Release Notes Summary Overview

• Resolved a uniqueness constraint issue with Tier Zero / High Value Target selectors.

No new release.

No new release.

New and Improved Features

• Explore tab now supports the ability to search for and highlight specific objects in the canvas.
• Edge context menus will now display properties associated with the edge.
• Administrators may now disable end-users' MFA tokens.
• Users may now manage their API keys.
• BloodHound will now utilize opportunistic GZip compression for data in transit.

Bug Fixes

• [BHE Only] Fixed an issue with the reconciliation of Azure roles.
• Deconflicted and fixed post-processing of AZOwns and AZOwner edges.
• Users may, once again, be reverted to username/password login once set to SAML.
• In specific circumstances, built-in groups (such as Account Operators) would not appear in search results. This has been fixed.
• Expanded Cypher memory protections to prevent over-aggressive traversals.
• Resolved an issue where HasSession edges were not always ingested correctly.
• Full error messages resulting from running queries will once again display properly.

No new release.

v2.1.0

New and Improved Features

• [BHE Only] AzureHound will now compress data in transit when uploading to BloodHound Enterprise.

Bug Fixes

• Fixed collection of multiple properties and resolved a socket exhaustion issue in collecting specific large environments.

Note: BHE-Only release

Bug Fixes

• [BHE Only] Resolved an issue in exposure calculation in Attack Paths. This resulted in inaccurately high exposures and severities displayed across Attack Paths in AD and Azure.
• [BHE Only] Command Execution on Tier Zero VM findings will now properly display information in the Attack Paths panel when present in an environment.

No new release.

No new release.

New and Improved Features

• Cypher now supports auto-complete and syntax highlighting
• Administrators can now disable user MFA tokens in case of device loss, etc
• Improved performance on specific Cypher queries

Bug Fixes

• Improved handling of timeouts
• [BHE Only] Resolved an issue with exposure calculation resulting in inaccurate risk measurement
• [CE Only] Arrows will now consistently appear in the Explore graph despite changing zoom levels

No new release.

v2.0.5

New and Improved Features

• Additional logging to aid in troubleshooting collection issues.

Bug Fixes

• Resolved several issues related to handling edge cases during collection.

New and Improved Features

• Open-ended Cypher search
• Edge context menus
• Pathfinding enhancements
• Offline collection ingest
• API Explorer improvements.

Bug Fixes

• Search no longer includes ADLocalGroup objects
• Clicking on objects of unknown types no longer crashes the UI
• Fixed "Try it out" in API Explorer.

No release this week.

No release this week.

New and Improved Features

• Performance improvements in Inbound/Outbound Object Control in entity panels.

Bug Fixes

• Improved accuracy in Inbound/Outbound controls
• GetChangesInFilteredSet will no longer appear in Pathfinding.
•  

v2.1.7

New and Improved Features

• SharpHound will utilize a 60-second timeout for data upload to API.

v2.0.4

New and Improved Features

• AzureHound will utilize a 60-second timeout for data upload to API.

New and Improved Features

• DumpSMSAPassword Attack Path primitive.
• Expanded password character support.

Bug Fixes

• Improved path-finding logic in specific scenarios.

v2.1.6

SharpHound v1 End of Life.

New and Improved Features

• DumpSMSAPassword support.
• LDAP queries are now split by type.
• Improved OU structure generation logic for reduced impact on LDAP servers and improved collection times.

Bug Fixes

• Enhanced exception handling logic to prevent service crashes.

v2.0.3

Bug Fixes

• AzureHound will now properly back off and retry when hitting session timeouts.

New and Improved Features

• Exact matches will appear first when searching on the Explore page.

Bug Fixes

• Fixed an issue with the "accepted" filter on the /api/v2/domains/{domain_id}/details endpoint.

v2.1.5

Bug Fixes

• Resolved an issue where the SharpHound service would crash in specific circumstances.

No release this week.

Massive Azure update

New and Improved Features

• Pathfinding logic and performance enhancements.
• Finished Jobs Log will include counts of successful domain collections.
• API Explorer search is no longer case sensitive.

Bug Fixes

• Objects should no longer have multiple AzAddSecret edges between them.
• Manually tagged Azure Tier Zero objects now consistently show findings in Attack Paths.
• Improved error handling in the GUI.

v2.1.4

New and Improved Features

• Run logs and compstats outputs will update live instead of waiting for the completion of a collection.

Bug Fixes

• Ingest data will only post once.
• DC settings changes will be picked up on every collection job.
• Improved logging outputs.

v2.0.1

New and Improved Features

• Add Collection of AZWebApp, AZContainerRegistry, AZManagedCluster, and AZVMScaleSet objects and associated Attack Path Primitives.

New and Improved Features

• Azure entity panels performance improvements.

Bug fixes

• Entity panels properly show all object information values and fixed several bugs, resulting in inaccurate data results.

No release this week.

No release this week.

Bug Fixes

• process hangs during analysis, jobs stuck on ingesting, and data. ingestion from specific versions of AzureHound.

v2.1.2

New and Improved Features

• LDAP auto-negotiation for External trust collection.
• Maximum concurrent LDAP query support.

Bug Fixes

• Corrected an issue with local group collections.

No release this week. 

New and Improved Features

• Massive performance improvements for AD Entity Panels and Explore node searches.

Bug Fixes

• AzureHound checkins.
• API response fixes.

v2.1.1

Bug Fixes

• WriteAccountRestrictions edge fix.
• Service now properly marks domains as collected.

v1.2.4

Bug Fixes

• Fixed a bug in retry logic during ingest upload.

New and Improved Features

• Improved cross-trust collection.
• Improved caching for entity panels.

Bug Fixes

• Entity panel timeouts.
• Attack Path exposures >100%.
• Ingest performance improvements.
• Azure Reset Password logic fixes.
• Improved edge filtering in pathfinding.
• ...and more!

v2.1.0

New and Improved Features

• Improved cross-trust collection and associated logging.

Bug Fixes

• Made an error message more clear.

No release this week.

Please check individual release notes to read earlier summaries.