Release v2.0.1

What's Changed

• Merge to master by @SpenGietz in #1
• Spencer merge by @SpenGietz in #2
• Changed policies around by @SpenGietz in #3
• Random ec2 password + policy name fix by @SpenGietz in #4
• many changes. Fully integrated Glue, changed lambda functions around,… by @SpenGietz in #5
• added codebuild and added status message for Glue by @SpenGietz in #6
• Remove glue by @SpenGietz in #7
• updated readme by @SpenGietz in #8
• Python3 support by @SpenGietz in #11
• fixed random string generation to support Mac by @SpenGietz in #12
• EC2 instance profile policy fix by @SpenGietz in #16
• Bob update by @SpenGietz in #17
• Fixed the glue development endpoint to include the CloudGoat SSH key … by @SpenGietz in #18
• Removed #cloud-boothook to execute UserData on instance start by @LukaszMrozowski in #21
• Update cheat_sheet.md by @mtulio in #33
• Feature/add docker by @jack-ganbold in #35
• Add a warning for AWS creds mount by @jack-ganbold in #36
• Add README badges and cute ☁️🐐 emoji by @jack-ganbold in #37
• Updating tags RE: Request #34 by @yogisec in #38
• Update ec2.tf in rce_web_app by @sebastian-mora in #60
• Update cheat_sheet_mcduck.md by @sebastian-mora in #59
• Update ec2.tf by @sebastian-mora in #56
• Update cheat_sheet_raynor.md by @AumSecResearch in #51
• Update cheat_sheet_kerrigan.md by @sebastian-mora in #45
• Added cgid in resources for ec2_ssrf by @hamstah in #44
• Use cgid in resource names for iam_privesc_by_rollback by @hamstah in #43
• Scenario/lambda_privesc by @sgn00 in #64
• Scenario Ecs_efs attack by @sebastian-mora in #77
• Bump pyyaml from 5.1.1 to 5.4 in /core/python by @dependabot in #82
• Typo fix in ecs_efs_attack cheatsheet command to list the privileges by @pankajmouriya in #81
• Fix missing scenario page. by @naikordian in #78
• Update README.md by @sn0x736e in #73
• Update cheat_sheet_chris.md by @sidejackthenativity in #76
• Docker improvements by @hamstah in #42
• Update author's name in lambda_privesc scenario by @sgn00 in #70
• Update cheat_sheet_kerrigan.md by @gchib297 in #67
• Support terraform v0.14+ by @RyanJarv in #84
• Fixed version check for terraform destroy command. by @j0eblow in #93
• Correction to Lara cheat sheet by @j0eblow in #95
• Fix for spelling and grammar issues in README.md by @j0eblow in #94
• New Scenario: ECS_Takover by @sebastian-mora in #91
• Help fixes + change create to always runs apply by @RyanJarv in #97
• Ensure resource names (S3 bucket, RDS, load balancer) do not contain invalid characters (closes #98, #100) by @christophetd in #102
• Use requests to get the IP instead of shell to curl by @hamstah in #41
• Fix CGID naming for codebuild_secrets by @RyanJarv in #106
• Reduce IAM permissions used in ec2_ssrf by @RyanJarv in #104
• Fix broken IAM policy in ec2_ssrf scenario by @christophetd in #112
• First version of the CI/CD scenario by @christophetd in #116
• Update README for CI/CD scenario by @christophetd in #117
• Bump undefsafe from 2.0.2 to 2.0.5 in /scenarios/rce_web_app/assets/rce_app by @dependabot in #118
• Scenario/lambda sql injection by @RyanJarv in #111
• Bump ajv from 6.10.0 to 6.12.6 in /scenarios/rce_web_app/assets/rce_app by @dependabot in #121
• Bump tar from 4.4.8 to 4.4.19 in /scenarios/rce_web_app/assets/rce_app by @dependabot in #120
• Make requirements.txt more visible by @RyanJarv in #109
• Update README.md by @BaronSam3di in #132
• Set scripts executable by @bashtoni in #129
• Scenario/detection evasion by @RyanJarv in #142
• CICD Scenario: Remove tf lock file and loosen dependencies by @RyanJarv in #135
• Fix missing step in ecs_efs_attack cheat sheet. by @HLOverflow in #127
• Updated the lambda python version in two scenarios by @sethsec-bf in #150
• Force config whitelist --auto to use IPv4 by @RyanJarv in #110
• Updated Lambda runtime by @barnesrobert in #159
• Update vulnerable_lambda manifest.yaml file by @n3ddih in #164
• detection_evasion: fixed filter pattern for instance profile usage by @andrew-kline in #143
• Update rds.tf by @Artemis357 in #155
• Added a new scenario vulnerable_cognito by @usamaazad in #166
• Bump decode-uri-component from 0.2.0 to 0.2.2 in /scenarios/rce_web_app/assets/rce_app by @dependabot in #161
• Bump json5 and rc-config-loader in /scenarios/rce_web_app/assets/rce_app by @dependabot in #162
• Add Tests via GitHub actions by @jdearmas in #178
• Update README.md by @usamaazad in #177
• Updated main README to add scenario description by @usamaazad in #176
• Fix Typo in README.md by @galoget in #194
• Update s3.tf by @j0eblow in #193
• Update ec2.tf by @j0eblow in #192
• Update cheat_sheet.md by @lazzslayer in #204
• Update Vulnerable Cognito by @andrew-aiken in #213
• Scenario | IAM Privesc by Key Rotation by @andrew-aiken in #221
• Fix Detection Evasion Scenario by @andrew-aiken in #218
• fixing typo by @gauravphoenix in #225
• Bugfix CodeBuild Secrets by @andrew-aiken in #217
• Fixing Issues with ECR Removal & SSM Connectivity by @andrew-aiken in #215
• Refactor | RCE Web App by @andrew-aiken in #216
• Fix Typo in README.md by @Hosim33 in #237
• Refactor/cloud breach s3 by @andrew-aiken in #214
• Enhancement | ECS EFS Attack Scenario by @andrew-aiken in #220
• ECS Takeover | x86_64 AMI by @andrew-aiken in #219
• Format vulnerable lambda by @andrew-aiken in #229
• Update example scenario by @andrew-aiken in #226
• Flagshop and rds snapshot add summary by @West-wise in #246
• Fix glue privesc by @jdearmas in #244
• Update index.html by @sathwikv143 in #257
• Refactor Lambda Privesc by @andrew-aiken in #256
• Updated codebuild-secrets RDS to 16.2 by @andrew-aiken in #258
• Update instance family on db instances by @andrew-aiken in #261
• Updated codebuild secrets iam permissions to allow tagging rds resource by @andrew-aiken in #259
• Recommend Python Virtual Environment & Update Modules by @andrew-aiken in #255
• Refactor IAM Privesc by Attachment by @andrew-aiken in #254
• Fix vulnerable lambda cheat sheet by @jdearmas in #243
• Add IP address whitelist to sqs_flag_shop scenario by @jdearmas in #265
• Add IP address whitelist to glue_privesc scenario by @jdearmas in #266
• 263 Feature Request: Scenario Template & Contribution Guide by @TeneBrae93 in #264
• Bugfix & Update EC2 SSRF Scenario by @andrew-aiken in #268
• Updated SNS Secrets Scenario by @andrew-aiken in #271
• Bugfix and refactor the glue privesc scenario by @andrew-aiken in #272
• New Scenario: SNS_Secrets by @TeneBrae93 in #262
• Update lambda.tf by @TeneBrae93 in #274
• fix SQS Flag Shop scenario by @jdearmas in #276
• Fix RDS Snapshot Scenario Database Whitelist by @jdearmas in #278
• Update SQS Flag Shop Terraform by @andrew-aiken in #277
• update ec2 ssrf cheat sheet by @mahaputrailhamawal in #279
• Correct iam_privesc_by_key_rotation Terraform Output Name by @andrew-aiken in #282
• Edit iam privesc by rollback cheat sheet by @mahaputrailhamawal in #281
• Refactor | IAM Privilege Escalation Scenarios by @andrew-aiken in #270
• resolves terraform version error by @Kevin-byt in #249
• Change text input into textarea by @jdearmas in #242
• Add scenarios/detection_evasion solution by @chebuya in #285
• As the command runs with lowercase by @za in #287
• Fixed some issues on guides to standardize with the rest of the project by @galoget in #196
• Update Template Scenario Formatting by @andrew-aiken in #290
• Bump google.golang.org/grpc from 1.38.0 to 1.53.0 in /scenarios/cicd/terraform/test by @dependabot in #203
• Secrets in the cloud by @j0eblow in #189
• Scenario/iam privesc by ec2 by @DaveYesland in #230
• Remove CICD Scenario by @andrew-aiken in #298
• Update Scenarios Page Grouping and UI Enhancements by @TeneBrae93 in #304
• Remove Contributor URLs by @TeneBrae93 in #305
• Update rds_snapshot by @jdearmas in #288
• Updated Dockerfile and requirements.txt by @galoget in #291
• Update Secrets in the Cloud Terraform by @andrew-aiken in #297
• restructured as a package (updated) by @nobodynate in #308
• Fixes broken links in readme for scenarios by @TeneBrae93 in #313
• Bump requests from 2.31.0 to 2.32.2 by @dependabot in #309
• Bump black from 19.3b0 to 24.3.0 by @dependabot in #310
• Update README.md by @nobodynate in #314
• added workflows for terraform validation by @nobodynate in #316
• Re-write the vulnerable_lambda walkthrough by @TeneBrae93 in #317
• Change vulnerable lambda difficulty by @TeneBrae93 in #318
• Lambda privesc walkthrough rewrite by @TeneBrae93 in #319
• run both pytest and unittests on update by @nobodynate in #321
• Updated & Optimized Dockerfile to support multiple architectures, red… by @galoget in #315
• Update cheat_sheet.md by @TeneBrae93 in #322
• Privesc by rollback walkthrough update by @TeneBrae93 in #323
• Fixes #324 by @DaveYesland in #326
• Release v2.0.0 by @github-actions in #328
• Release v2.0.0 by @github-actions in #329
• Release v2.0.0 by @github-actions in #330
• Release v2.0.1 by @github-actions in #331

New Contributors

• @SpenGietz made their first contribution in #1
• @LukaszMrozowski made their first contribution in #21
• @mtulio made their first contribution in #33
• @jack-ganbold made their first contribution in #35
• @yogisec made their first contribution in #38
• @sebastian-mora made their first contribution in #60
• @AumSecResearch made their first contribution in #51
• @hamstah made their first contribution in #44
• @sgn00 made their first contribution in #64
• @dependabot made their first contribution in #82
• @pankajmouriya made their first contribution in #81
• @naikordian made their first contribution in #78
• @sn0x736e made their first contribution in #73
• @sidejackthenativity made their first contribution in #76
• @gchib297 made their first contribution in #67
• @RyanJarv made their first contribution in #84
• @j0eblow made their first contribution in #93
• @christophetd made their first contribution in #102
• @BaronSam3di made their first contribution in #132
• @bashtoni made their first contribution in #129
• @HLOverflow made their first contribution in #127
• @sethsec-bf made their first contribution in #150
• @barnesrobert made their first contribution in #159
• @n3ddih made their first contribution in #164
• @andrew-kline made their first contribution in #143
• @Artemis357 made their first contribution in #155
• @usamaazad made their first contribution in #166
• @jdearmas made their first contribution in #178
• @galoget made their first contribution in #194
• @lazzslayer made their first contribution in #204
• @andrew-aiken made their first contribution in #213
• @gauravphoenix made their first contribution in #225
• @Hosim33 made their first contribution in #237
• @West-wise made their first contribution in #246
• @sathwikv143 made their first contribution in #257
• @TeneBrae93 made their first contribution in #264
• @mahaputrailhamawal made their first contribution in #279
• @Kevin-byt made their first contribution in #249
• @chebuya made their first contribution in #285
• @za made their first contribution in #287
• @DaveYesland made their first contribution in #230
• @nobodynate made their first contribution in #308
• @github-actions made their first contribution in #328

Full Changelog: https://github.com/RhinoSecurityLabs/cloudgoat/commits/v2.0.1