Releases v4.0.0
Compare
Sorry, something went wrong.
No results found
🚀 New Features
Added NTLM fallback when Kerberos fails.
Improved ADCS (ESC1, ESC3, ESC4) with LDAP fallback.
New attack path execution flow with step‑by‑step actions.
Added BloodHound CE attack path search.
Added user confirmation for domain and PDC.
Added optional workspace cleanup before scans.
Improved UX for authenticated/unauthenticated scans and domain discovery.
Improved UX/UI and logic for credentials gathered from spraying.
🔒 ADCS Improvements
Added ADCS ESC3.
Improved ADCS ESC4.
Added LDAP fallback for all ADCS escalations.
Fixed timeouts when requesting certificates (ESC1 and certificate pass).
🧠 BloodHound / Attack Paths
New execution flow based on mapped attack paths.
Added attack path search in BloodHound CE.
Fixed BloodHound CE failures when the password is not the default.
🌐 DNS and Resolution
Added fallback to host DNS when Unbound fails.
Added fallback to /etc/hosts when Unbound fails.
Added A‑record fallback when SRV record is missing during DC discovery.
Fixed dig output parsing.
Fixed bugs where Unbound was not updating.
Fixed removal of subdomains from /etc/hosts.
🛠️ Fixes
Fixed krb5.conf not updating when loading existing workspaces.
Fixed /etc/hosts creation when reloading workspaces in a new container.
Fixed RDP port open bug inside container.
Fixed clock sync bug during cross‑forest BloodHound collection.
Fixed LDAP anonymous false positive.
Improved password search in user descriptions.
Improved password spraying success saving and post‑processing.
Fixed ASREPROAST not executing when domain was already compromised.
🔄 Infrastructure Change
BloodHound CE default port changed from 8080 → 8443 .
You can’t perform that action at this time.
