0.23.07.04

What's Changed

• Bump requests from 2.28.2 to 2.31.0 in /src/python by @dependabot in #379
• Fixed bug where tasks wouldn't process if ID was included in the request by @nighttardis in #380

New Contributors

• @nighttardis made their first contribution in #380

Full Changelog: 0.23.05.17...0.23.07.04

0.23.05.22

What's Changed

• Update scan_manifest.py by @Derekt2 in #350
• python-magic needs a None value to use the default mime DB by @jertel in #349
• Add docker-compose-no-build.yaml for precompiled images by @phutelmyer in #351
• Dependencies Update & Buildkit by @Derekt2 in #353
• Remove mmbot by @phutelmyer in #354
• Bump redis from 4.5.3 to 4.5.4 in /src/python by @dependabot in #355
• Docker Compose Replicas by @malvidin in #365
• Adds keyword to js scanner to scan ECMA6 compliant js (#33) by @cameron-dunn-sublime in #363
• Adding ScanSave scanner by @keiche in #362
• Decode base64 in HTML href and div content by @cameron-dunn-sublime in #361
• Add import for GRPC gzip compression by @cameron-dunn-sublime in #360
• Allow GateKeeper to be optional in FrontEnd by @cameron-dunn-sublime in #364
• Single Go Mod by @cameron-dunn-sublime in #366
• Fix GO Dockerfile build error on some deployments by adding missing forward slash (/) to COPY command by @phutelmyer in #367
• Update Dockerfile reference for Strelka-UI in docker-compose files by @phutelmyer in #368
• Updating YARA to 4.3.0 by @phutelmyer in #369
• ScanUdf by @ryanohoro in #372
• Task Send & Receive Long Polling by @cameron-dunn-sublime in #359
• Implement Docker Image Publishing on New Tag Creation by @phutelmyer in #373
• Implement Docker Image Publishing on New Tag Creation by @phutelmyer in #374
• Updating Image References to DockerHub by @phutelmyer in #377
• Add multi-platform Go build script for Strelka executables by @phutelmyer in #378

New Contributors

• @malvidin made their first contribution in #365
• @keiche made their first contribution in #362

Full Changelog: 0.23.03.14...0.23.05.25

0.23.03.14

Highlights

• New Scanners: ScanSevenZip, ScanTlsh, ScanTranscode, ScanVsto, ScanOnenote.
• Adding Jaeger support for worker tracing.
• Baking in Strelka UI file submission.
• Significant bug fixes, error handling modifications, and flavor updates to many / most scanners.

What's Changed

• ScanIso Timezone Removal by @phutelmyer in #302
• Style Automation by @ryanohoro in #304
• Check Scanners At Startup, In Config Tests by @ryanohoro in #306
• Removing ScanBITS references by @phutelmyer in #308
• Updating ScanPDF Date Format by @phutelmyer in #309
• ScanOnenote Scanner by @phutelmyer in #298
• Go Code Comments by @ryanohoro in #312
• ScanOnenote Test Configuration Update by @phutelmyer in #311
• README Python Version References by @phutelmyer in #310
• Bump cryptography from 3.3.2 to 39.0.1 in /build/python/mmrpc by @dependabot in #315
• Bump cryptography from 3.4.7 to 39.0.1 in /build/python/backend by @dependabot in #316
• Bump cryptography from 3.4.7 to 39.0.1 in /src/python by @dependabot in #317
• ScanDocx Datetime Updates and OneNote File Emit Change by @phutelmyer in #314
• ScanXL4MA Bug Fix by @phutelmyer in #318
• Microsoft Publisher Support, TLSH Bug Fix, Exception Handling by @phutelmyer in #319
• Move test_distribute.py to tests_configuration by @ryanohoro in #320
• Scanner Exception Fixes by @phutelmyer in #321
• Add Fileshot UI by @ryanohoro in #323
• Add OpenTelemetry Tracing to Backend by @ryanohoro in #322
• ScanTranscode - Convert New/Uncommon Image Formats by @ryanohoro in #324
• Scanner Specific Exception Handling Updates by @phutelmyer in #325
• Remove debugging statement from strelka.py by @ryanohoro in #326
• Bump golang.org/x/net from 0.4.0 to 0.7.0 in /src/go/cmd/strelka-fileshot by @dependabot in #328
• Add UI doc to main README.md by @ryanohoro in #329
• Update Tests, Telemetry PR Bugs by @ryanohoro in #327
• Address Warnings, Remove Redundant Python setup/requirements by @ryanohoro in #330
• Address Issues with lstrip() in taste_yara, pcapng by @ryanohoro in #331
• Additional Scanner Exception Fixes by @phutelmyer in #332
• Use Strelka UI Docker Image in docker-compose.yml by @phutelmyer in #333
• Adding Passwords File to Additional Scanners by @phutelmyer in #334
• Update CAPA to Version 5 by @phutelmyer in #340
• Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 in /src/go/cmd/strelka-manager by @dependabot in #339
• Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 in /src/go/cmd/strelka-frontend by @dependabot in #338
• Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 in /src/go/cmd/strelka-filestream by @dependabot in #337
• Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 in /src/go/cmd/strelka-oneshot by @dependabot in #336
• Swap out the ScanIso mime flavor to improve support for .img files by @ryanohoro in #342
• Updating ScanPDF to store Xref objects in a list by @morriscode in #343
• ScanPE Rich Info Additions by @phutelmyer in #344
• Add VSTO Support (ScanVsto) by @phutelmyer in #346

New Contributors

• @morriscode made their first contribution in #343

Full Changelog: 0.23.01.07...0.23.03.14

0.23.01.07

Highlights

• New Scanners: ScanVhd, ScanDmg, ScanPcap, ScanTlsh, ScanCcn.
• Significant bug fixes, error handling modifications, and flavor updates to many / most scanners.
• Tests, tests, and more tests.
• Refactored backend / testing suite.
• Additional Fileshot functionality

What's Changed

• Add test for ScanIso by @ryanohoro in #239
• Docker pytest by @ryanohoro in #241
• Scan vhd by @ryanohoro in #243
• Test scan docx by @ryanohoro in #245
• Increasing strictness for LNK taste by @phutelmyer in #246
• Scan png eof upload to coordinator by @ryanohoro in #248
• New test coverage, misc bug fixes by @ryanohoro in #250
• Update PR workflow to docker build by @ryanohoro in #251
• ScanPDF: Modification of regex throwing warning by @phutelmyer in #252
• ScanQR: Modification of regex throwing warning by @phutelmyer in #253
• New test coverage, test coverage warnings, misc bug fixes by @ryanohoro in #255
• Add stdout, user-specified timeout to strelka-oneshot by @ryanohoro in #256
• Support for WinZip AES in ScanZip / ScanEncryptedZip by @ryanohoro in #260
• Improve ScanPngEof by @ryanohoro in #264
• Add Cmake to dockerfile for Lief by @aaronherman in #266
• Tests for ScanLibarchive and ScanUpx by @ryanohoro in #261
• Fileshot Additional Option and Gate Implementation by @phutelmyer in #257
• Added fixtures/test.xml and test_scan_xml.py by @RondoRondoRondo in #267
• ScanJpeg improvements, Fix for incorrect EOI marker by @ryanohoro in #271
• Add DMG Scanner by @ryanohoro in #269
• Adding zip_safe flag to setuptools prevent "module references file" warnings by @phutelmyer in #272
• Add Prototype Scanner For Credit Card Numbers by @ryanohoro in #273
• Fix Uncaught Exceptions in strelka.py by @ryanohoro in #276
• Add Additional ScanHeader/ScanFooter Data Encodings by @ryanohoro in #280
• Improve ScannerTimeout Reliability by @ryanohoro in #281
• Fix ScanCapa, Add Tests, Add Elf by @ryanohoro in #277
• Add PCAP/PCAPNG Scanner ScanPcap by @ryanohoro in #282
• Update Quickstart with Single File Analysis Demo by @ryanohoro in #285
• WEBP Support by @ryanohoro in #286
• Tests for ScanPgp, ScanPlist, ScanNf, Updates for ScanOle by @ryanohoro in #287
• Add 7z File Support by @ryanohoro in #289
• Tests For Mime/Yara Tastes and Scanner Assignments by @ryanohoro in #290
• Master Merge and Fixes for Taste Tests / ScanSevenZip by @ryanohoro in #291
• Clear files from cached scanners in distribute() by @ryanohoro in #293
• Refactor Backend Class for Readability, Testing, Coordinator-less Functionality by @ryanohoro in #295
• Add ScanTlsh Scanner by @phutelmyer in #296
• Python 3.9 is needed due to a recent commit by @jertel in #299
• ScanXl4ma Test, Bug Fix, and Formatting by @phutelmyer in #297
• Limiter for Javascript Output, Tests, Formatting by @phutelmyer in #301
• Adding ScanHtml Hyperlink Limiter and Tests by @phutelmyer in #300

New Contributors

• @ryanohoro made their first contribution in #239
• @aaronherman made their first contribution in #266
• @RondoRondoRondo made their first contribution in #267
• @jertel made their first contribution in #299

Full Changelog: 0.22.12.08...0.23.01.07

0.22.12.08

Highlights

• Scanner testing support
• IOC extraction support
• ScanIso file scanner to extract metadata from ISO files
• ScanXL4MA file scanner to extract IOCs from XL4 macros
• ScanZip support for password extraction / additional metadata collection

What's Changed

• Adding ScanISO Scanner by @phutelmyer in #225
• Adding IOC Extraction by @phutelmyer in #226
• Adding XL4MA Scanner by @phutelmyer in #227
• Adding BITS Scanner by @phutelmyer in #208
• Update scan_pdf.py by @phutelmyer in #228
• Bump lief from 0.12.1 to 0.12.2 in /build/python/backend by @dependabot in #229
• Adding in fix for iso extraction by @phutelmyer in #230
• PE File Certificate Fix by @phutelmyer in #233
• ISO Hidden File and Metadata Update by @phutelmyer in #232
• Adding Compression to ZIP Files by @phutelmyer in #231
• Update scan_pdf.py by @Derekt2 in #234
• Adds Scanner Test Coverage and CI/CD Step by @cawalch in #236
• ScanMsi by @phutelmyer in #237
• Update CHANGELOG and Documentation by @phutelmyer in #238

Full Changelog: 0.22.08.18...0.22.12.08

0.22.08.18

Highlights

• Added Steganalysis scanners
• Updated Email scanner
• Adding precompiled executables to releases moving forward.

What's Changed

• Updating / Reformatting ScanLNK by @phutelmyer in #204
• Steganalysis Scanners by @phutelmyer in #207
• Adding Steganographic Support by @phutelmyer in #206
• Replace interruptingcow with signal by @cawalch in #209
• Updating the link to Assemblyline by @gdesmar in #210
• Bump numpy from 1.21.0 to 1.22.0 in /build/python/backend by @dependabot in #212
• Updating email scanner by @phutelmyer in #214
• Update filestream with least privilege access control by @phutelmyer in #215
• Bump lxml from 4.6.5 to 4.9.1 in /build/python/backend by @dependabot in #216
• Specifying imports + Adding TLSH by @phutelmyer in #218
• Updating Ubuntu + Dependencies by @phutelmyer in #219
• Upgrading opencsv by @phutelmyer in #222
• Drops resolved known issue from README by @colindean in #223

New Contributors

• @gdesmar made their first contribution in #210
• @colindean made their first contribution in #223

Other Changes

Additional details can be found in the changelog between 202-04-26 and 2022-08-18.

Support

Questions, comments, suggestions, and problems can be submitted in the Issues section or in Target's CFC Slack Room

0.22.04.26

New Features

N/A

Improvements

• Fixed / updated ScanPdf with new functionality. May require current implementations to change parsing. (Ryan Borre)
• Removed [DEBUG] warnings from ScanQR.
• Updated ScanELF with bug fix.
• Removed error logging from ScanELF
• Updating build to include exiftool dependency. (@cameron-dunn-sublime)
• Pinned and updated all go build dockerfiles to 1.17.6
• Updated all go mod files to match go requirements.
• Updated numpy dependency.
• Updated readme with new client application build instructions.
• Fix bug with scan_javascript pertaining to regular expression identification. (@cawalch)
• Updating lxml from version 4.6.3 to 4.6.5.
• Updating CAPA from version 3.0.1 to 3.0.3.
• Updating exiftool from version 12.36 to 12.38.

Pull Requests

This release includes the following pull requests:

• #186 (Version and reference updates)
• #189 (grpcio arm compliation fix)
• #190 (lxml bump)
• #191 (Adjustments to python error logging)
• #192 (Javascript scanner bugfix)
• #194 (Pin version of JTR)
• #195 (Bump numpy)
• #196 (Updating all go files)
• #197 (Install Archive library for ExifTools)
• #200 (Adding ScanPDF Changes)
• #201 (Removing ScanQR Debug Logging)
• #202 (Adding fixes for scan elf / logging disable)

Other Changes

Additional details can be found in the changelog between 2021-12-27 and 2022-04-26.

Support

Questions, comments, suggestions, and problems can be submitted in the Issues section or in Target's CFC Slack Room

0.21.11.29

New Features

• Updated scan_encrypted_doc scanner with John the Ripper functionality (@Derekt2)
• Updated scan_encrypted_zip scanner with John the Ripper functionality (@Derekt2)

Improvements

• Updated YARA to 4.1.3
• Updated various backend dependencies
• Updated various go dependencies
• Modified exiftool repository reference to point towards Github to reduce likelihood of pull failure.
• Default YARA volume mount and placeholder test YARA rule to verify ScanYARA functionality. (@Derekt2)
• scan_pe refactor / additions (@swackhamer)

Pull Requests

This release includes the following pull requests:

• #171 (Dockerfile enhancements)
• #172 (Updating go sum files)
• #173 (ScanPE refactor)
• #174 (Updating YARA functionality)
• #175 (Exiftool update)
• #176 (Documentation fix (@ninoseki)
• #177 (Update requirements)
• #178 (Adding John the Ripper)
• #180 (Updating exiftool)
• #181 (K8 backend yaml (@cameron-dunn-sublime))
• #183 (Scanner type configurations in build (@cameron-dunn-sublime))
• #184 (K8 scan adjustments)
• #186 (Updated versioning and references)

Other Changes

Additional details can be found in the changelog between 2021-5-14 and 2021-11-29.

Support

Questions, comments, suggestions, and problems can be submitted in the Issues section or in Target's CFC Slack Room

0.21.2.26

New Features

• Added option to send files to a processed directory after scans in filestream
• Added python-client for file submission
• Added strelka-oneshot Dockerfile
• Added Github Actions daily builders

Improvements

• Updated go Dockerfiles with go module fixes.
• Pinned Python cryptography dependency due to Rust requirements on newer versions
• Updated filestream sample config

Pull Requests

This release includes the following pull requests:

• #149 (Add Python client)
• #150 (Pinning cryptography dependency)
• #153 (go Dockerfile refactor)
• #154 (processed directory implementation)
• #155 (Github Actions)
• #156 (strelka-oneshot Dockerfile)

Other Changes

Additional details can be found in the changelog between 2021-2-23 and 2021-2-26.

Support

Questions, comments, suggestions, and problems can be submitted in the Issues section or in Target's CFC Slack Room

0.21.1.13

New Features

• Added option to disable strelka-backend shutdown

Improvements

• Updated Ubuntu base images in strelka-backend and strelka-mmrpc
• Fixed vulnerability with lxml package.

Pull Requests

This release includes the following pull requests:

• #145 (Adding option to disable strelka-backend shutdown)
• #146 (Updating lxlm package)
• #148 (Updating Ubuntu base images)

Other Changes

Additional details can be found in the changelog between 2020-11-20 and 2021-1-13.

Support

Questions, comments, suggestions, and problems can be submitted in the Issues section or in Target's CFC Slack Room