (#556)
Chores:
- 3b43370 Bump actions/setup-python from 5.1.0 to 5.2.0 (#563)
- 96de24c Bump actions/upload-artifact from 4.3.1 to 4.3.3 (#520)
- 44c5f0a Bump actions/upload-artifact from 4.3.3 to 4.4.0 (#561)
- c21e334 Bump alpine from 3.19.1 to 3.20.1 (#528)
- 027ecbb Bump alpine from 3.20.1 to 3.20.2 (#560)
- 2cb98b5 Bump docker/build-push-action from 5.1.0 to 6.7.0 (#562)
- 1dc7540 Bump docker/login-action from 3.0.0 to 3.3.0 (#565)
- 5684c67 Bump dominikh/staticcheck-action from 1.3.0 to 1.3.1 (#516)
- 692e188 Bump github/codeql-action from 3.24.9 to 3.25.11 (#529)
- 31661ec Bump hashicorp/setup-terraform from 3.0.0 to 3.1.1 (#521)
- 5a137d5 Bump ossf/scorecard-action from 2.3.1 to 2.4.0 (#564)
- 253a127 Bump step-security/harden-runner from 2.7.0 to 2.8.1 (#530)
- 1868753 remove deprecated goreleaser version
v2.16.0
Changelog
Features:
- Initial support for EKS attack techniques! https://stratus-red-team.cloud/attack-techniques/EKS/
Enhancements:
- 80ca095 Allow specifying context when instantiating Stratus Red Team runners and propagate them down to Terraform (#546)
- aa54ece Stratus Red Team runner: expose interface instead of implementation (#548)
- c9e7ae3 Update aws.defense-evasion.dns-delete-logs.md with current CloudTrail event name (#515)
- cea6917 Updating technique references for Unit42 VM Attack Path article. (#539)
v2.15.0
What's Changed
Features:
- New attack technique: SES enumeration activities by @loresuso in #501
Enhancements:
- Implement better error message when the AWS region or AWS default region is missing by @christophetd in #507
Chores:
- Bump goreleaser/goreleaser-action from 14707cd26fbb4b6c8abf03fb8ea4eb6c59711a62 to c21f56a7bc891b5f73bec61233c4102ef8273150 by @dependabot in #504
- Bump actions/setup-python from 4.7.1 to 5.1.0 by @dependabot in #503
- Bump github/codeql-action from 3.23.2 to 3.24.9 by @dependabot in #502
- Bump google.golang.org/protobuf from 1.28.1 to 1.33.0 in /v2 by @dependabot in #497
- Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #491
- Bump step-security/harden-runner from 2.6.0 to 2.7.0 by @dependabot in #492
New Contributors
Full Changelog: v2.14.0...v2.15.0
Contributors
christophetd, dependabot, and loresuso
Assets 11
v2.14.0
Changelog
Features:
- New AWS attack technique: Delete DNS query logs by @will-giraldo-d (#479)
- New AWS attack technique: Usage of SSM StartSession on multiple instances by @adanalvarez (#477)
- New AWS attack technique: Create a backdoored IAM Role by @adanalvarez (#478)
- New AWS attack technique: Usage of ssm:SendCommand on multiple instances by @christophetd (#482)
Chores:
- Bump alpine from 3.18.5 to 3.19.1 by @dependabot in #475
- Bump actions/upload-artifact from 3.1.2 to 4.3.0 by @dependabot in #474
- Bump goreleaser/goreleaser-action from 44dd9927f499a126e26ae024981569ce889f15aa to 14707cd26fbb4b6c8abf03fb8ea4eb6c59711a62 by @dependabot in #473
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /v2 by @dependabot in #455
- Bump github/codeql-action from 2.22.8 to 3.23.2 by @dependabot in #472
- Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in #459
- Bump ossf/scorecard-action from 2.2.0 to 2.3.1 by @dependabot in #458
Full Changelog: v2.13.0...v2.14.0
Contributors
christophetd, adanalvarez, and 2 other contributors
Assets 11
v2.13.0
Changelog
New attack techniques:
Contributors
adanalvarez
Assets 11
v2.12.3
v2.12.2
Changelog
Enhancements:
- Add sts:TagSession permission to Stratus role by @christofort in #463
New Contributors
- @christofort made their first contribution in #463
Full Changelog: v2.12.1...v2.12.2
Contributors
christofort