v2.4.1

Changelog

• Bug fix (5394d78): Continue cleaning up when revert fails and --force is passed (closes #167)

v2.4.0

Changelog

New attack technique:

• K8s: Persistence through long-lived client certificate by @raesene

Other:

• 910c97b CI: Use step-security hardened GitHub Actions runner for unit tests (#158)

v2.3.0

Changelog

Features:

• Introducing GCP support! Thanks @rileydakota for the initial PR

Bug fixes / minor improvements:

• 3e5956c Added an example to detonate an attack technique and retrieve relevant CloudTrail logs
• c24f738 Update docs to link to Azure Threat Research Matrix (#156)

v2.2.3

Changelog

• 7ed252e Brew formula update for stratus-red-team version v2.2.2
• 30c8f91 Fix directory structure to allow for programmatic usage of the V2+ version
• ea27be8 Update docs/user-guide/programmatic-usage.md
• 71d1222 bump cobra version
• a04c14c fix github actions to use the new module path
• 6278891 remove old go.mod and go.sum
• 3d90753 rename incorrect import
• 1f7cccc terraform fmt

v2.2.2

Changelog

• 5a11914 Brew formula update for stratus-red-team version v2.2.1

v2.2.1

Changelog

df8674b Bugfix: Use a lower lifetime in k8s.persistence.create-token to support Minikube.

v2.2.0

Changelog

• New AWS attack technique by @adanalvarez: Create an IAM Roles Anywhere trust anchor
• New AWS attack technique by @rollwagen: Launch Unusual EC2 Instances
• New K8s attack technique inspired by @raesene: Create Long-Lived Token

v2.1.0

Changelog

• New Azure attack technique: Export Disk Through Shared Access Signature URL
• New Azure attack technique: Execute Command on Virtual Machine using Custom Script Extension by Ryan Marcotte Cobb @rcobb-scwx
• New AWS attack technique: Overwrite Lambda Function Code by @rollwagen
• Add dynamic CLI autocomplete for techniques by @rollwagen

Enhancements:

• bf7a2ab Disable logging when using the programmatic interface (closes #126)
• 947fbb4 Add execution UUID to the Terraform user-agent

v2.0.0

Changelog

• Stratus Red Team now supports Azure! Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
• New attack technique: Azure: Execute Commands on Virtual Machine using Run Command. Thank you to Ryan Marcotte Cobb from Secureworks for the contribution.
• Upgraded Go version from 1.17 to 1.18 to support the Azure Go SDK
• Bumped vulnerable dependencies

Note

The major version was bumped (1.8.0 -> 2.0.0) because the Go upgrade to 1.18 may break certain environments using the programmatic interface of Stratus Red Team with Go 1.17.

v1.8.0

Changelog

New attack technique: AWS Console Login without MFA