Release Notes Summary Overview

  • Updated

This article contains an overview of all release note summaries. Check out individual release notes for details.

Release BloodHound SharpHound AzureHound
2024-02-14 Release Notes (v5.6.0)

New and Improved Features

  • General Availability of AD Certificate Services paths: GoldenCert, ESC1, ESC3, ESC6a, ESC9a, ESC10a (requires latest version of SharpHound)
  • New "Power User" role was added in BloodHound as a bridge between "User" and "Administrator"
  • Added filtering capabilities to the Group Management view
  • Significant expansion of data available in BloodHound audit logs
  • Improved accuracy in the "... where Domain Users can RDP" default cypher queries
  • [BHE Only] Analysis will now separate warnings from errors in completion, leading to more accurate completion of analysis in environments

Bug Fixes

  • Data Quality page fails to count Azure tenant objects in specific scenarios
  • Improved accuracy of the "count" responses from paginated API queries
  • Resolved a specific issue with SAML implementations resulting in inaccurate "NotAuthorized" responses
  • Resolved several role-privilege issues with BloodHound roles (The "User" role can no longer perform actions in the Manage Clients page, the "Upload Only" role can no longer view Experimental Features)
  • Moving from "Pathfinding" to "Search" on the "Explore" page will now properly disable pathfinding
  • Cursors will no longer jump to the end of the search fields on "Explore"
  • [BHE Only] TrustedBy edges should now reconcile appropriately

v2.3.5 - BHE, v2.3.2 - CE

New and Improved Features

  • Additional ADCS property collection

Bug Fixes

  • Resolved issues with hitting KERNELFAULT errors during collection
  • Improved handling and retries for LDAP ServerDown responses, preventing cross-trust collection

 

v2.1.7

New and Improved Features

  • Significant reduction in memory consumption when processing Azure group membership information

Bug Fixes

  • [BHE Only] AzureHound will now properly respect the verbosity setting set in config.json

 

2024-01-23 Release Notes (v5.5.0)

New and Improved Features

  • AD Certificate Services ESC3 Early Access support (Requires latest version of SharpHound)
  • Expanded memory limit for query execution (Including Cypher and Entity Panel queries)
  • Added Group Management tab for reviewing and modifying members of Tier Zero / High Value / Owned
  • Improved performance of AZResetPassword paths
  • The Azure role Partner Tier2 Support is now a default member of Tier Zero / High Value asset groups.
  • [CE Only] Added ability to mark objects as "Owned"

Bug Fixes

  • Container nodes will now properly display an Entity Panel when selected in Explore.
  • The "Affected Objects" section of GPO Entity Panels will no longer display "NaN" when no objects are affected.
  • [BHE Only] Attack Paths table and path view now use the same boundaries for severity highlighting.
  • [BHE Only] The AzureT0MgmtGroupControl finding will no longer appear, and historical records have been removed.
  • [CE Only] Resolved an issue impacting the use of multi-underscore environment variables when running an environment.

v2.3.3 - BHE, v2.3.1 - CE

New and Improved Features

  • Additional support for ADCS collection capabilities.

Bug Fixes

  • Updated logic for collection and reconciliation of ADCS objects.
  • Resolving a SID to a domain will now appropriately utilize cache entries (@uidzeroo).
  • [CE Only] GPO Local Group processing will no longer stop processing on a failed account name resolution (@nurfed1).
  • [CE Only] Updated use of LDAP credentials when collecting domain details to prevent invalid username/password issues (@nurfed1).

 

No new release.

2024-01-10 (v5.4.1)

Bug Fixes

  • Analysis will no longer fail when expected properties do not exist in AD CS objects.
  • Resolved a potential deadlock state for API access of backend databases.
  • Improved accuracy of post-processing of CanRDP edges. This notably impacted BUILTIN\Remote Desktop Users and Domain Controllers.

No new release.

No new release.

2024-01-04 Release Notes (v5.4.0)

New and Improved Features

  • Early access for ADCS Attack Paths!
  • Edge composition support
  • [CE Only] Modified default docker compose example to bind only to localhost for improved security defaults

v2.3.2 - BHE, v2.3.0 - CE

New and Improved Features

  • Support for ADCS collection capabilities

 

No new release.

2023-12-11 (v5.3.1)

Minor database performance improvements for specific scenarios.

No new release.

No new release.

2023-12-05 Release Notes (v5.3.0)

New and Improved Features

  • Added node action right-click menu with set start/end node and copy commands!
  • Improved performance on AZResetPassword edges.
  • Expanded memory available for queries.
  • Disabling MFA on a user will provide a more explicit warning.
  • Saved custom queries are now available in CE as well as BHE.
  • [BHE Only] Collection schedules may now be modified via the text and date/time pickers.

Bug Fixes

  • Container nodes will now show an entity panel.
  • Removed aggressive timeouts on File Ingest uploads.
  • Affected Objects counts on GPO object entity panels should properly report "0" when appropriate.
  • Saved queries created using the API will now properly associate with the creating user.
  • [BHE Only] Selecting a custom range on the Posture page will now highlight "Custom".
  • [CE Only] Resolved an issue with the ingestion of sessions in specific scenarios.
  • [CE Only] Resolved an issue with multi-underscore keys breaking config values.

v2.2.2 - BHE, v2.0.2 - CE

New and Improved Features

  • [CE Only] Added the ability to perform session enumeration as a local admin user (@LuemmelSec, @eversinc33)
  • [BHE Only] Expanded signing of files to aid in AV issues.

Bug Fixes

  • Resolved an issue with collecting and processing special characters.
  • Fixed a cache (de)serialization issue with checking versions.

 

v2.1.6

New and Improved Features

  • Audited and removed additional opportunities for context-lock contention in the future.

 

2023-11-06 Release (v5.2.0 - BHE Only)

New and Improved Features

  • Custom user-saved Cypher queries

Bug Fixes

  • Fixed several inaccurate pre-saved Cypher queries
  • Azure analysis runs will now properly display error messages when they fail
  • Fixed multiple API endpoints and their documentation

No new release.

v2.1.5

Bug Fixes

  • Resolved multiple additional dead-lock resource-exhaustion condition edge cases during collection.

 

2023-10-16 Release notes (v5.1.0)

New and Improved Features

  • Explore page now supports JSON export of currently displayed data.
  • Added additional friendly names to property values in object and edge context panels.
  • Cypher auto-complete will now suggest additional fields.
  • Improved the accuracy of the "Groups with foreign domain group membership" saved query.
  • [BHE Only] Environment Posture endpoint now supports tenant filtering.

Bug Fixes

  • The BloodHound logo should no longer randomly disappear from the top left of the screen.
  • Explore page will no longer crash when specific symbols are typed into the search bar.
  • [BHE Only] Attack Paths with all findings muted will no longer disappear from the Attack Paths list.
  • [CE Only] Environment variables are now correctly pulled to container environments.

v2.2.1 [BHE Only]

New and Improved Features

  • Added LDAPS support and associated configuration options (this was previously available in CE).
  • SharpHound has improved caching performance and will automatically invalidate local cache data on newer versions.
  • Significant collection performance improvements, notably during local group and session enumeration.
  • Added support for modern LAPS collection.
  • Added a configurable timeout setting for port scan timeouts.
  • Added a configurable option for thread concurrency.

Bug Fixes

  • Enterprise Domain Controller group membership will now reconcile properly.

v2.1.3

Bug Fixes

  • Resolved multiple dead-lock resource-exhaustion condition edge cases during collection.
2023-09-20 (v5.0.10)
  • Resolved a uniqueness constraint issue with Tier Zero / High Value Target selectors.

No new release.

No new release.

2023-09-19 Release Notes (v5.0.9)

New and Improved Features

  • Explore tab now supports the ability to search for and highlight specific objects in the canvas.
  • Edge context menus will now display properties associated with the edge.
  • Administrators may now disable end-users' MFA tokens.
  • Users may now manage their API keys.
  • BloodHound will now utilize opportunistic GZip compression for data in transit.
  • [BHE Only] Improved accuracy in exposure calculations.

Bug Fixes

  • [BHE Only] Fixed an issue with the reconciliation of Azure roles.
  • Deconflicted and fixed post-processing of AZOwns and AZOwner edges.
  • Users may, once again, be reverted to username/password login once set to SAML.
  • In specific circumstances, built-in groups (such as Account Operators) would not appear in search results. This has been fixed.
  • Expanded Cypher memory protections to prevent over-aggressive traversals.
  • Resolved an issue where HasSession edges were not always ingested correctly.
  • Full error messages resulting from running queries will once again display properly.

 

No new release.

v2.1.0

New and Improved Features

  • [BHE Only] AzureHound will now compress data in transit when uploading to BloodHound Enterprise.

Bug Fixes

  • Fixed collection of multiple properties and resolved a socket exhaustion issue in collecting specific large environments.
2023-08-31 Release Notes (v5.0.8)

Note: BHE-Only release

Bug Fixes

  • [BHE Only] Resolved an issue in exposure calculation in Attack Paths. This resulted in inaccurately high exposures and severities displayed across Attack Paths in AD and Azure.
  • [BHE Only] Command Execution on Tier Zero VM findings will now properly display information in the Attack Paths panel when present in an environment.

No new release.

No new release.

2023-08-30 Release Notes (v5.0.7)

New and Improved Features

  • Cypher now supports auto-complete and syntax highlighting
  • Administrators can now disable user MFA tokens in case of device loss, etc
  • Improved performance on specific Cypher queries

Bug Fixes

  • Improved handling of timeouts
  • [BHE Only] Resolved an issue with exposure calculation resulting in inaccurate risk measurement
  • [CE Only] Arrows will now consistently appear in the Explore graph despite changing zoom levels

No new release.

v2.0.5

New and Improved Features

  • Additional logging to aid in troubleshooting collection issues.

Bug Fixes

  • Resolved several issues related to handling edge cases during collection.
2023-08-08

New and Improved Features

  • Open-ended Cypher search
  • Edge context menus
  • Pathfinding enhancements
  • Offline collection ingest
  • API Explorer improvements.

Bug Fixes

  • Search no longer includes ADLocalGroup objects
  • Clicking on objects of unknown types no longer crashes the UI
  • Fixed "Try it out" in API Explorer.

No release this week.

No release this week.

2023-06-20

New and Improved Features

  • Performance improvements in Inbound/Outbound Object Control in entity panels.

Bug Fixes

  • Improved accuracy in Inbound/Outbound controls
  • GetChangesInFilteredSet will no longer appear in Pathfinding.
  •  

v2.1.7

New and Improved Features

  • SharpHound will utilize a 60-second timeout for data upload to API.

v2.0.4

New and Improved Features

  • AzureHound will utilize a 60-second timeout for data upload to API.
2023-05-16

New and Improved Features

  • DumpSMSAPassword Attack Path primitive.
  • Expanded password character support.

Bug Fixes

  • Improved path-finding logic in specific scenarios.

v2.1.6

SharpHound v1 End of Life.

New and Improved Features

  • DumpSMSAPassword support.
  • LDAP queries are now split by type.
  • Improved OU structure generation logic for reduced impact on LDAP servers and improved collection times.

Bug Fixes

  • Enhanced exception handling logic to prevent service crashes.

v2.0.3

Bug Fixes

  • AzureHound will now properly back off and retry when hitting session timeouts.
2023-04-25

New and Improved Features

  • Exact matches will appear first when searching on the Explore page.

Bug Fixes

  • Fixed an issue with the "accepted" filter on the /api/v2/domains/{domain_id}/details endpoint.

v2.1.5

Bug Fixes

  • Resolved an issue where the SharpHound service would crash in specific circumstances.

No release this week.

2023-04-13

Massive Azure update

New and Improved Features

  • Pathfinding logic and performance enhancements.
  • Finished Jobs Log will include counts of successful domain collections.
  • API Explorer search is no longer case sensitive.

Bug Fixes

  • Objects should no longer have multiple AzAddSecret edges between them.
  • Manually tagged Azure Tier Zero objects now consistently show findings in Attack Paths.
  • Improved error handling in the GUI.

v2.1.4

New and Improved Features

  • Run logs and compstats outputs will update live instead of waiting for the completion of a collection.

Bug Fixes

  • Ingest data will only post once.
  • DC settings changes will be picked up on every collection job.
  • Improved logging outputs.

v2.0.1

New and Improved Features

  • Add Collection of AZWebApp, AZContainerRegistry, AZManagedCluster, and AZVMScaleSet objects and associated Attack Path Primitives.
2023-03-27

New and Improved Features

  • Azure entity panels performance improvements.

Bug fixes

  • Entity panels properly show all object information values and fixed several bugs, resulting in inaccurate data results.

No release this week.

No release this week.

2023-03-06

Bug Fixes

  • process hangs during analysis, jobs stuck on ingesting, and data. ingestion from specific versions of AzureHound.

v2.1.2

New and Improved Features

  • LDAP auto-negotiation for External trust collection.
  • Maximum concurrent LDAP query support.

Bug Fixes

  • Corrected an issue with local group collections.

No release this week. 

2023-02-21

New and Improved Features

  • Massive performance improvements for AD Entity Panels and Explore node searches.

Bug Fixes

  • AzureHound checkins.
  • API response fixes.

v2.1.1

Bug Fixes

  • WriteAccountRestrictions edge fix.
  • Service now properly marks domains as collected.

v1.2.4

Bug Fixes

  • Fixed a bug in retry logic during ingest upload.
2023-02-07

New and Improved Features

  • Improved cross-trust collection.
  • Improved caching for entity panels.

Bug Fixes

  • Entity panel timeouts.
  • Attack Path exposures >100%.
  • Ingest performance improvements.
  • Azure Reset Password logic fixes.
  • Improved edge filtering in pathfinding.
  • ...and more!

v2.1.0

New and Improved Features

  • Improved cross-trust collection and associated logging.

Bug Fixes

  • Made an error message more clear.

No release this week.

Please check individual release notes to read earlier summaries.