Releases: DataDog/stratus-red-team
Releases · DataDog/stratus-red-team
v2.8.2
v2.8.1
Changelog
Bug fixes:
- 2c89c34 [AWS] Catch the appropriate error in aws.execution.ec2-launch-unusual-instances (closes #387) (#390)
Enhancements:
- 7e125a0 Add link to GCP emulation post
- a7f75e9 Add note on logs generated by console logins (#382)
- 9e71abd Add reference to an attack creating IAM access keys (#384)
- 2ba3ec6 Remove unintentional debug output (#388)
- e9da1c0 Update link to blog post
Chores:
- 01ff63b Bump actions/checkout from 3.5.2 to 3.5.3 (#377)
- 99616fd Bump alpine from 3.18.0 to 3.18.2 (#381)
- d27b459 Bump docker/login-action from 2.1.0 to 2.2.0 (#376)
- 9f27a64 Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (#379)
- c53781b Bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#380)
- 5fd0045 Bump step-security/harden-runner from 2.4.0 to 2.4.1 (#378)
CI fixes:
v2.8.0
Changelog
New GCP attack technique: Backdoor a GCP Service Account through its IAM Policy
v2.7.0
Changelog
New attack technique for GCP: Invite an External User to a GCP Project
v2.6.0
Changelog
New features:
- 2354e0d New GCP attack technique: Exfiltrating a GCP Compute Disk (#370) https://stratus-red-team.cloud/attack-techniques/GCP/gcp.exfiltration.share-compute-disk/
Chores:
- d42bb84 Whitelist sum.golang.org:443 in the release CI pipeline
v2.5.7
Changelog
Bug fixes:
- Fixed a bug where Stratus Red Team would not use the EC2 instance role when run from an EC2 instance (#367, thank you @mrugank-canva for the contribution!)
- Fix now unsupported NodeJS Lambda runtime version in aws.persistence.lambda-backdoor-function (#359)
Chores:
- e52490c Brew formula update for stratus-red-team version v2.5.6
- 05a39d9 Bump actions/setup-go from 4.0.0 to 4.0.1 (#361)
- bbf173f Bump actions/setup-python from 4.6.0 to 4.6.1 (#363)
- 185d095 Bump alpine from 3.17.3 to 3.18.0 (#365)
- 18ecdc0 Bump github/codeql-action from 2.3.2 to 2.3.5 (#362)
- b128534 Bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 (#366)
- 7c641d2 Bump step-security/harden-runner from 2.3.1 to 2.4.0 (#364)
v2.5.6
v2.5.5
v2.5.4
Changelog
Enhancements:
Chores:
- a44b693 Bump actions/checkout from 3.5.0 to 3.5.2 (#349)
- a34b979 Bump actions/setup-go from 3.5.0 to 4.0.0 (#347)
- 6bd2d62 Bump actions/setup-python from 4.5.0 to 4.6.0 (#351)
- 8b2ed13 Bump github/codeql-action from 2.2.9 to 2.3.2 (#348)
- 6b50f17 Bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 (#346)
- 9b7e1ab Bump step-security/harden-runner from 2.2.1 to 2.3.1 (#350)
v2.5.3
What's Changed
Bug fixes:
- Pin the version of the terraform-aws-vpc module used to avoid unresolvable constraints (closes #173) by @christophetd in #342
Improvements:
- Add comparison to AWS Cloud Saga by @christophetd in #345
Chores:
- Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #339
- Bump github/codeql-action from 2.2.5 to 2.2.9 by @dependabot in #338
- Bump actions/checkout from 3.3.0 to 3.5.0 by @dependabot in #337
- Bump goreleaser/goreleaser-action from 3.1.0 to 4.2.0 by @dependabot in #336
- Bump step-security/harden-runner from 2.2.0 to 2.2.1 by @dependabot in #335
- Bump alpine from 3.17.2 to 3.17.3 by @dependabot in #334
- Bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #333
Full Changelog: v2.5.2...v2.5.3