Releases: DataDog/stratus-red-team
Releases · DataDog/stratus-red-team
v2.29.0
v2.29.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
v2.28.0
v2.28.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
Notable changes:
- 42ac930 Move the CLI root command to its own package (#762)
- 579cf00 Bump terraform version to 1.3.10 (#769). Note: this only impacts the embedded Terraform binary version and shouldn't require any action, including when upgrading your Stratus Red Team version.
Bug/docs fixes:
Chores:
- 0916e1c Brew formula update for stratus-red-team version v2.27.0 (#753)
- 70115ca Bump actions/checkout from 6.0.1 to 6.0.2 (#767)
- c335209 Bump actions/setup-python from 6.1.0 to 6.2.0 (#766)
- 72efc01 Bump docker/login-action from 3.4.0 to 3.7.0 (#765)
- 57e8c20 Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 (#768)
- bbaa90d Bump step-security/harden-runner from 2.13.1 to 2.15.0 (#764)
v2.27.0
v2.27.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
- Create GCE instances in multiple zones (GCP) by @christophetd
- Create a GCE GPU virtual machine instance (GCP) by @christophetd
- Steal and use GCE default service account token from outside Google Cloud (GCP) by @christophetd
- Enumerate Permissions of a GCP Service Account (GCP) by @christophetd
Codebase improvements:
- Added AGENTS.md
- Added create-attack-technique agent skill
- Added test-attack-technique
Contributors
christophetd
Assets 11
v2.26.0
v2.26.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
Contributors
xathrya and jbfeldman-dd
Assets 11
v2.25.0
v2.25.0
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
Changelog
New attack techniques:
Contributors
siigil
Assets 11
v2.24.1
v2.24.1
This tag was signed with the committer’s verified signature.
christophetd
Christophe Tafani-Dereeper
v2.24.0
0cad058
This commit was signed with the committer’s verified signature.
Minosity-VR
Simon Maréchal
Changelog
New attack techniques:
- cf06703 Azure ransomware via Storage Account Blob deletion (#725) by @jbfeldman-dd
- 1150fa3 Execute Commands on SageMaker Notebook Instance via Lifecycle Configuration
(#709) by @gdraperi
Chores:
- CI configuration updates
- Dependencies bumps
Contributors
gdraperi and jbfeldman-dd
Assets 11
v2.23.2
Changelog
Chores:
- d5d25ab (chores) Bump library versions
- 039a1c1 Brew formula update for stratus-red-team version v2.23.1 (#638)
- 83d6cdf Bump actions/setup-python from 5.3.0 to 5.4.0 (#641)
- d33e734 Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#639)
- f06d33f Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#665)
- d9178c3 Bump alpine from 3.21.2 to 3.21.3 (#645)
- 526166e Bump docker/build-push-action from 6.13.0 to 6.15.0 (#643)
- bf4ee08 Bump docker/login-action from 3.3.0 to 3.4.0 (#668)
- e577bba Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /v2 (#662)
- 959efe6 Bump github/codeql-action from 3.28.10 to 3.28.13 (#667)
- 60a57f1 Bump github/codeql-action from 3.28.8 to 3.28.10 (#640)
- 1888409 Bump golang from 1.23.5-alpine3.20 to 1.24.0-alpine3.20 (#644)
- 4c7a189 Bump golang from 1.24.0-alpine3.20 to 1.24.1-alpine3.20 (#670)
- 4af315f Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#666)
- efc931b Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#642)
- 508060e Update armcompute to v4 to remove indirect dependency on github.com/golang-jwt/jwt (#687)
Enhancements:
Documentation:
Contributors
tmendonca28
Assets 11
v2.23.1
v2.23.0
Changelog
Features:
- New Google Cloud attack technique: Retrieve a High Number of Secret Manager secrets by @rileydakota (#625)
Contributors
rileydakota