Skip to content

Releases: DataDog/stratus-red-team

v2.2.2

22 Jul 09:52
Compare
Choose a tag to compare

Changelog

  • 5a11914 Brew formula update for stratus-red-team version v2.2.1

v2.2.1

18 Jul 08:23
Compare
Choose a tag to compare

Changelog

df8674b Bugfix: Use a lower lifetime in k8s.persistence.create-token to support Minikube.

v2.2.0

13 Jul 22:00
94780f8
Compare
Choose a tag to compare

Changelog

v2.1.0

20 Jun 13:21
Compare
Choose a tag to compare

Changelog

Enhancements:

  • bf7a2ab Disable logging when using the programmatic interface (closes #126)
  • 947fbb4 Add execution UUID to the Terraform user-agent

v2.0.0

03 Jun 14:12
Compare
Choose a tag to compare

Changelog

  • Stratus Red Team now supports Azure! Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
  • New attack technique: Azure: Execute Commands on Virtual Machine using Run Command. Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
  • Upgraded Go version from 1.17 to 1.18 to support the Azure Go SDK
  • Bumped vulnerable dependencies

Note

The major version was bumped (1.8.0 -> 2.0.0) because the Go upgrade to 1.18 may break certain environments using the programmatic interface of Stratus Red Team with Go 1.17.

v1.8.0

30 May 15:55
Compare
Choose a tag to compare

Changelog

New attack technique: AWS Console Login without MFA

v1.7.2

25 May 09:03
Compare
Choose a tag to compare

Changelog

Bug fix: In some cases, the programmatic API couldn't be used because of methods located in the internal package, which can't be used from other packages (#117)

v1.7.1

23 May 09:39
Compare
Choose a tag to compare

Changelog

  • Bug fix: Content-type mismatch when downloading the Terraform binary (#118)

v1.7.0

06 Apr 15:48
Compare
Choose a tag to compare

Changelog

Stratus Red Team now injects an UUID in the User-Agent header when performing requests to the Kubernetes or AWS API. It has the form stratus-red-team_<uuid> and is unique per Stratus Red Team execution. This allows for more advanced use-cases to ensure that a log generated by a detonation corresponds to a specific execution of Stratus Red Team.

v1.6.2

31 Mar 07:34
Compare
Choose a tag to compare

Changelog

Bug fixes and enhancements.

  • 2855978 Exfiltration of EBS snapshots and AMIs: Handle error when EBS encryption by default is enabled (closes #109)
  • 44c83db ec2-steal-instance-credentials: Ensure instance is registered in SSM (closes #108)