v2.8.1

Changelog

Bug fixes:

• 2c89c34 [AWS] Catch the appropriate error in aws.execution.ec2-launch-unusual-instances (closes #387) (#390)

Enhancements:

• 7e125a0 Add link to GCP emulation post
• a7f75e9 Add note on logs generated by console logins (#382)
• 9e71abd Add reference to an attack creating IAM access keys (#384)
• 2ba3ec6 Remove unintentional debug output (#388)
• e9da1c0 Update link to blog post

Chores:

• 01ff63b Bump actions/checkout from 3.5.2 to 3.5.3 (#377)
• 99616fd Bump alpine from 3.18.0 to 3.18.2 (#381)
• d27b459 Bump docker/login-action from 2.1.0 to 2.2.0 (#376)
• 9f27a64 Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (#379)
• c53781b Bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#380)
• 5fd0045 Bump step-security/harden-runner from 2.4.0 to 2.4.1 (#378)

CI fixes:

• f43826a goreleaser: use --clean instead of now unsupported --rm-dist flag
• 3b12231 goreleaser: use name_template instead of the now-deprecated 'replacements'

v2.8.0

Changelog

New GCP attack technique: Backdoor a GCP Service Account through its IAM Policy

v2.7.0

Changelog

New attack technique for GCP: Invite an External User to a GCP Project

v2.6.0

Changelog

New features:

• 2354e0d New GCP attack technique: Exfiltrating a GCP Compute Disk (#370) https://stratus-red-team.cloud/attack-techniques/GCP/gcp.exfiltration.share-compute-disk/

Chores:

• d42bb84 Whitelist sum.golang.org:443 in the release CI pipeline

v2.5.7

Changelog

Bug fixes:

• Fixed a bug where Stratus Red Team would not use the EC2 instance role when run from an EC2 instance (#367, thank you @mrugank-canva for the contribution!)
• Fix now unsupported NodeJS Lambda runtime version in aws.persistence.lambda-backdoor-function (#359)

Chores:

• e52490c Brew formula update for stratus-red-team version v2.5.6
• 05a39d9 Bump actions/setup-go from 4.0.0 to 4.0.1 (#361)
• bbf173f Bump actions/setup-python from 4.6.0 to 4.6.1 (#363)
• 185d095 Bump alpine from 3.17.3 to 3.18.0 (#365)
• 18ecdc0 Bump github/codeql-action from 2.3.2 to 2.3.5 (#362)
• b128534 Bump golang from 1.20.3-alpine3.16 to 1.20.4-alpine3.16 (#366)
• 7c641d2 Bump step-security/harden-runner from 2.3.1 to 2.4.0 (#364)

v2.5.6

Changelog

Bug fixes and improvements:

• a6351e3 Implement retry mechanism when creating and assuming an IAM role (#358), solves #353

v2.5.5

Changelog

Bug fixes:

• c70d758 Avoid setting bucket ACLs which now cause errors since AWS started blocking ACLs by default on new buckets in April 2023 (#355, closes #354)

v2.5.4

Changelog

Enhancements:

• 28461cc Homebrew: Automatically install shell completions for bash/zsh/fish (#352) by @craSH

Chores:

• a44b693 Bump actions/checkout from 3.5.0 to 3.5.2 (#349)
• a34b979 Bump actions/setup-go from 3.5.0 to 4.0.0 (#347)
• 6bd2d62 Bump actions/setup-python from 4.5.0 to 4.6.0 (#351)
• 8b2ed13 Bump github/codeql-action from 2.2.9 to 2.3.2 (#348)
• 6b50f17 Bump golang from 1.20.2-alpine3.16 to 1.20.3-alpine3.16 (#346)
• 9b7e1ab Bump step-security/harden-runner from 2.2.1 to 2.3.1 (#350)

v2.5.3

What's Changed

Bug fixes:

• Pin the version of the terraform-aws-vpc module used to avoid unresolvable constraints (closes #173) by @christophetd in #342

Improvements:

• Add comparison to AWS Cloud Saga by @christophetd in #345

Chores:

• Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #339
• Bump github/codeql-action from 2.2.5 to 2.2.9 by @dependabot in #338
• Bump actions/checkout from 3.3.0 to 3.5.0 by @dependabot in #337
• Bump goreleaser/goreleaser-action from 3.1.0 to 4.2.0 by @dependabot in #336
• Bump step-security/harden-runner from 2.2.0 to 2.2.1 by @dependabot in #335
• Bump alpine from 3.17.2 to 3.17.3 by @dependabot in #334
• Bump golang from 1.20.1-alpine3.16 to 1.20.2-alpine3.16 by @dependabot in #333

Full Changelog: v2.5.2...v2.5.3

v2.5.2

Changelog

Bug fixes:

• c6e1f68 Fix max duration parameter of RolesAnywhere attack technique (closes #331) (#332)

Docs:

• 370a454 Add references to aws.persistence.iam-create-admin-user
• c098e26 Add references to aws.persistence.iam-create-user-login-profile

Chores:

• fad1e4a Brew formula update for stratus-red-team version v2.5.1
• bb3b3e3 Bump actions/checkout from 3.2.0 to 3.3.0 (#328)
• ca0ad37 Bump actions/upload-artifact from 3.1.0 to 3.1.2 (#329)
• c513cfe Bump alpine from 3.17.1 to 3.17.2 (#325)
• d1fd5a3 Bump dominikh/staticcheck-action from 1.2.0 to 1.3.0 (#326)
• d4ac89a Bump github/codeql-action from 2.2.1 to 2.2.5 (#330)
• 590516a Bump golang from 1.19.5-alpine3.16 to 1.20.1-alpine3.16 (#324)
• eb63922 Bump golang.org/x/net in /v2 (#320)
• efc8da3 Bump golang.org/x/text from 0.3.7 to 0.3.8 in /v2 (#316)
• 48f0fe5 Bump step-security/harden-runner from 2.1.0 to 2.2.0 (#327)