Releases: DataDog/stratus-red-team
Releases · DataDog/stratus-red-team
v2.31.0
Changelog
New attack techniques:
- Backdoor Azure Managed Identity with Federated Identity Credential (FIC) (Azure) by @siigil
- Backdoor Entra ID application with Federated Identity Credential (FIC) (EntraID) by @siigil
- Attempt to Remove a GCP Project from its Organization (GCP) by @Minosity-VR
- Delete a Cloud DNS Logging Policy (GCP) by @Minosity-VR
- Disable Data Access Audit Logs for a GCP Service (GCP) by @Minosity-VR
- Disable VPC Flow Logs on a Subnet (GCP) by @Minosity-VR
- Disable a GCP Log Sink (GCP) by @Minosity-VR
- Read GCE Instance Metadata via the Compute API (GCP) by @Minosity-VR
- Reduce Log Retention Period on a Cloud Logging Sink Bucket (GCP) by @Minosity-VR
New features:
- e26e2c6 Programatic usage now supports using a S3 bucket for internal and terraform state (#834)
- 09d59fa Programmatic usage now supports options to launch the runner with custom StateManager, TerraformManager, ProviderFactory, Config, and CorrelationID (#817)
- 23d67d2 Programmatic usage now supports using an existing terraform binary instead of downloading its own (#819)
- 8b93c93 Programmatic usage now supports running the runner with configurable cloud credentials rather than relying on the environment (#832)
Chores
- eb00e09 Brew formula update for stratus-red-team version v2.30.0 (#816)
- d6e0077 Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#812)
- 30c4576 Bump dominikh/staticcheck-action from 1.4.0 to 1.4.1 (#811)
- bd72c7b Bump github/codeql-action from 3.30.5 to 4.34.1 (#813)
- 3ea7acb Bump hashicorp/setup-terraform from 3.1.2 to 4.0.0 (#814)
- 4aaaa8b Bump step-security/harden-runner from 2.15.0 to 2.16.0 (#815)
Contributors
siigil and Minosity-VR
Assets 11
v2.30.0
v2.30.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New features:
- 53c9212 Stratus Red Team now supports a YAML configuration file (#721). See the documentation: https://stratus-red-team.cloud/user-guide/getting-started/#configuration-file
Docs enhancements:
Bug fixes:
Chores:
v2.29.0
v2.29.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
v2.28.0
v2.28.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
Notable changes:
- 42ac930 Move the CLI root command to its own package (#762)
- 579cf00 Bump terraform version to 1.3.10 (#769). Note: this only impacts the embedded Terraform binary version and shouldn't require any action, including when upgrading your Stratus Red Team version.
Bug/docs fixes:
Chores:
- 0916e1c Brew formula update for stratus-red-team version v2.27.0 (#753)
- 70115ca Bump actions/checkout from 6.0.1 to 6.0.2 (#767)
- c335209 Bump actions/setup-python from 6.1.0 to 6.2.0 (#766)
- 72efc01 Bump docker/login-action from 3.4.0 to 3.7.0 (#765)
- 57e8c20 Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 (#768)
- bbaa90d Bump step-security/harden-runner from 2.13.1 to 2.15.0 (#764)
v2.27.0
v2.27.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
- Create GCE instances in multiple zones (GCP) by @christophetd
- Create a GCE GPU virtual machine instance (GCP) by @christophetd
- Steal and use GCE default service account token from outside Google Cloud (GCP) by @christophetd
- Enumerate Permissions of a GCP Service Account (GCP) by @christophetd
Codebase improvements:
- Added AGENTS.md
- Added create-attack-technique agent skill
- Added test-attack-technique
Contributors
christophetd
Assets 11
v2.26.0
v2.26.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
Contributors
xathrya and jbfeldman-dd
Assets 11
v2.25.0
v2.25.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
Contributors
siigil
Assets 11
v2.24.1
v2.24.1
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
v2.24.0
0cad058
This commit was signed with the committer’s verified signature.
Minosity-VR
Simon Maréchal
Changelog
New attack techniques:
- cf06703 Azure ransomware via Storage Account Blob deletion (#725) by @jbfeldman-dd
- 1150fa3 Execute Commands on SageMaker Notebook Instance via Lifecycle Configuration
(#709) by @gdraperi
Chores:
- CI configuration updates
- Dependencies bumps
Contributors
gdraperi and jbfeldman-dd
Assets 11
v2.23.2
Changelog
Chores:
- d5d25ab (chores) Bump library versions
- 039a1c1 Brew formula update for stratus-red-team version v2.23.1 (#638)
- 83d6cdf Bump actions/setup-python from 5.3.0 to 5.4.0 (#641)
- d33e734 Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#639)
- f06d33f Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#665)
- d9178c3 Bump alpine from 3.21.2 to 3.21.3 (#645)
- 526166e Bump docker/build-push-action from 6.13.0 to 6.15.0 (#643)
- bf4ee08 Bump docker/login-action from 3.3.0 to 3.4.0 (#668)
- e577bba Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /v2 (#662)
- 959efe6 Bump github/codeql-action from 3.28.10 to 3.28.13 (#667)
- 60a57f1 Bump github/codeql-action from 3.28.8 to 3.28.10 (#640)
- 1888409 Bump golang from 1.23.5-alpine3.20 to 1.24.0-alpine3.20 (#644)
- 4c7a189 Bump golang from 1.24.0-alpine3.20 to 1.24.1-alpine3.20 (#670)
- 4af315f Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#666)
- efc931b Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#642)
- 508060e Update armcompute to v4 to remove indirect dependency on github.com/golang-jwt/jwt (#687)
Enhancements:
Documentation:
Contributors
tmendonca28