v2.4.2

Changelog

Bug fixes:

• 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)

Chores:

• Updated all dependencies

Misc:

• Added OpenSSF scorecard GitHub action and badge
• CI hardening: pinned all dependency versions and restrict GitHub actions permissions (#187)

Complete changelog:

• 5d95a59 Add OSSF scorecard
• b9c8eec Add OpenSSF scorecard
• 2fbfb8d Add basic security policy to clarify how to report a vulnerability
• afd6023 Add dependabot configuration
• fc27192 Add information about CloudTrail events for EBS exfiltration (#171)
• 3527d57 Brew formula update for stratus-red-team version v2.4.1
• 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)
• 2123b13 Bump actions/checkout from 2 to 3 (#179)
• 38b016b Bump docker/build-push-action from 2.8.0 to 3.1.1 (#180)
• cc7a321 Bump docker/login-action from 1.12.0 to 2.0.0 (#181)
• 1ac7e69 Bump github.com/aws/aws-sdk-go-v2 from 1.16.7 to 1.16.16 in /v2 (#183)
• 9a1fc25 Bump github.com/aws/aws-sdk-go-v2/config from 1.13.0 to 1.17.7 in /v2 (#185)
• 99fed06 Bump github.com/aws/aws-sdk-go-v2/service/cloudtrail in /v2 (#186)
• eb4dd6a Bump github.com/aws/aws-sdk-go-v2/service/iam in /v2 (#182)
• 1849405 Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.13.0 to 1.16.1 in /v2 (#184)
• 68fea3f Bump goreleaser/goreleaser-action from 2 to 3 (#176)
• 0fbead5 Bump ossf/scorecard-action from 2.0.3 to 2.0.4 (#178)
• b6724c0 CI hardening (#187)
• 6e507e9 Docker base image: Use Go 1.19.x (#177)
• 16f578a Docker base image: bump alpine from 3.16.0 to 3.16.2 (#175)
• b836d04 Remove downloads badge
• c9bb44a Update usage.md (#166)
• 3371c2c [CI] Pin Github action versions (#188)
• 3b54217 [docker] Pin base image SHA256 (#189)

v2.4.1

Changelog

• Bug fix (5394d78): Continue cleaning up when revert fails and --force is passed (closes #167)

v2.4.0

Changelog

New attack technique:

• K8s: Persistence through long-lived client certificate by @raesene

Other:

• 910c97b CI: Use step-security hardened GitHub Actions runner for unit tests (#158)

v2.3.0

Changelog

Features:

• Introducing GCP support! Thanks @rileydakota for the initial PR

Bug fixes / minor improvements:

• 3e5956c Added an example to detonate an attack technique and retrieve relevant CloudTrail logs
• c24f738 Update docs to link to Azure Threat Research Matrix (#156)

v2.2.3

Changelog

• 7ed252e Brew formula update for stratus-red-team version v2.2.2
• 30c8f91 Fix directory structure to allow for programmatic usage of the V2+ version
• ea27be8 Update docs/user-guide/programmatic-usage.md
• 71d1222 bump cobra version
• a04c14c fix github actions to use the new module path
• 6278891 remove old go.mod and go.sum
• 3d90753 rename incorrect import
• 1f7cccc terraform fmt

v2.2.2

Changelog

• 5a11914 Brew formula update for stratus-red-team version v2.2.1

v2.2.1

Changelog

df8674b Bugfix: Use a lower lifetime in k8s.persistence.create-token to support Minikube.

v2.2.0

Changelog

• New AWS attack technique by @adanalvarez: Create an IAM Roles Anywhere trust anchor
• New AWS attack technique by @rollwagen: Launch Unusual EC2 Instances
• New K8s attack technique inspired by @raesene: Create Long-Lived Token

v2.1.0

Changelog

• New Azure attack technique: Export Disk Through Shared Access Signature URL
• New Azure attack technique: Execute Command on Virtual Machine using Custom Script Extension by Ryan Marcotte Cobb @rcobb-scwx
• New AWS attack technique: Overwrite Lambda Function Code by @rollwagen
• Add dynamic CLI autocomplete for techniques by @rollwagen

Enhancements:

• bf7a2ab Disable logging when using the programmatic interface (closes #126)
• 947fbb4 Add execution UUID to the Terraform user-agent

v2.0.0

Changelog

• Stratus Red Team now supports Azure! Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
• New attack technique: Azure: Execute Commands on Virtual Machine using Run Command. Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
• Upgraded Go version from 1.17 to 1.18 to support the Azure Go SDK
• Bumped vulnerable dependencies

Note

The major version was bumped (1.8.0 -> 2.0.0) because the Go upgrade to 1.18 may break certain environments using the programmatic interface of Stratus Red Team with Go 1.17.