v2.5.0

Changelog

Enhancements:

• bedcae3 Properly encapsulate providers to allow for different detonation UUIDs (#295)

Bug fixes:

• fad7958 Fix GCP attack technique failing to impersonate service accounts (clo… (#304)
• f74f1d2 Fix GCP attack technique name length (closes #294) (#303)
• b08d3b9 Fix broken GCP technique (#305)
• f969b77 Fix incorrect length in name generation of gcp.privilege-escalation.impersonate-service-accounts (closes #296) (#297)
• 106b04f Fix resource name lengths in Azure attack techniques (closes #301) (#302)

Chores and minor changes:

• 8e86722 Bump actions/checkout from 3.1.0 to 3.2.0 (#288)
• 29a132e Bump actions/setup-go from 3.3.0 to 3.5.0 (#287)
• cbb315f Bump actions/setup-python from 4.3.0 to 4.4.0 (#289)
• 176333c Bump github/codeql-action from 2.1.29 to 2.1.37 (#286)
• 1ebed0a Bump golang from 1.19.3-alpine3.16 to 1.19.4-alpine3.16 (#285)
• 0021dc2 Bump step-security/harden-runner from 1.5.0 to 2.0.0 (#290)
• c76e8d9 Update revert log message in Azure disk exfiltration attack technique (#300)

v2.4.10

Changelog

Bug fixes:

• f193d0a Remove requirement for default VPC and default subnets from aws.exfiltration.rds-share-snapshot. Add output indicating if an attack technique is slow (#284). Thanks @briandefiant for the contribution!

Misc:

• cc6941e Bump alpine from 3.16.2 to 3.17.0 (#281)
• 8c82f31 Bump golang from 1.19.2-alpine3.16 to 1.19.3-alpine3.16 (#282)
• 685f847 Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3 (#283)

v2.4.9

Changelog

Bug fixes:

• Fix roles trust policy in some edge cases for 4 attack techniques (#224), thanks @mario-areias!

Enhancements:

• Align resource names created (#242), thanks @sjhood!

Other:

• Bump dependencies
• Add Terraform linting in CI
• make docs now generates a YAML file with all available attack techniques (#218), thanks @mario-areias!)

v2.4.8

Changelog

• 4898e6b Allow dependabot to open up to 20 PRs for Go dependencies
• f70e4c5 Brew formula update for stratus-red-team version v2.4.6
• 1d95a22 Bump actions/setup-go from 2.2.0 to 3.3.0 (#197)
• 26d4979 Bump actions/setup-python from 2.3.2 to 4.2.0 (#196)
• 4e52781 Bump actions/upload-artifact from 3.0.0 to 3.1.0 (#199)
• e3bb532 Bump github.com/Azure/azure-sdk-for-go/sdk/azcore in /v2 (#206)
• 42cb865 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity in /v2 (#215)
• a969f83 Bump github.com/aws/aws-sdk-go-v2/service/ec2 in /v2 (#203)
• 1929d18 Bump github.com/aws/aws-sdk-go-v2/service/lambda in /v2 (#216)
• 695caa9 Bump github.com/aws/aws-sdk-go-v2/service/organizations in /v2 (#209)
• 36974bb Bump github.com/aws/aws-sdk-go-v2/service/rds in /v2 (#205)
• 6675a2a Bump github.com/aws/aws-sdk-go-v2/service/rolesanywhere in /v2 (#200)
• 021f27f Bump github.com/aws/aws-sdk-go-v2/service/s3 in /v2 (#212)
• 7aeb23d Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager in /v2 (#204)
• 9179402 Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.20.0 to 1.30.0 in /v2 (#201)
• 347550c Bump github.com/hashicorp/go-version from 1.5.0 to 1.6.0 in /v2 (#217)
• 2f573b9 Bump github.com/hashicorp/hc-install from 0.3.2 to 0.4.0 in /v2 (#202)
• b05d1ad Bump github.com/hashicorp/terraform-exec from 0.15.0 to 0.17.3 in /v2 (#214)
• ff3e281 Bump github.com/jedib0t/go-pretty/v6 from 6.2.4 to 6.3.9 in /v2 (#211)
• 6b920a4 Bump github.com/stretchr/testify from 1.7.0 to 1.8.0 in /v2 (#213)
• 7449f32 Bump github/codeql-action from 1.0.26 to 2.1.26 (#198)
• 3671957 Bump google.golang.org/api from 0.63.0 to 0.98.0 in /v2 (#207)
• 4050fd7 Bump k8s.io/apimachinery from 0.23.3 to 0.25.2 in /v2 (#208)
• 1b12ae5 Change badge order in README
• 9f614af Change dependabot interval to 'daily'

v2.4.7

Changelog

Chores - update dependencies:

• 4898e6b Allow dependabot to open up to 20 PRs for Go dependencies
• f70e4c5 Brew formula update for stratus-red-team version v2.4.6
• 1d95a22 Bump actions/setup-go from 2.2.0 to 3.3.0 (#197)
• 26d4979 Bump actions/setup-python from 2.3.2 to 4.2.0 (#196)
• 4e52781 Bump actions/upload-artifact from 3.0.0 to 3.1.0 (#199)
• e3bb532 Bump github.com/Azure/azure-sdk-for-go/sdk/azcore in /v2 (#206)
• 42cb865 Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity in /v2 (#215)
• a969f83 Bump github.com/aws/aws-sdk-go-v2/service/ec2 in /v2 (#203)
• 1929d18 Bump github.com/aws/aws-sdk-go-v2/service/lambda in /v2 (#216)
• 695caa9 Bump github.com/aws/aws-sdk-go-v2/service/organizations in /v2 (#209)
• 36974bb Bump github.com/aws/aws-sdk-go-v2/service/rds in /v2 (#205)
• 6675a2a Bump github.com/aws/aws-sdk-go-v2/service/rolesanywhere in /v2 (#200)
• 021f27f Bump github.com/aws/aws-sdk-go-v2/service/s3 in /v2 (#212)
• 7aeb23d Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager in /v2 (#204)
• 9179402 Bump github.com/aws/aws-sdk-go-v2/service/ssm from 1.20.0 to 1.30.0 in /v2 (#201)
• 347550c Bump github.com/hashicorp/go-version from 1.5.0 to 1.6.0 in /v2 (#217)
• 2f573b9 Bump github.com/hashicorp/hc-install from 0.3.2 to 0.4.0 in /v2 (#202)
• b05d1ad Bump github.com/hashicorp/terraform-exec from 0.15.0 to 0.17.3 in /v2 (#214)
• ff3e281 Bump github.com/jedib0t/go-pretty/v6 from 6.2.4 to 6.3.9 in /v2 (#211)
• 6b920a4 Bump github.com/stretchr/testify from 1.7.0 to 1.8.0 in /v2 (#213)
• 7449f32 Bump github/codeql-action from 1.0.26 to 2.1.26 (#198)
• 3671957 Bump google.golang.org/api from 0.63.0 to 0.98.0 in /v2 (#207)
• 4050fd7 Bump k8s.io/apimachinery from 0.23.3 to 0.25.2 in /v2 (#208)
• 1b12ae5 Change badge order in README
• 9f614af Change dependabot interval to 'daily'

v2.4.6

Changelog

CI tests and hardening. No functional changes.

v2.4.5

Changelog

CI tests and hardening. No functional changes.

v2.4.4

Changelog

CI tests and hardening. No functional changes.

v2.4.3

Changelog

CI tests and hardening. No functional changes.

v2.4.2

Changelog

Bug fixes:

• 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)

Chores:

• Updated all dependencies

Misc:

• Added OpenSSF scorecard GitHub action and badge
• CI hardening: pinned all dependency versions and restrict GitHub actions permissions (#187)

Complete changelog:

• 5d95a59 Add OSSF scorecard
• b9c8eec Add OpenSSF scorecard
• 2fbfb8d Add basic security policy to clarify how to report a vulnerability
• afd6023 Add dependabot configuration
• fc27192 Add information about CloudTrail events for EBS exfiltration (#171)
• 3527d57 Brew formula update for stratus-red-team version v2.4.1
• 2736514 Bump Terraform AWS provider version to 3.x instead of restricting to 3.71.x (fixes #173) (#192)
• 2123b13 Bump actions/checkout from 2 to 3 (#179)
• 38b016b Bump docker/build-push-action from 2.8.0 to 3.1.1 (#180)
• cc7a321 Bump docker/login-action from 1.12.0 to 2.0.0 (#181)
• 1ac7e69 Bump github.com/aws/aws-sdk-go-v2 from 1.16.7 to 1.16.16 in /v2 (#183)
• 9a1fc25 Bump github.com/aws/aws-sdk-go-v2/config from 1.13.0 to 1.17.7 in /v2 (#185)
• 99fed06 Bump github.com/aws/aws-sdk-go-v2/service/cloudtrail in /v2 (#186)
• eb4dd6a Bump github.com/aws/aws-sdk-go-v2/service/iam in /v2 (#182)
• 1849405 Bump github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.13.0 to 1.16.1 in /v2 (#184)
• 68fea3f Bump goreleaser/goreleaser-action from 2 to 3 (#176)
• 0fbead5 Bump ossf/scorecard-action from 2.0.3 to 2.0.4 (#178)
• b6724c0 CI hardening (#187)
• 6e507e9 Docker base image: Use Go 1.19.x (#177)
• 16f578a Docker base image: bump alpine from 3.16.0 to 3.16.2 (#175)
• b836d04 Remove downloads badge
• c9bb44a Update usage.md (#166)
• 3371c2c [CI] Pin Github action versions (#188)
• 3b54217 [docker] Pin base image SHA256 (#189)