Releases: RhinoSecurityLabs/pacu
Releases · RhinoSecurityLabs/pacu
Release v1.7.0
What's Changed
- fix: derive region from bucket in cfn__resource_injection (closes #484) by @nobodynate in #498
- fix: resolve --version returning unknown in Docker by @raajheshkannaa in #505
- fix: skip parse_document when policy fetch fails in iam__enum_permissions by @raajheshkannaa in #504
- fix: false positive success message in iam__privesc_scan by @raajheshkannaa in #506
- fix: secrets__enum infinite loop from broken pagination (closes #487) by @raajheshkannaa in #503
- chore: remove unused requirements.txt, configure dependabot for pyproject.toml by @nobodynate in #508
- Bump qrcode from 7.4.2 to 8.2 by @dependabot[bot] in #509
- Bump pytest from 6.2.5 to 8.4.2 by @dependabot[bot] in #510
- Bump sqlalchemy-utils from 0.37.9 to 0.41.2 by @dependabot[bot] in #514
- Bump flake8 from 3.9.2 to 7.3.0 by @dependabot[bot] in #511
- Bump sqlalchemy from 1.3.24 to 2.0.48 by @dependabot[bot] in #513
- Bump moto from 2.3.2 to 5.1.22 by @dependabot[bot] in #512
- chore: rewrite release workflows to match cloudgoat pattern by @nobodynate in #515
- chore: migrate dev-dependencies to poetry group syntax by @nobodynate in #516
- Release v1.7.0 by @github-actions[bot] in #517
New Contributors
- @nobodynate made their first contribution in #498
- @raajheshkannaa made their first contribution in #505
- @github-actions[bot] made their first contribution in #517
Full Changelog: v1.6.2...v1.7.0
Contributors
raajheshkannaa, dependabot, and nobodynate
Assets 2
v1.6.1
What's Changed
- alias use to run/exec by @h00die in #433
- UX: Add -h to run/exec to display help by @h00die in #434
- UX: history command by @h00die in #435
-
- Update iam__enum_permissions module by @TeneBrae93 in #438
- Adds a debug command to view error log by @DaveYesland in #439
- Fixed the apigateway__enum module by @TeneBrae93 in #437
- Update iam__bruteforce_permissions to check all AWS services by @TeneBrae93 in #442
- Improve tests by @EduardSchwarzkopf in #436
- Add directory services enumeration by @chebuya in #447
- Update secrets_enum to list found secrets by @h00die in #448
- Module to extract service account tokens of running pods in EKS by @guragainroshan0 in #443
- Fixes "cloudformation__download_data" module by @TeneBrae93 in #455
- fix ecs__enum crash on permission denied by @h00die in #451
- Fix SyntaxWarning: invalid escape sequence (Python 3.12) by @elboulangero in #450
- Add command to delete AWS keys by @luisfontes19 in #460
- Support for MFA in assume_role by @luisfontes19 in #461
- fix #444 by @DaveYesland in #463
- Fix directory creation error on dynamodb__enum by @TeneBrae93 in #470
- Update dsnap python by @DaveYesland in #473
- [WIP] - Fix ebs__download_snapshots region issue by @TeneBrae93 in #471
- Add elastic beanstalk module by @TeneBrae93 in #469
- Added pipx instructions. by @TeneBrae93 in #472
- Beanstalk Module Patch by @TeneBrae93 in #475
- Rename module from beanstalk__enum to elasticbeanstalk__enum by @TeneBrae93 in #476
- Update README.md by @chxsec in #478
New Contributors
- @chebuya made their first contribution in #447
- @guragainroshan0 made their first contribution in #443
- @elboulangero made their first contribution in #450
- @luisfontes19 made their first contribution in #460
- @chxsec made their first contribution in #478
Full Changelog: v1.6.0...v1.6.1
Contributors
h00die, elboulangero, and 7 other contributors
Assets 2
v1.6.0
This release requires a newly initialized DB for previous versions: rm ~/.local/share/pacu/sqlite.db
What's Changed
- Fix an error in ebs__download_snapshots by @TeneBrae93 in #418
- Validate target-instances for systemsmanager__rce_ec2 by @h00die in #419
- Add error handling to get_policy in systemsmanager__rce_ec2 by @h00die in #420
- Fix aws-cli install in Dockerfile, breaking workflows by @DaveYesland in #430
- Fix spelling of public by @h00die in #425
- Fix spelling of later by @h00die in #428
- fix iam__decode_accesskey_id category by @h00die in #429
- change enum__secrets to secrets__enum by @h00die in #427
- Fix module list generation for autocomplete by @h00die in #424
- New Feature: Quiet Flag by @h00die in #426
- Enhance iam__enum_permissions w/ unconfirmed and counts by @h00die in #421
- New Module: SNS topic subscription via email & SNS enum by @h00die in #422
- New module: mq__enum by @6a6f656c in #431
- Add options to privesc module and Fix #415 by @DaveYesland in #432
- Issue 412 username overwrite by @EduardSchwarzkopf in #413
New Contributors
- @TeneBrae93 made their first contribution in #418
- @h00die made their first contribution in #419
- @6a6f656c made their first contribution in #431
Full Changelog: v1.5.3...v1.6.0
Contributors
h00die, 6a6f656c, and 3 other contributors
Assets 2
v1.5.3
What's Changed
- Feature/update cognito attack by @EduardSchwarzkopf in #406
New Contributors
- @EduardSchwarzkopf made their first contribution in #406
Full Changelog: v1.5.2...v1.5.3
Contributors
EduardSchwarzkopf
Assets 2
v1.5.2
What's Changed
- Added ed25519 private key pattern on regexs.json for secret finder functionality by @za in #397
- Update regexs in secret finder and create tests for secretfinder by @DaveYesland in #399
- fix typo closes #398 by @DaveYesland in #402
- Add region error handling to cloudformation download data module by @jdearmas in #409
- eks__enum fix by @davidkutz-marks in #411
New Contributors
Full Changelog: v1.5.1...v1.5.2
Contributors
za, jdearmas, and 2 other contributors
Assets 2
v1.5.1
What's Changed
- Fix #392 by @DaveYesland in #393
- Enhancement module/add akid decoder and module by @DaveYesland in #391
- Improve credential handling by @DaveYesland in #394
Full Changelog: v1.5.0...v1.5.1
Contributors
DaveYesland
Assets 2
v1.5.0
What's Changed
- Clean up README by @DaveYesland in #382
- fix #329 key error issue with iam__privesc_scan by @DaveYesland in #386
- Fix #359 #215 update region updating/handeling and remove region filters by @DaveYesland in #379
- Remove old install method by @DaveYesland in #383
- Enhancement/remove version check add get version by @DaveYesland in #381
- Make pacu version expand in workflow for docker version by @DaveYesland in #387
- Fix #388 by @DaveYesland in #389
- Fix #309 and update some functionality by @DaveYesland in #390
Full Changelog: v1.4.2...v1.5.0
Contributors
DaveYesland
Assets 2
v1.4.2
What's Changed
- Add ebs__enum_snapshots_unauth Module for Unauthenticated EBS Snapshot Reconnaissance by @Y4nush in #370
New Contributors
Full Changelog: v1.4.1...v1.4.2
Contributors
Y4nush
Assets 2
v1.4.1
What's Changed
- Minor fix to identity pools by @davidkutz-marks in #374
Full Changelog: v1.4.0...v1.4.1
Contributors
davidkutz-marks
Assets 2
v1.4.0
What's Changed
- Cognito Modules by @davidkutz-marks in #371
New Contributors
- @davidkutz-marks made their first contribution in #371
Full Changelog: v1.3.1...v1.4.0
Contributors
davidkutz-marks