v0.4.1

Bug Fix: False Negative On AKS Hunting (#420)

* removed false negative in AzureSpnHunter when /run is disabled

* changed to use direct imported class

* fixed multiple bugs in azure spn hunting, and improved efficency

* fixed bug in cloud identification. TODO: remove the outsourcing for cloud provider

* removed unused config variable

* fixed tests to use already parsed pods as the given previous event has changed

v0.4.0

Stable version

• Updated KB links to point to Aqua Vulnerability Database (new avd_reference link in json output)
• Bugfix: false positive on passive discovering an open /run debug handler
• More intuitive message when ProveSystemLogs cannot find evidence
• Added new KHV for exposed pods

v0.3.2

• Fixed a bug in certificate hunting
• Fixed critical bug in ARP spoofing hunting
• Fixed multiple bugs in Etcd hunting
• Fixed critical bugs in Kubelet hunting
• Refactored argument parsing
• Improvements on imports
• Added dynamic plugins support using pluggy project
• Added Two new Kubelet Hunters:
  • ProveAnonymousAuth
  • MaliciousIntentViaSecureKubeletPort
• Added multistage to Dockerfile and general improvements
• Increased Evidence field preview length in table logs
• Fixed bugs and improved AzureSpnHunter

v0.3.1

• Remove support of plugins
• Refactored dynamic imports into static ones
• Add timeout for network operations
• Improve logging
• Optimize cloud discovery
• Enforcing code linting
• Support ignoring addresses when scanning subnets

v0.3.0

#300 Fix Dockerfile build
Cache dependencies for docker build

v0.3.0-rc1

#281 Fix empty report
#283 Refactor configuration
#298 Add Makefile
#299 Correct KB link

Initial release

From now on we will be tagging releases!