Version 1.11.0

Hello dear community! The OpenBAS 1.11.0 is out ! Hope you will enjoy it! 🎉

🐦 CrowdStrike Executor
In the continuity of our integrations with CrowdStrike and what you can already do with Tanium Client, you can now connect your CrowdStrike Falcon agent with OpenBAS to perform your simulations or atomic testing. Check out the full configuration guide in our documentation.

🤖 Prerequisites for a Dual-Agent logic
Soon, you will be able to register multiple agents on a single endpoint. We’ve already begun working on the backend and the prerequisites for it, and the full feature will be available in the next release.
For now, in order to create a new asset, you will need to install an agent. You can find detailed instructions on the agent installation page and in our documentation.

🌀 Obfuscation Options
Our agents now support multiple obfuscation techniques (Base64, Clear) for your technical injects, helping you stay under the radar and avoid detection.

📔 Documentation
We’ve been actively enhancing our documentation to provide clearer, more comprehensive guidance for our users. You can have a look a the documentation for Microsoft Sentinel and Defender here

This release also includes lots of bugs fixes and UI improvements.

As always, your feedbacks are most welcome !

Enhancements:

• #2114 Front end UI part - agent installation logic
• #2067 adapt backend on new agent logic
• #1961 Ability to select all injects with a 'select all'
• #1604 Ability to choose an obfuscator for your technical inject to avoid detection
• #1494 [ Unit testing - assets scope ] - Asset groups creation/update
• #1492 [ Unit testing - assets scope ] - endpoints creation/update
• #1491 [ Unit testing - people scope ] - teams creation/update
• #1490 [ Unit testing - people scope ] - players creation/update
• #1366 CrowdStrike Endpoint Security Executor / native integration to execute implants

Bug Fixes:

• #2203 Deleting a type representation in a mapper delete the injector contract
• #2193 Error when I apply sort on column update at on injector/:id
• #2157 Simulations: unable to input text to box in create new feedback template dialog
• #2126 Infinite Request Loop on Home Page
• #2077 In Add users to group, only the first 10 can be viewed or selected
• #2038 Technical Improvement : inject form
• #2000 Technical payload with cmd and if statement does not work
• #1985 Remove Code Associated with dryInject Feature (Backend, Frontend, DB)
• #1963 "I forgot my password" returns internal error
• #1948 Payload from Atomic Red Team is not working
• #1941 Inject in pending state
• #1936 Breadcrumb in inject details is not consistent
• #1707 Adding asset groups in bulk to inject doesn't enable them in the UI
• #1672 Useless scenario filter in the overview of a scenario
• #1642 No longer able to update inject expectations

Pull Requests:

• [frontend] remove final-form from inject form by @MarineLeM in #2042
• Breadcrumb in inject details is not consistent by @RomuDeuxfois in #2131
• [frontend] Remove attack pattern store by @RomuDeuxfois in #2044
• [frontend] Change "Add teams..." dialog into "Modify teams..." and alter behaviour (#2112) by @RomuDeuxfois in #2127
• [backend/frontend] Adapt backend on new agent logic by @isselparra in #2133
• • Fixing the card layout used to display the inject result Issue/1642 by @heditar in #2132
• Add obfuscation chunk 2 by @MarineLeM in #2090
• [backend] handle multilines with cmd by @MarineLeM in #2002
• [backend] Implement CrowdStrike native executor (#1366) by @SamuelHassine in #2154
• [backend] adding TagRule apis/repo Issue/1998 by @heditar in #2122
• [Backend] Fix password reset for users who are not logged in by @savacano28 in #2141
• [frontend] fix Textfield component by @MarineLeM in #2158
• In Add users to group, only the first 10 can be viewed or selected by @RomuDeuxfois in #2130
• [backend] Upgrade Spring Boot Starter Parent from 3.3.5 to 3.3.7 by @RomuDeuxfois in #2134
• [frontend] Update dependency apexcharts to v4.3.0 by @renovate in #2010
• [frontend] Update dependency ckeditor5 to v44 by @renovate in #2011
• [Backend]Test asset groups creation/update (#1494) by @johanah29 in #2150
• [Backend]Test player creation/update by @johanah29 in #2139
• [Backend]Test endpoints creation/update (#1492) by @johanah29 in #2155
• [Backend]Test teams creation/update (#1491) by @johanah29 in #2149
• [backend] Add the default Assets logic to scenario creation and update by @heditar in #2161
• Improvment/remove store model by @RomuDeuxfois in #2160
• [tool] Update rabbitmq Docker tag to v4 by @renovate in #1567
• [backend/frontend] update endpoint list and add endpoint overview by @savacano28 in #2153
• [frontend] add getValues on InjectDefinition by @MarineLeM in #2171
• [backend] Adapt backend on new agent logic (part 2) by @damgouj in #2162
• [backend][frontend] Ability to select all injects with a 'select all' by @impolitepanda in #2163
• [backend] Refactored TagRule to use AssetGRoup instead of Assets Issue/1998 by @heditar in #2170
• [backend] fix threshold for agent inactivity (#2067) by @guillaumejparis in #2183
• [frontend] Remove useless scenario filter in the overview of a scenario by @savacano28 in #2185
• [frontend] Update material-ui monorepo by @renovate in #2182
• [frontend] Update dependency react-intl to v7.1.0 by @renovate in #2181
• [frontend] Update dependency eslint-import-resolver-oxc to v0.8.0 by @renovate in #2180
• [frontend] Update dependency @hookform/resolvers to v3.10.0 by @renovate in #2178
• [backend] Update apache-poi monorepo to v5.4.0 by @renovate in #2175
• [backend] Update dependency com.diffplug.spotless:spotless-maven-plugin to v2.44.1 by @renovate in #2176
• [backend] Fix Server-Side Request Forgery by @RomuDeuxfois in #2136
• [backend/frontend] Delete legacy dryinjects and dryruns (#1985) by @savacano28 in #2186
• [backend/frontend] Add update at param to injector contract and add queryable property by @savacano28 in #2192
• [frontend] use client time for last ping date in sse client (#2126) by @guillaumejparis in #2187
• [tool] update renovate config to take release branch into account by @guillaumejparis in #2189
• [backend] Enforce delete injector contract by @RomuDeuxfois in #2191
• [frontend] Fix missing fields in injectForm and improve ui by @savacano28 in #2196
• [frontend] fix create or update inject by @MarineLeM in #2199
• [backend] Fix on deleted injector contract by @Dimfacion in #2204
• [backend][frontend] Fixed an issue on injects where total number of injects was not correctly updated and bulk delete didn't refresh results by @impolitepanda in #2207
• [frontend] fixes bulk operations not refreshing the datatables correctly by @impolitepanda in #2216

Full Changelog: 1.10.2...1.11.0