Releases: DataDog/stratus-red-team
Releases · DataDog/stratus-red-team
v2.10.2
Changelog
- b986a31 Bump Terraform Kubernetes provider to support recent K8s versiont that don't create service account token secrets by default (#429)
- 584fd30 Bump actions/checkout from 3.5.3 to 4.1.1 (#425)
- ea64abf Bump actions/setup-go from 4.0.1 to 4.1.0 (#404)
- 0ca9918 Bump alpine from 3.18.2 to 3.18.4 (#415)
- d401f1d Bump github/codeql-action from 2.21.2 to 2.22.5 (#426)
- 4ff659c Bump golang.org/x/net from 0.7.0 to 0.17.0 in /v2 (#422)
- 5ea4572 Bump goreleaser/goreleaser-action from 4.3.0 to 5.0.0 (#417)
- e041684 Bump step-security/harden-runner from 2.5.0 to 2.6.0 (#424)
v2.10.1
Changelog
- b986a31 Bump Terraform Kubernetes provider to support recent K8s versiont that don't create service account token secrets by default (#429)
- 584fd30 Bump actions/checkout from 3.5.3 to 4.1.1 (#425)
- ea64abf Bump actions/setup-go from 4.0.1 to 4.1.0 (#404)
- 0ca9918 Bump alpine from 3.18.2 to 3.18.4 (#415)
- d401f1d Bump github/codeql-action from 2.21.2 to 2.22.5 (#426)
- 4ff659c Bump golang.org/x/net from 0.7.0 to 0.17.0 in /v2 (#422)
- 5ea4572 Bump goreleaser/goreleaser-action from 4.3.0 to 5.0.0 (#417)
- e041684 Bump step-security/harden-runner from 2.5.0 to 2.6.0 (#424)
v2.10.0
3c612bc
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
- d151fe9 New attack technique: Persistence AWS Lambda Layer Extension (#427) by @adanalvarez
Contributors
adanalvarez
Assets 11
v2.9.0
Changelog
New feature: Stratus Red Team now features 3 attack techniques to simulate ransomware activity.
- S3 Ransomware through individual file deletion
- S3 Ransomware through batch file deletion
- S3 Ransomware through client-side encryption
Docs:
Chores:
v2.8.2
v2.8.1
3b12231
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
Bug fixes:
- 2c89c34 [AWS] Catch the appropriate error in aws.execution.ec2-launch-unusual-instances (closes #387) (#390)
Enhancements:
- 7e125a0 Add link to GCP emulation post
- a7f75e9 Add note on logs generated by console logins (#382)
- 9e71abd Add reference to an attack creating IAM access keys (#384)
- 2ba3ec6 Remove unintentional debug output (#388)
- e9da1c0 Update link to blog post
Chores:
- 01ff63b Bump actions/checkout from 3.5.2 to 3.5.3 (#377)
- 99616fd Bump alpine from 3.18.0 to 3.18.2 (#381)
- d27b459 Bump docker/login-action from 2.1.0 to 2.2.0 (#376)
- 9f27a64 Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (#379)
- c53781b Bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#380)
- 5fd0045 Bump step-security/harden-runner from 2.4.0 to 2.4.1 (#378)
CI fixes:
v2.8.0
Changelog
New GCP attack technique: Backdoor a GCP Service Account through its IAM Policy
v2.7.0
aa013a3
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack technique for GCP: Invite an External User to a GCP Project
v2.6.0
d42bb84
This commit was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New features:
- 2354e0d New GCP attack technique: Exfiltrating a GCP Compute Disk (#370) https://stratus-red-team.cloud/attack-techniques/GCP/gcp.exfiltration.share-compute-disk/
Chores:
- d42bb84 Whitelist sum.golang.org:443 in the release CI pipeline
v2.5.7
Changelog
Bug fixes:
- Fixed a bug where Stratus Red Team would not use the EC2 instance role when run from an EC2 instance (#367, thank you @mrugank-canva for the contribution!)
- Fix now unsupported NodeJS Lambda runtime version in aws.persistence.lambda-backdoor-function (#359)
Chores:
- e52490c Brew formula update for stratus-red-team version v2.5.6
- 05a39d9 Bump actions/setup-go from 4.0.0 to 4.0.1 (#361)
- bbf173f Bump actions/setup-python from 4.6.0 to 4.6.1 (#363)
- 185d095 Bump alpine from 3.17.3 to 3.18.0 (#365)
- 18ecdc0 Bump github/codeql-action from 2.3.2 to 2.3.5 (#362)
- b128534 Bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 (#366)
- 7c641d2 Bump step-security/harden-runner from 2.3.1 to 2.4.0 (#364)