Version 1.10.0

Hello dear community! The OpenBAS 1.10.0 is out ! Hope you will enjoy it! 🎉

🐦 Collector for CrowdStrike Endpoint Security

CrowdStrike is in da place ! With this new collector, you can leverage your own Crowdstrike Endpoint Security to quickly receive real-time feedback on your tests on endpoints, letting you know if your attack was detected and/or prevented.

🧩Integration openBAS & openCTI

1. Apply the right platform & architecture when generating a scenario from OCTI

We now have a platform & architecture coherence in the injects generated via OCTI, which makes the scenarios more relevant and usable in openBAS (the full integration will come with next OpenCTI minor release).

2. Have all payloads mapped with the supported architecture

In order to map correctly the architecture when creating a simulation from OCTI and to ensure the right payload is used with the right endpoint we now have all payloads mapped with an architecture x86_64, arm or both.

🏁 Precheck of the executor at the implant level

The implant now includes a precheck to ensure the specified executor is available, providing a clear message if it is not.

👀 Be able to navigate from the MITRE result of a simulation:

Results in the MITRE matrix display the inject responsible for each score, with the option to navigate to inject details by clicking on the inject name.

🔍 Access payload information from the inject detail page.

You forgot what command lines were in your inject ? No worries, you can now access your payload configuration info directly in the inject detail page !

This work included many bugs bashed, some UI improvements and update in our documentation.

Enhancements:

• #1911 Ability to see 100 simulations of 50 injects each in the overview of a scenario in 0.5 second
• #1850 Introduce /health endpoint

Bug Fixes:

• #2093 Agent and implants missing in .jar for specific arch/os
• #2091 When I have some disabled inject, simulation still On Going
• #2076 Try to install OpenBAS agent on Windows Virtual Machine failed
• #2023 OpenBAs unable to start after adding a Caldera Agent running with an Open BAs agent

Pull Requests:

• [backend/frontend] Restarting an atomic testing keeps the same Inject UUID by @isselparra in #1901
• [tool] Update Node.js to v22 by @renovate in #1873
• [frontend] Update dependency apexcharts to v4 by @renovate in #1878
• [backend] send encoded command into implant by @MarineLeM in #1935
• [backend] Upgrading to latest spring boot version by @Dimfacion in #1894
• [backend] Fixing migration number by @Dimfacion in #1989
• [backend] Add architecture to payloads (#1752) (#1922) by @savacano28 in #1918
• [backend] Adding a new "health" endpoint (#1850) by @heditar in #1950
• [backend] handle cmd variables by @MarineLeM in #2001
• [frontend] Update dependency react-router-dom to v7 by @renovate in #1914
• [frontend] Remove EndpointStore, AssetGroupStore & ArticleStore by @RomuDeuxfois in #2019
• [backend] fix (build): use correct interface to PayloadCreateInput with PayloadUtils by @antoinemzs in #2034
• [Backend]Test launch/relaunch/pause of a simulation (#1488) by @johanah29 in #2025
• [backend] Apply the right platform & architecture when generating a scenario from OCTI (#1713) by @savacano28 in #2003
• [backend/frontend] Ability to see 100 simulations in the overview of a scenario in 0.5 seconds by @isselparra in #1995
• [frontend|backend]Show prerequisites info in atomic testing (#1787) by @johanah29 in #2026
• [frontend] add button to navigate back to scenario from simulation (#1611) by @antoinemzs in #2040
• [frontend] Update dependency globals to v15.13.0 by @renovate in #2046
• [frontend] Fixing the back to administration button not working by @Dimfacion in #2087
• [frontend] Fix payload info tab not visible for simulations by @damgouj in #2084
• Fix for the bug breaking openbas when running multiple agent issue/2023 by @heditar in #2069
• [frontend] Don't add asset arch filter if payload is all archs by @antoinemzs in #2088
• [frontend] replace deprecated ListItemSecondaryAction component by @MarineLeM in #2086
• [tests] Explicitly mock Instant.now to fix test flakiness by @antoinemzs in #2089
• [backend] fix thatMustBeFinisehd query to exclude disabled injects fr… by @guillaumejparis in #2092
• [backend] Update dependency org.postgresql:postgresql to v42.7.4 by @renovate in #2073
• [backend] Update dependency com.rabbitmq:amqp-client to v5.24.0 by @renovate in #2071
• [frontend] Update dependency react-router-dom to v6.28.0 by @renovate in #2060
• [frontend] Update dependency cronstrue to v2.52.0 by @renovate in #2081
• [frontend] Update dependency @testing-library/react to v16.1.0 by @renovate in #2080
• [tool] add missing arch/os agent & implant in circle build (#2093) by @guillaumejparis in #2094
• [backend] add arm64 windows repository for agent & implant (#2093) by @guillaumejparis in #2096

Full Changelog: 1.9.2...1.10.0

Version 1.9.2

Enhancements:

• #1990 Added Windows arm management for OpenBAS agent
• #1909 Handle prerelease platform on our CI

Bug Fixes:

• #2063 Issue when using MistralAI server
• #2051 Latest Docker tag incorrectly points to a lower semantic version if it is more recent
• #2035 Error 400 with MDE collector
• #1659 Popover icon inconsistency in lists

Pull Requests:

• [backend] Overriding spring's postgresql dependency by @Dimfacion in #1967
• [frontend] Bump nanoid from 3.3.7 to 3.3.8 by @dependabot in #2024
• [frontend] Update react monorepo by @renovate in #2008
• [frontend] Update material-ui monorepo by @renovate in #2007
• [frontend] Update dependency @xyflow/react to v12.3.6 by @renovate in #1972
• [tool] update drone & circle for prerelease platform (#1909) by @guillaumejparis in #1978
• [tool] fix drone & circle for prerelease platform (#1909) by @guillaumejparis in #2032
• [tool] fix drone & circle for prerelease platform (#1909) by @guillaumejparis in #2033
• [frontend] Update dependency vite to v6 by @renovate in #2012
• [frontend] Update Yarn to v4.5.3 by @renovate in #1968
• [frontend] Update dependency mini-css-extract-plugin to v2.9.2 by @renovate in #1977
• [tool] fix circle prerelease regex (#1909) by @guillaumejparis in #2039
• [backend] Fix cron test failed by @RomuDeuxfois in #2036
• [tool] fix latest tag incorrectly points to a lower semver (#2051) by @guillaumejparis in #2052
• [Frontend]Correct popover icon (#1659) by @johanah29 in #2054
• [frontend] Update dependency react-hook-form to v7.54.1 by @renovate in #2049
• [frontend] Update dependency typescript to v5.7.2 by @renovate in #1917
• [tool/backend] fix agent & implant fetching (#1909) by @guillaumejparis in #2062
• [backend] Update dependency org.bouncycastle:bcpg-jdk18on to v1.79 by @renovate in #2059
• [backend] Update dependency io.opentelemetry:opentelemetry-bom to v1.45.0 by @renovate in #2058
• [backend] Update dependency commons-io:commons-io to v2.18.0 by @renovate in #2057
• [backend] Update dependency com.rabbitmq:amqp-client to v5.23.0 by @renovate in #2056
• [frontend] Update dependency react-redux to v9.2.0 by @renovate in #2050
• [frontend] Update dependency eslint-import-resolver-oxc to v0.6.0 by @renovate in #2045
• [frontend] remove useless package json resolutions by @guillaumejparis in #2031
• [backend] Adding the content-type header when calling MistralAI by @Dimfacion in #2064
• [frontend] Update dependency react-dropzone to v14.3.5 by @renovate in #2048
• [frontend] Update dependency html-react-parser to v5.2.0 by @renovate in #2047

Full Changelog: 1.9.1...1.9.2

Version 1.9.1

Enhancements:

• #1763 [ UI improvement ] - add tooltip on global score

Bug Fixes:

• #1992 Importing a scenario previously exported from a different OpenBAS instance fails
• #1897 Error on executable payload not handle correclty
• #1754 Documents list page is really slow
• #1714 After deleting all expectations from a technical/media/challenge inject, an expectation is added by default to inject again
• #1706 Creating a new tag from a scenario should automatically tag the scenario
• #1338 Injects randomly fail to be sent when SMTP server refuse the connection too many times
• #1028 In some cases, IMAP store of sent message can fail

Pull Requests:

• [frontend] Fixed Tag creation method #1706 by @heditar in #1957
• [backend] Update dependency ch.qos.logback:logback-core to v1.5.12 by @renovate in #1954
• [backend] Update dependency io.minio:minio to v8.5.14 by @renovate in #1955
• [backend] Update dependency ch.qos.logback:logback-classic to v1.5.12 by @renovate in #1953
• [tool] Update dependency slack to v5.1.1 - autoclosed by @renovate in #1952
• [backend] Handle errors for payloads by @damgouj in #1933
• [frontend] After deleting all expectations from a technical/media/challenge inject, an expectation is added by default to inject again by @isselparra in #1923
• [frontend] Update dependency @hookform/resolvers to v3.9.1 by @renovate in #1969
• [frontend] Update dependency @types/qs to v6.9.17 by @renovate in #1970
• [frontend] Update dependency @vitejs/plugin-react to v4.3.4 by @renovate in #1971
• [frontend] Update dependency axios to v1.7.8 by @renovate in #1973
• [frontend] Update dependency eslint-plugin-i18next to v6.1.1 by @renovate in #1974
• [frontend] Update dependency react-intl to v7 by @renovate in #1915
• [frontend] Add tooltip on global score (#1763) by @johanah29 in #1979
• [frontend] Update dependency eslint-plugin-react-refresh to v0.4.16 by @renovate in #1975
• [Backend] Refactor creation of inject expectations by @savacano28 in #1986
• [frontend] Update dependency html-react-parser to v5.1.19 by @renovate in #1976
• Improv swagger documentation by @RomuDeuxfois in #1999
• [tool] Update Node.js to v20.18.1 by @renovate in #2009
• [backend] Fix import/export with unknown contract ID by @RomuDeuxfois in #2018

Full Changelog: 1.9.0...1.9.1

Version 1.9.0

Hello dear community! The OpenBAS 1.9.0 is out ! Hope you will enjoy it! 🎉

During this release, we put a strong focus on improving our technical simulation logic and the global performance of OpenBAS to offer the most seamless experience while testing your endpoints.

🗒️ Payloads Execution Improvements
We addressed several issues that prevented some payloads from executing correctly. Now, a significant number of payloads are fully functional, allowing you to build end-to-end, realistic attack simulations with greater reliability.

🔔 Detection/Prevention Enhancements
We improved our matching to accurately identify the alerts Blocked/Prevented for Detection/Prevention.
Microsoft Defender logic has been improved to ensure that all alerts are accurately detected and logged.
Microsoft Sentinel integration confirms that alerts from connected EDRs are transmitted and logged properly, offering clearer and more actionable insights.

🚀 Performance Boost
We resolved performance issues that caused the platform to lag when handling large amounts of data. With these fixes, openBAS is now faster and more responsive.
This work included many bugs bashed, some UI improvements and updated our documentation.

Enhancements:

• #1940 Simulations context - Rename 'exercices' in URL for 'simulations
• #1775 [security] Upgrade GA Dockerfile base image
• #1772 [security] Upgrade bcprov-jdk15on
• #1771 [security] Upgrade of postgresql JDBC driver
• #1725 clean up temporary apt list files in Dockerfiles
• #1518 UI improvement - Show prerequisites info in payloads drawer
• #1486 [ Unit testing - simulation scope ] - inject execution

Bug Fixes:

• #1939 Rename 'Status' for 'Execution status' for the execution of an inject
• #1928 Issue when importing a simulation
• #1903 Can't launch an http injector
• #1892 Simulations list skeleton is buggy in scenario overview
• #1888 Clicking on an inject popover open the edit panel too
• #1863 Injects execution blocked when an execution fails for a particular asset
• #1862 Actions are not allowed on the Inject Results list in the Exercise Overview
• #1840 "LaZagne.py - Dump Credentials from Firefox Browser" fails detection
• #1834 Fix ART payloads using the environment variable set at $PathToAtomicsFolder
• #1833 Fix technical Payload C2 Data Exfiltration giving us "need to analyze more"
• #1822 Update scenario drawer - merge 2 tabs overview and mail configuration together
• #1769 Inject still in Pending when I target an Asset and it's inactive
• #1758 Error when editing a challenge
• #1755 Prerequisites command failed but the status show success
• #1734 Latency - Improve taxonomics retrieval strategy
• #1729 Improve latency on simulation overview
• #1718 Improve latency on simulations list
• #1715 Charts simulations - team scores are too big
• #1686 Microsoft Defender collector not working
• #1685 Microsoft Sentinel collector not working
• #1662 Kill chain functional order is not taken into account in filter
• #1624 Lessons learned : the categories are not well diplayed
• #1621 Payload - Enforce required cleanup command AND executor when choosing one of the two
• #1515 Update of a simulation - update button should take infos from both tabs overview and mail config
• #854 TTPs are loading entirely in the app

Pull Requests:

• [backend] Format code with Spotless by @isselparra in #1634
• [frontend] Upgrade SheetJS (xlsx) because of vulnerability by @guillaumejparis in #1731
• Update eslint monorepo to v9 (major) by @renovate in #993
• [backend] Add condition when filters are null or empty by @johanah29 in #1764
• Update dependency @testing-library/react to v16 by @renovate in #1578
• [backend] Improve latency on atomicTestings by @savacano28 in #1733
• [frontend] Migrate CK Editor to 9.3 by @guillaumejparis in #1766
• [frontend/backend] fix and improve dashboard statistics (#1697) by @guillaumejparis in #1698
• [backend] Avoid NPE on calculate results by @RomuDeuxfois in #1779
• [backend] Add Kosovo country by @RomuDeuxfois in #1780
• [backend] Error 500 when updating Groups by @isselparra in #1791
• [backend] Improve latency on simulations list with filters by @savacano28 in #1665
• [frontend/backend] correct logout redirection by @MarineLeM in #1790
• [docker] Add pgadmin to docker compose by @RomuDeuxfois in #1789
• [frontend] improve eslint speed & logs (#1776) by @guillaumejparis in #1777
• [backend] fix computeExpectation when score is 0 (#1663) by @guillaumejparis in #1811
• [frontend] when refresh do not display login page by @MarineLeM in #1814
• [frontend] fix label for top attack pattern chart in dashboard (#1815) by @guillaumejparis in #1816
• [backend] fix inject status after execution by @MarineLeM in #1792
• [frontend] improve taxonomics retrieval strategy (#1734) by @guillaumejparis in #1735
• [frontend] Update dependency globals to v15.12.0 by @renovate in #1802
• [tool] Update eclipse-temurin Docker tag to v21.0.5_11-jre by @renovate in #1805
• [backend] Update dependency io.minio:minio to v8.5.13 by @renovate in #1804
• [frontend] Update dependency nyc to v17.1.0 - autoclosed by @renovate in #1803
• [frontend] Update dependency express to v4.21.1 by @renovate in #1801
• [frontend] Update dependency cronstrue to v2.51.0 by @renovate in #1800
• [frontend] Update dependency @stylistic/eslint-plugin to v2.10.1 by @renovate in #1798
• [backend] Add matching on parent process name for inject expectation signature by @RomuDeuxfois in #1826
• [backend] Allow for use of AWS IAM Role by @Dimfacion in #1808
• [backend] Updating dependencies by @Dimfacion in #1761
• [backend] Fix on upsert payload not updating the platform by @Dimfacion in #1823
• [frontend] Update dependency ckeditor5 to v43.3.0 by @renovate in #1799
• [backend/frontend] Properly generate types for chaining injects by @Dimfacion in #1830
• [frontend] add skeleton loader on main lists (#1409) by @guillaumejparis in #1841
• [frontend] Update material-ui monorepo to v6 (major) by @renovate in #1565
• [backend] test injects execution (#1486) by @johanah29 in #1690
• [backend] throw error when asset is inactive by @MarineLeM in #1817
• [frontend] use sx instead of useStyles in paylo...

Version 1.8.2

Enhancements:

• #1453 Ability to support IAM roles for Amazon S3 / MinIO configuration

Full Changelog: 1.8.1...1.8.2

Version 1.8.1

Bug Fixes:

• #1778 Non-admin user granted for a simulation not able to access it
• #1751 Add Kosovo country
• #1347 Error 500 when updating Groups

Full Changelog: 1.8.0...1.8.1

Version 1.8.0

The OpenBAS 1.8.0 is out ! Hope you will enjoy it! 🚀

📒 Customizable Debrief
Feeling like sharing the results of your simulation to enhance collaboration ? You can now generate a customizable report page and export it into nicely formatted and shareable PDFs, along with an overall summary to receive insights in a clear and accessible format.

⛓️ Conditional Inject Chaining
Building on version 1.7, seamlessly condition injects launch based on the expectations of previous ones, creating more dynamic simulations with multiple inject paths.

🏗️ Payload Categorization by Architecture
In need of precision regarding your architecture for your payloads ? We organized and categorized your payloads by binary architecture to facilitate the selection of your injects.

👓 Advanced Player and Asset Filtering
We added filters on the players and asset groups pages to streamline your analysis and focus on the most relevant data.

And we also solved a lot of bugs, made some UI improvements and updated our documentation.

Enhancements:

• #1582 Improve latency on page: admin/scenarios/:id
• #1580 Improve latency on page: admin/scenarios/:id/injects
• #1555 Add filters to Players page
• #1554 Add filters to Asset group page
• #1487 [ Unit testing - simulation scope ] - lessons learned surveys
• #1485 [ Unit testing - simulation scope ] - inject creation/update
• #1385 Conditional inject chaining
• #1189 Categorize payload by architecture
• #1080 Create customizable debrief page - generate a report page with a global note

Bug Fixes:

• #1704 Message "internal error" + Error 500 occurring when creating a technical scenario
• #1701 Scenario & Simulation full reload when refetching
• #1699 Remove double fetch organizations in Groups
• #1682 Remove duplicate requests for pagination & filters
• #1678 Fix deprecated local method to start frontend
• #1670 MITRE ATT&CK matrix dashboard results is not working
• #1668 When deleting an endpoint in an inject, line is not removed but becomes empty
• #1666 Default value of payload argument is not taken into account when creating an atomic testing
• #1660 Images (logos) of security systems uploaded by collectors should not be deletable
• #1658 Mouse cursor is disappearing when mouse is going to the result by target in inject
• #1655 Putting expectation with the security platform is broken
• #1633 Import injects: Pagination hides injects over 100 + action only works if the user refreshes
• #1632 Labels in select inputs look broken
• #1610 Tags are not displayed in simulation overview
• #1603 Score max value on the scalebar is not coherent with default value or set value
• #1600 Can't update an inject without filling all mandatory fields
• #1586 Simulations never ends if no inject / disabled injects / deleted injects
• #1521 Removing a team from the context doesn't work
• #1473 [ UI improvement ] to display uri of a media pressure in an email inject

Pull Requests:

• Update dependency @mui/x-date-pickers to v7.18.0 by @renovate in #1537
• Update dependency esbuild to v0.24.0 by @renovate in #1542
• Update dependency chokidar to v4 by @renovate in #1560
• Update dependency date-fns to v4 by @renovate in #1561
• Update dependency vitest to v2 by @renovate in #1563
• Update maven Docker tag to v3.9.9 by @renovate in #1576
• Update dependency slack to v5 by @renovate in #1579
• Update eclipse-temurin Docker tag to v21.0.4_7-jre by @renovate in #1574
• Update docker/build-push-action action to v6 by @renovate in #1564
• [backend/frontend] Add filters on player page by @RomuDeuxfois in #1605
• [frontend/backend] add inject result inside report by @MarineLeM in #1519
• Improve latency on endpoint teams by @RomuDeuxfois in #1584
• Update dependency zustand to v4.5.5 by @renovate in #1598
• [backend] Add ID on expectation type by @RomuDeuxfois in #1613
• Update dependency http-proxy-middleware to v3 by @renovate in #1562
• Update dependency @types/react to v18.3.11 by @renovate in #1597
• Update dependency @types/node to v20.16.10 by @renovate in #1596
• Update eslint monorepo to v8.57.1 by @renovate in #1575
• [backend] Fix 401 when user not admin and go to page with filters by @damgouj in #1620
• [backend] Fix call to the management plugin not working when using ssl by @Dimfacion in #1622
• Bugfix/1478 fix filter order by @savacano28 in #1623
• [backend/frontend] fix bulk update injects by @savacano28 in #1628
• [backend] Use join map to avoid duplicate join by @RomuDeuxfois in #1619
• [frontend] Documents are not duplicated when an inject is duplicated by @isselparra in #1641
• [backend/frontend] Categorize payload by architecture by @isselparra in #1612
• [backend] Fix latency scenarioId by @savacano28 in #1606
• [backend/frontend] Add filters to Asset group page by @RomuDeuxfois in #1646
• Update dependency @babel/plugin-transform-modules-commonjs to v7.25.7 by @renovate in #1595
• [frontend] Fix deprecated start method to start frontend (#1678) by @guillaumejparis in #1679
• [frontend] Remove duplicate requests for pagination & filters by @guillaumejparis in #1683
• [frontend] fix import icon by @MarineLeM in #1695
• [backend/frontend] Fix removing a team from the context doesn't work by @RomuDeuxfois in #1544
• [backend] Inject creation/update in a simulation (#1485) by @johanah29 in #1636
• [frontend] Fix tags displayed and links to item exercises lists (#1610) by @damgouj in #1689
• [frontend] Improve scalebar component by @savacano28 in #1703
• [frontend] fix import openbas logo in pdf by @MarineLeM in #1705
• [frontend] avoid full reload of scenario & simulation when refetching… by @guillaumejparis in #1702
• [frontend] delete double fetch in groups (#1699) by @guillaumejparis in #1700
• [backend] Fix param to retrieve asset groups from a raw map by @savacano28 in #1710
• Update dependency http-proxy-middleware to v3.0.3 [SECURITY] by @renovate in #1724
• [backend] Fix raw teams request (#1704) by @guillaumejparis in #1721
• [backend] Add obfuscator base64 on expectation signature for OpenBAS agent by @RomuDeuxfois in #1712
• [frontend] create reportComment component by @MarineLeM in https://github.co...

Version 1.7.3

Bug Fixes:

• #1629 Documents are not duplicated when an inject is duplicated
• #1608 Results of OpenBAS scenarios are not displayed anymore in OpenCTI

Full Changelog: 1.7.2...1.7.3

Version 1.7.2

Bug Fixes:

• #1627 Adding / replacing / removing inject teams in bulk also remove all attached document

Full Changelog: 1.7.1...1.7.2

Version 1.7.1

Bug Fixes:

• #1618 Settings not populating when RabbitMQ is using SSL

Full Changelog: 1.7.0...1.7.1