Releases: facebookincubator/ForgeArmory
Releases · facebookincubator/ForgeArmory
v1.1.0
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v1.1.0 - 2025-12-23
Full Changelog: v1.0.1...v1.1.0
What's Changed
- Import Converted Atomic Red Team Definitions (#145) (isaac-fletcher)
- Repository organization overhaul (#146) (isaac-fletcher)
- Update TTP metadata (#147) (isaac-fletcher)
- Update authorship for ForgeArmory TTPs (#144) (isaac-fletcher)
- Windows Atomic Tests to TTP #6 (#141) (jazzyle)
- Windows Atomic Tests to TTP#3 (#140) (jazzyle)
- Impact and persistence TTPs (#129) (gerbsec)
- Update Windows Atomic Tests to TTP #2 (#139) (jazzyle)
- Windows Atomic Tests to TTP #7 Update (#138) (jazzyle)
- Windows Atomic Tests to TTP #10 (#136) (jazzyle)
- Windows Atomic Tests to TTP #9 (#137) (jazzyle)
- Windows Atomic Tests to TTP #8 (#135) (jazzyle)
- Windows Atomic Tests to TTP #7 (#131) (jazzyle)
- Windows Atomic Tests to TTP #2 (#132) (jazzyle)
- Windows Atomic Tests to TTP #5 (#133) (jazzyle)
- Windows Atomic Tests to TTP #4 (#134) (jazzyle)
- Windows Atomic Tests to TTP #1 (#130) (jazzyle)
- Software Installed on MacOS (#128) (jazzyle)
- Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence (#127) (l50)
- Added new TTP to extract Kubernetes secrets from compromised clusters (#126) (l50)
- Added Linux Smart Enumeration to Linux Privesc TTPs (#125) (d0n601)
- Fix failing open source requirements. (#124) (d0n601)
- Backdoor lambda function TTP (#123) (w51d)
- Create lambda function (#122) (w51d)
- Create new IAM User (#121) (w51d)
- Create role, Access Role (#120) (w51d)
- transfer data to cloud account (#119) (w51d)
- Exfil from EC2 to Internet (#118) (w51d)
- Create cloud instance TTP (#117) (w51d)
- Increase TTP robustness (#116) (l50)
- Bug fix; nit (#115) (l50)
- Added TTP Module for extract-cookies-from-chromium-browser (#114) (jimmy-ly00)
- Added README and TTP for creating unrestricted security group in AWS (#113) (l50)
- Added T1136.001 Create Local Account and T1053.006 Systemd Timers (#112) (jimmy-ly00)
- Validate UUIDs in YAML (#111) (d0n601)
- Refactored new helpers; added new k8s TTPs; improved docs (#110) (l50)
- Add API Version and UUID to all TTPs in Armory (#109) (d0n601)
- Added Kubernetes TTP helpers; fixed bugs in docs (#108) (l50)
- Enhancements to IAM Enumeration and S3 Bucket Enumeration TTPs (#107) (l50)
- Added new functionality to suid-binary-escalation TTP; misc doc updates (l50)
- Update
backdoor-ssh-authorized-keysTTP with MITRE ATT&CK mapping and other QoL YAML enhancements (l50) - Cleanup old content (#104) (l50)
- Update CODEOWNERS (d3sch41n)
- 17 commodity Linux TTPs (#101) (tbarabosch@meta.com)
- Add requirements section to subset of macOS TTPs (#98) (d3sch41n)
- Modified one of the publicly commmitted macOS TTPs (sshkeygen-load-dylib.yaml), which was generating a ttpforge error due to a non zero exit code. (#99) (cedowens)
- Revamp Github CI/CD and Cleanup Outdated Contents (#100) (d3sch41n)
- Fix edit_step backup working directory handling (#97) (d3sch41n)
- Removing colon from subtechnique descriptor in 4 macOS TTPs, which effectively breaks the TTP. (cedowens)
- Token documentation diff to test ShipIt (#95) (d3sch41n)
- Re-sync with internal repository (#93) (facebook-github-bot)
- fbshipit-source-id: b6c4efc3ab9d18c04d290eec87e074d4a3b1fb2a (d3sch41n)
- Update detections to use us-east-1 specifically (#91) (l50)
- Refactor and rename TTP for IAM user-group addition (#90) (l50)
- fix(deps): update module github.com/spf13/afero to v1.10.0 (#87) (TTPForge-bot)
- Example updates (#82) (l50)
- New TTP: extract-instance-profile-credentials (#86) (l50)
- Enforce TTP Uniformity (#85) (l50)
- fix(deps): update module github.com/go-playground/validator/v10 to v10.15.4 (#83) (TTPForge-bot)
- Add new FetchURI step to the schema (#81) (l50)
New Contributors
- @facebook-github-bot made their first contribution in #93
- @tbarabosch made their first contribution in #101
- @d0n601 made their first contribution in #109
- @jimmy-ly00 made their first contribution in #114
- @w51d made their first contribution in #117
- @jazzyle made their first contribution in #128
- @gerbsec made their first contribution in #129
- @isaac-fletcher made their first contribution in #144
Contributors
facebook-github-bot, d0n601, and 6 other contributors
Assets 2
v1.0.1
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
v1.0.1 - 2023-09-12
Other
- Add all PT members to CODEOWNERS #78 (l50)
- Schema adherence validator #77 (l50)
- fix(deps): update module github.com/l50/goutils/v2 to v2.1.0 #75 (TTPForge-bot)
- chore(deps): update dependency golang to v1.21.1 #72 (TTPForge-bot)
- Spellcheck update #71 (l50)
- chore(deps): update actions/checkout action to v3.6.0 #67 (TTPForge-bot)
- chore(deps): update renovatebot/github-action action to v39.0.5 #66 (TTPForge-bot)
- chore(deps): update pre-commit hook pre-commit/mirrors-prettier to v3.0.3 #65 (TTPForge-bot)
- chore(deps): update dependency python to v3.11.5 #64 (TTPForge-bot)
- chore(deps): update returntocorp/semgrep-action digest to 0bdb313 #63 (TTPForge-bot)
- chore(deps): update actions/checkout digest to f43a0e5 #62 (TTPForge-bot)
- Enhance Pre-Commit Hooks and Improved Error Handling #61 (l50)
- Refinement and Documentation of macOS TTPs #60 (l50)
- Added Tactic TA0043 Reconnaissance with procedure T1595.001 Active Scanning: Scan IP Blocks #52 (sw8y)
- Implemented a pre-commit hook to promote naming consistency across YAML #51 (l50)
- Added TTP TA0007 Discovery: T1087.001 Local Account #50 (sw8y)
- add ssh-keygen load dylib ttp #46 (VVX7)
- Add ttp dev doc #44 (VVX7)
- Move get-running-processes out of macOS specific directory #36 (l50)
- Minor bug fix #35 (l50)
- add macOS Disable System Updates TTP #34 (VVX7)
- add get process ttp #32 (VVX7)
- Github Action + PR Template Fixes #27 (l50)
- Update Armory TTPs for Compability with Release Version of Forge #26 (d3sch41n)
- Committing common macOS TTPs for ttpforge #24 (cedowens)
- chore(deps): update dependency golang to v1.21.0 #21 (l50)
v1.0.0 - 2023-08-09
What's Changed
- Update Armory TTPs for Compability with Release Version of Forge by @d3sch41n in #26
- Github Action + PR Template Fixes by @l50 in #27
- Committing common macOS TTPs for ttpforge by @cedowens in #24
- add get process ttp by @VVX7 in #32
- Minor bug fix by @l50 in #35
- add macOS Disable System Updates TTP by @VVX7 in #34
- Move get-running-processes out of macOS specific directory by @l50 in #36
- add ssh-keygen load dylib ttp by @VVX7 in #46
- Add ttp dev doc by @VVX7 in #44
- Added TTP TA0007 Discovery: T1087.001 Local Account by @sw8y in #50
- Implemented a pre-commit hook to promote naming consistency across YAML by @l50 in #51
- chore(deps): update actions/checkout action to v3.6.0 by @TTPForge-bot in #67
- chore(deps): update actions/checkout digest to f43a0e5 by @TTPForge-bot in #62
- chore(deps): update returntocorp/semgrep-action digest to 0bdb313 by @TTPForge-bot in #63
- chore(deps): update dependency python to v3.11.5 by @TTPForge-bot in #64
- chore(deps): update pre-commit hook pre-commit/mirrors-prettier to v3.0.3 by @TTPForge-bot in #65
- chore(deps): update renovatebot/github-action action to v39.0.5 by @TTPForge-bot in #66
- Spellcheck update by @l50 in #71
- Added Tactic TA0043 Reconnaissance with procedure T1595.001 Active Scanning: Scan IP Blocks by @sw8y in #52
- chore(deps): update dependency golang to v1.21.1 by @TTPForge-bot in #72
- fix(deps): update module github.com/l50/goutils/v2 to v2.1.0 by @TTPForge-bot in #75
- Add all PT members to CODEOWNERS by @l50 in #78
- Enhance Pre-Commit Hooks and Improved Error Handling by @l50 in #61
- Schema adherence validator by @l50 in #77
- Refinement and Documentation of macOS TTPs by @l50 in #60
New Contributors
- @cedowens made their first contribution in #24
- @VVX7 made their first contribution in #32
- @sw8y made their first contribution in #50
- @TTPForge-bot made their first contribution in #67
Full Changelog: v1.0.0...v1.0.1
Contributors
l50, sw8y, and 4 other contributors
Assets 2
v1.0.0
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.