v2.12.1

Changelog

Bug fixes:

• e936adc Fix broken attack techniques due to AWS ignoring Semver and pushing cross-services breaking changes in minor versions. This caused several attack techniques to be broken since the last release.

Chores:

• 1237d68 Brew formula update for stratus-red-team version v2.12.0 (#441)
• 43765f2 Bump actions/setup-python from 4.7.0 to 4.7.1 (#446)
• b0722ef Bump alpine from 3.18.4 to 3.18.5 (#442)
• 22b152a Bump docker/build-push-action from 4.1.1 to 5.1.0 (#447)
• 0d44134 Bump docker/login-action from 2.2.0 to 3.0.0 (#444)
• 9442429 Bump github/codeql-action from 2.22.5 to 2.22.8 (#445)
• 246c250 Bump hashicorp/setup-terraform from 2.0.3 to 3.0.0 (#443)

v2.12.0

Changelog

New GCP attack techniques by @vthiery:

• Exfiltrate Compute Image by sharing it
• Exfiltrate Compute Disk by sharing a snapshot

v2.11.2

Changelog

• 1a5eb9e Bump goreleaser-action version
• 01e7211 Fix goreleaser permissions (#437)
• 6178c7e Specify goreleaser version
• 3836a89 Update .goreleaser.yaml
• 5dd9ea0 Update .goreleaser.yaml
• 92d9596 Update .goreleaser.yaml
• 971a4aa Update .goreleaser.yaml (#436)

v2.11.1

Changelog

• 65fdf7d Brew formula update for stratus-red-team version v2.11.0
• 5fe7da0 Have GoReleaser send a PR for homebrew updates (#435)

v2.11.0

Changelog

• 790feb6 AWS: Dump secrets through Secret Manager's new BatchGetSecretValue (#434) - https://stratus-red-team.cloud/attack-techniques/AWS/aws.credential-access.secretsmanager-batch-retrieve-secrets/
• 39e6b46 Improve Makefile for better maintanability (#432)

v2.10.2

Changelog

• b986a31 Bump Terraform Kubernetes provider to support recent K8s versiont that don't create service account token secrets by default (#429)
• 584fd30 Bump actions/checkout from 3.5.3 to 4.1.1 (#425)
• ea64abf Bump actions/setup-go from 4.0.1 to 4.1.0 (#404)
• 0ca9918 Bump alpine from 3.18.2 to 3.18.4 (#415)
• d401f1d Bump github/codeql-action from 2.21.2 to 2.22.5 (#426)
• 4ff659c Bump golang.org/x/net from 0.7.0 to 0.17.0 in /v2 (#422)
• 5ea4572 Bump goreleaser/goreleaser-action from 4.3.0 to 5.0.0 (#417)
• e041684 Bump step-security/harden-runner from 2.5.0 to 2.6.0 (#424)

v2.10.1

Changelog

• b986a31 Bump Terraform Kubernetes provider to support recent K8s versiont that don't create service account token secrets by default (#429)
• 584fd30 Bump actions/checkout from 3.5.3 to 4.1.1 (#425)
• ea64abf Bump actions/setup-go from 4.0.1 to 4.1.0 (#404)
• 0ca9918 Bump alpine from 3.18.2 to 3.18.4 (#415)
• d401f1d Bump github/codeql-action from 2.21.2 to 2.22.5 (#426)
• 4ff659c Bump golang.org/x/net from 0.7.0 to 0.17.0 in /v2 (#422)
• 5ea4572 Bump goreleaser/goreleaser-action from 4.3.0 to 5.0.0 (#417)
• e041684 Bump step-security/harden-runner from 2.5.0 to 2.6.0 (#424)

v2.10.0

Changelog

• d151fe9 New attack technique: Persistence AWS Lambda Layer Extension (#427) by @adanalvarez

v2.9.0

Changelog

New feature: Stratus Red Team now features 3 attack techniques to simulate ransomware activity.

• S3 Ransomware through individual file deletion
• S3 Ransomware through batch file deletion
• S3 Ransomware through client-side encryption

Docs:

• c5521ab Azure run command: add reference to CrowdStrike report (#396)

Chores:

• 6baedec Bump actions/setup-python from 4.6.1 to 4.7.0 (#394)
• e34ab33 Bump docker/build-push-action from 4.0.0 to 4.1.1 (#393)
• b16df30 Bump github/codeql-action from 2.3.5 to 2.21.2 (#391)
• d7b9207 Bump step-security/harden-runner from 2.4.1 to 2.5.0 (#392)

v2.8.2

Changelog

Enhancements:

• bb96865 Allow customizing the attacker e-mail in gcp.exfiltration.share-compute-disk (#386)
• Add several community blog posts in the README