2.1.8

What's Changed

Enhancements 📈

• Update indicators when DFIQ Approaches are created via the API by @tomchop in #1080

Full Changelog: 2.1.7...2.1.8

2.1.7

What's Changed

Enhancements 📈

• Add support for SSL JA3 signatures + feed by @sebdraven in #1068
• Feature: Ability to sort and filter graph traversal by @tomchop in #1067
• OIDC token auth by @tomchop in #1072
• DFIQ API endpoint to upload archives by @tomchop in #1076

Bug fixes 🐛

• Adjust internal bit for Approaches by @tomchop in #1079

New feeds

• Tweaks to the DFIQ feed by @tomchop in #1071
• Update otx_alienvault.py by @sebdraven in #1074
• fixe ssl3blacklist by @sebdraven in #1077

Other Changes

• Change the way links are created in forensicartifacts by @tomchop in #1069
• Bump requests from 2.31.0 to 2.32.0 by @dependabot in #1075

Full Changelog: 2.1.6...2.1.7

2.1.6

Other Changes

• Bump idna from 3.6 to 3.7 by @dependabot in #1063
• Remove usage of deprecated traverse() function by @tomchop in #1066

Full Changelog: 2.1.5...2.1.6

Yeti 2.1.5

What's Changed

Enhancements 📈

• API endpoints for DFIQ YAML validation by @tomchop in #1039
• Improve error handling in the API by @tomchop in #1044
• Improvement to LOLBAS feed by @tomchop in #1045
• Graph search can now select target vertices based on root_type (previously only leaf types) by @tomchop in #1065

Bug fixes 🐛

• Fix normalization in tags by @tomchop in #1052
• Add logout actions and session store (fixes #1041, fixes #1022) by @tomchop in #1059
• Fix OTX feed and tags for Mitre Attack by @sebdraven in #1058
• Export fixes by @tomchop in #1060
• Strongly type GraphResponse by @tomchop in #1062

New feeds

• Minor changes to LOLBAS indicators by @tomchop in #1038
• Fix regression in DFIQ feed by @tomchop in #1043
• LOLBas enhancements by @tomchop in #1047
• Change tor_exit_nodes feed to use the Tor Onionoo API + introduce tests by @itsmvd in #1029
• MISP SSL configuration updates by @shannaniggans in #1053
• Tweak feed actions by @tomchop in #1056
• Update lolbas.py by @shannaniggans in #1055
• Update OTX defaults in yeti.conf.sample by @sebdraven in #1057
• new feed TweetLive by @sebdraven in #1061

Other Changes

• Minor enhancements by @tomchop in #1048

New Contributors

• @shannaniggans made their first contribution in #1053

Full Changelog: 2.1.4...2.1.5

Yeti 2.1.4

What's Changed

Enhancements 📈

• Introduce ForensicArtifacts indicator type by @tomchop in #1010
• Introduce min / max hops to graph search by @tomchop in #1019
• Introduce search aliases (fixes #1001) by @tomchop in #1021
• Introduce tags to indicator objects by @tomchop in #1026
• Support registry keys in forensicartifacts by @tomchop in #1028
• Add API endpoints to swap links by @tomchop in #1031

Bug fixes 🐛

• Update pandas read_csv quoting values in multiple feeds by @0xRet in #1023
• Excluding Comment Lines from phishing_database Feed by @benmontour in #1027

New feeds

• Add Cisco Umbrella Top1M domains feed by @udgover in #1013
• Add Tranco top domains feed by @udgover in #1015
• Refactor the DFIQ import to import from local system as well by @tomchop in #1018

Other Changes

• Bump fastapi to 109 by @tomchop in #1011
• Push :dev labeled Docker images on each push to main by @tomchop in #1012
• Use arbitrary str instead of enum for querytype by @tomchop in #1016
• Bump python-multipart from 0.0.6 to 0.0.7 by @dependabot in #1017
• Minor optimizaitons by @tomchop in #1020
• Update dependencies by @tomchop in #1032
• Return tagged observables when bulk adding them by @tomchop in #1033

Full Changelog: 2.1.3...2.1.4

Yeti 2.1.3

Major changes

• DFIQ objects support
• Bunch of new analytics (Shodan, Censys) and feeds (Wiz Threat Landscape, mining pools)
• New import system from MISP JSON (still WIP)

What's Changed

Enhancements 📈

• Feat: Support DFIQ objects by @tomchop in #987
• Switch between config file and envvar precedence by @udgover in #978
• Feat: add patch endpoint to observables by @tomchop in #981
• Feat: Wallet improvements by @udgover in #982
• Support IBAN & BIC observables by @p-l- in #985

Bug fixes 🐛

• Fix: exports path by @udgover in #976
• Fix: Change endpoints to avoid redirect by @tomchop in #983
• Feat: Reintroduce Expire Tags analytics by @tomchop in #1000
• Bug fix in Shodan config + add a test for it by @itsmvd in #1004

New feeds

• Feat: Add support for running Censys queries via analytics by @itsmvd in #988
• Add Wiz Threat Landscape feed by @udgover in #996
• Add support for running Shodan queries via analytics by @itsmvd in #994
• Import Misp Json format by @sebdraven in #990
• Add feed which imports domains and ipv4 mining pools from mining pool… by @udgover in #995

Other Changes

• Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #977
• Update deps by @tomchop in #973
• Update yeti.conf.sample to include censys API config by @itsmvd in #993
• Add ruff + codebase pass by @tomchop in #998

New Contributors

• @itsmvd made their first contribution in #988

Full Changelog: 2.1.1...2.1.3

YETI API 2.1.2

What's Changed

Enhancements 📈

• Switch between config file and envvar precedence by @udgover in #978
• Feat: add patch endpoint to observables by @tomchop in #981
• Feat: Wallet improvements by @udgover in #982

Bug fixes 🐛

• Fix: exports path by @udgover in #976
• Fix: Change endpoints to avoid redirect by @tomchop in #983

Other Changes

• Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #977
• Update deps by @tomchop in #973

Full Changelog: 2.1.1...2.1.2

2.1.1

What's Changed

Bug fixes 🐛

• Fix: pydantic warning by replacing gte/lte with ge/le by @udgover in #972
• Fix: API key save when creating new user by @wajihyassine in #974

New Contributors

• @wajihyassine made their first contribution in #974

Full Changelog: 2.1.0...2.1.1

Yeti 2.1.0

What's Changed

Enhancements 📈

• Feat: Auditability (Closes #916) by @udgover in #960
• Feat: More structured response when calling bulk_add by @tomchop in #962

Bug fixes 🐛

• Fix: Add netloc to redirect after OIDC auth by @tomchop in #958
• Fix: issue when creating TagRelationship in filter method by @udgover in #966
• Fix: error when forcing type to "guess" by @tomchop in #971
• Fix: Adjust unicity indexes in Observables collection by @sebdraven in #970

feeds

• add reporter in context in context entry of Malware Bazaaar by @sebdraven in #959

Other Changes

• Compute field model by @udgover in #953
• Implement user account observable by @udgover in #957
• Disable logging when running tests by @udgover in #964
• Replace created field with timestamp by @udgover in #965
• Connect to yeti_test database when running tests by @udgover in #967

Full Changelog: 2.0.5...2.1.0

Yeti 2.0.5

What's Changed

Enhancements 📈

• Feat: Adds the ability to authenticate with a third-party OIDC provider by @tomchop in #925
• Feat: Extended observables API to accept extended attributes by @udgover in #949

Bug fixes 🐛

• Fix: calling save() doesn't overwrite all the object's contents (fixes #947) by @tomchop in #954

Full Changelog: 2.0.4...2.0.5