Version 1.18.0

Hello dear community! Time to celebrate ! The OpenBAS 1.18.0 is out ! Hope you will enjoy it! 🎉

✅ Vulnerability assessment

Do you want to know more about your vulnerabilities ? We are introducing CVE assessment of your assets through several features

• New finding type: CVE
• New taxonomy added for CVE
• Expectation on vulnerability

You can now scan potential vulnerabilities through our Nuclei injector and assess if your assets are exposed and on which CVEs.

Find the related documentation:

• https://docs.openbas.io/latest/usage/findings/
• https://docs.openbas.io/latest/administration/taxonomies/#cves-ee

Documentation for vulnerability expectation is in progress.

📚 Scenario library in the XTM Hub

You don’t know where to start ? We released a library of 10 ready-to-use Attack Scenarios you can import directly into your platform! These Scenarios are available into our XTM Hub! Access easily this library from the Scenario page in OpenBAS through the new “Import from Hub” button.

Find the available scenarios in the XTM Hub: https://hub.filigran.io/cybersecurity-solutions/open-bas-scenarios

🧶 AI for scenario assistant [EE]

Automatize even more the creation of your scenario with the help ArianeAI, our new AI assistant ! You can now upload a content such as a threat report that will be analyzed in back-end by Ariane in order to extract the relevant TTPs to cover your use case.

Find the related documentation: https://docs.openbas.io/latest/usage/scenario/#how-to-use-the-scenario-assistant

👍 Manual remediation for vulnerabilities and payloads

You don’t know how to fix your detection/prev? We are introducing the concept of remediation, you can add some to your CVE and payload manually and, spoiler, it’s the first step for more advanced remediation recommendation by AI. For the moment this will help us propose custom remediation to Filigran’s scenarios.

Find the related documentation:

• https://docs.openbas.io/latest/usage/atomic/#remediations-ee
• https://docs.openbas.io/latest/usage/findings/

♻️ End of Life categorization for assets

Get an overview of your assets’ health. In your asset page you can now flag assets that are in end of life, that way you will know which of your assets need to be replaced when some vulnerabilities are found.

Related documentation: In progress

📊 Analysis tab: Integration of custom dashboards in simulations

Read your simulation results through your own lense. You can now add a custom dashboard to your simulation and have your own custom view of the results !

Related documentation: In progress

📈 New custom dashboard widgets and new dimension

Additional widgets have been added to give you more freedom in your data visualizations:

• Horizontal bar
• Attack graph
• List

And the following dimension were added as well:

• Assets
• Vulnerable asset (Assets on which CVEs have been found)

📁 Manual payload import/export

Share the love, share the payloads ! You can now import and export your payloads and get more flexibility in your payload management.

Related documentation: In progress

🎯 Remote asset targeting

We improved our agentless injects such as nmap and CVE scans so you can now associate the findings to the targeted asset.

Related documentation: In progress

Enhancements:

• #3445 Update Teams enable state by default
• #3396 Add an "attack graph" widget
• #3330 Add reports tab into scenario/simulations
• #3171 Introduce remediation for technical inject
• #2885 Implement "list" widget

Bug Fixes:

• #3473 On pre-release, just displaying groups or players is throwing an internal error
• #3458 Not possible to add attachment to emails anymore in atomic testing
• #3454 Media pressure expectations cant be validated
• #3422 Caldera antivirus exclusion should not be displayed on OpenBAS agent and leads to confusion
• #3059 Convey "Ask AI" in text editors is an EE feature in the GUI

Pull Requests:

• [frontend] Update eslint monorepo to v9.28.0 (release/current) by @renovate[bot] in #3266
• [frontend] Update material-ui monorepo (release/current) by @renovate[bot] in #3265
• [frontend] Update dependency vitest to v3.2.1 (release/current) by @renovate[bot] in #3283
• [frontend] Update dependency react-hook-form to v7.57.0 (release/current) - autoclosed by @renovate[bot] in #3282
• [tool] Update docker.elastic.co/kibana/kibana Docker tag to v8.18.2 (release/current) by @renovate[bot] in #3235
• [tool] Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.18.2 (release/current) by @renovate[bot] in #3234
• [backend] fix empty group case by @MarineLeM in #3286
• [frontend] Update dependency ckeditor5 to v45.2.0 (release/current) by @renovate[bot] in #3287
• [backend] Update dependency com.diffplug.spotless:spotless-maven-plugin to v2.44.5 (release/current) by @renovate[bot] in #3289
• [backend] Update dependency com.opencsv:opencsv to v5.11.1 (release/current) by @renovate[bot] in #3290
• [frontend] Update dependency @stylistic/eslint-plugin to v4.4.1 (release/current) by @renovate[bot] in #3292
• [frontend] Update dependency @types/node to v22.15.29 (release/current) by @renovate[bot] in #3293
• [frontend] Update dependency @types/react to v19.1.6 (release/current) by @renovate[bot] in #3294
• [frontend] Update dependency @vitejs/plugin-react to v4.5.1 (release/current) by @renovate[bot] in #3295
• [frontend] Update dependency esbuild to v0.25.5 (release/current) by @renovate[bot] in #3296
• [frontend] Update dependency monocart-reporter to v2.9.20 (release/current) by @renovate[bot] in #3297
• [frontend] Update dependency react-router to v7.6.2 (release/current) by @renovate[bot] in #3298
• [frontend] Update dependency zod to v3.25.51 (release/current) by @renovate[bot] in #3299
• [frontend] Update Yarn to v4.9.2 (release/current) by @renovate[bot] in #3301
• [frontend] Update typescript-eslint monorepo to v8.33.1 (release/current) by @renovate[bot] in #3300
• [backend] Define a logic for saving structured outputs by @savacano28 in #3162
• [backend] Update dependency org.springframework.security:spring-security-crypto to v6.5.0 (release/current) by @renovate[bot] in #3204
• [frontend] Update dependency @types/react-dom to v19.1.6 (release/current) by @renovate[bot] in #3304
• [backend] Update dependency co.elastic.clients:elasticsearch-java to v8.18.2 (release/current) by @renovate[bot] in #3288
• [backend] Add logs to understand issue/2797 by @damgouj in #3306
• [backend/frontend] Allow test injects for no admin roles by @savacano28 in #3056
• [frontend] Total number of simulations and scenarios isn't updated wh… by @EmilieFo17 in #3302
• [DANGER] Update dependency swagger-typescript-api to v13.2.0 (swagger-typescript-api new version does not work on linux) (release/current) by @renovate[bot] in #3303
• [frontend] Update dependency remark-flexible-markers to v1.3.0 (release/current) by @renovate[bot] in #3314
• [backend] Update dependency io.opentelemetry:opentelemetry-bom to v1.51.0 (release/current) by @renovate[bot] in #3312
• [frontend] Update dependency @hookform/resolvers to v5.1.1 (release/current) by @renovate[bot] in #3324
• [frontend] Update typescript-eslint monorepo to v8.34.0 (release/current) - autoclosed by @renovate[bot] in #3325
• [backend] Update dependency io.opentelemetry.semconv:opentelemetry-semconv to v1.34.0 (release/current) by @renovate[bot] in #3339
• [backend] Update dependency io.hypersistence:hypersistence-utils-hibernate-63 to v3.10.0 (release/current) by @renovate[bot] in #3338
• [backend] Update dependency org.postgre...

Version 1.17.3

Enhancements:

• #3547 Add CTAS of XTM Hub

Full Changelog: 1.17.2...1.17.3

Version 1.17.2

Bug Fixes:

• #3444 Add security protocol to download the implant
• #3391 Java error when executing payload

Pull Requests:

• [backend] Injector contract: fill default value based on cardinality (#3391) by @RomuDeuxfois in #3436

Full Changelog: 1.17.1...1.17.2

Version 1.17.1

Bug Fixes:

• #3391 Java error when executing payload
• #3311 Findings from Nuclei injects don't save the associated agentless endpoint

Pull Requests:

• [backend] Switch to slf4j by @Dimfacion in #3193
• Bump brace-expansion from 1.1.11 to 1.1.12 in /openbas-front by @dependabot in #3345
• Bump org.postgresql:postgresql from 42.7.5 to 42.7.7 by @dependabot in #3342
• [backend] Injector contract: fill default value based on cardinality by @RomuDeuxfois in #3394

Full Changelog: 1.17.0...1.17.1

Version 1.17.0

Hello dear community! The OpenBAS 1.17.0 is out ! Hope you will enjoy it! 🎉

🚀 Nuclei injector

“With over 6500 templates contributed thus far, Nuclei is continuously updated with real-world exploits and cutting-edge attack vectors.”

Introducing our brand-new Nuclei injector ! Based on the open source project Nuclei, these injects let you scan potential vulnerabilities and returns found vulnerabilities in the shape of findings.

Related documentation: https://github.com/OpenBAS-Platform/injectors/tree/main/nuclei

🙏 Scenario assistant

You don’t know where to start in OpenBAS ? Your Assistant is here to help !

Choose your targets, the TTPs you’d like to cover and let your assistant generate a full technical scenario in only few clicks.

Related documentation: https://docs.openbas.io/latest/usage/scenario/?h=assis#scenario-assistant

💻 Agentless endpoint creation

We brought back the capability to create endpoints without registering an agent. These can be targeted by agentless endpoints such as nmap scans or Nuclei injects.

Related documentation: https://docs.openbas.io/latest/usage/assets/?h=agentles#agentless-endpoints

🪄 Findings lists clarification

To avoid duplicates and clarify our finding views, we are removing the old findings found in previous simulations in our aggregated views (scenario and findings page)

Related documentation: https://docs.openbas.io/latest/usage/findings/?h=findings

👍 Flattening targets in injects results

For performance and scaling reasons, we decided to flatten the list of targets, allowing you to manage and filters results on big numbers of targets.

This release also includes bugs fixes and UI improvements. Here is the complete list:

Enhancements:

• #3219 Improve assets selection in inject creation/update
• #3169 PoC: Inject Chaining
• #3076 Don't create a finding each time a scenario is run
• #2449 Scenario assistant - manual input
• #2286 Ability to create manually "agentless" endpoints

Bug Fixes:

• #3263 Bad label for "Delete filters"
• #3244 Error querying Openbas in generating Scenario from Octi - Testing
• #3213 Flicker in atomic testing on results by target execution tab
• #3181 Problem creation injects from openCTI
• #3161 Payload with CMD command is executed with escaped character
• #3147 Can't create a new atomic test with an asset group automatically created from Crowdstrike
• #3134 EE mark and alert message should not be displayed when EE is enabled
• #3119 I’m able to launch an inject on a non-existent endpoint, but no logs are generated for it.
• #3091 Clicking on "Update widget" should always land you on the parameters
• #2985 challenge preview is not working
• #2946 Desynchro between injects tab and animation tab when an inject is removed
• #2184 Can't launch a "exe path" from a payload when the executor is cmd

Pull Requests:

• [backend] Fix inject pending status when an agent is inactive by @damgouj in #3126
• [frontend / backend] endpoint targets paginated tab (#2663) by @antoinemzs in #3035
• [frontend] Fix crash on definition team by @RomuDeuxfois in #3130
• [dependencies] Upgrade swagger typescript api 13.1.3 by @antoinemzs in #3146
• [frontend] Update dependency @types/node to v22.15.17 (release/current) by @renovate in #3154
• [backend] Update dependency net.javacrumbs.json-unit:json-unit-assertj to v4.1.1 (release/current) by @renovate in #3153
• [backend] Update dependency io.pyroscope:agent to v2.1.2 (release/current) by @renovate in #3152
• [frontend] Update dependency react-router to v7.6.0 (release/current) by @renovate in #3151
• [backend] Separate URL for API and public link (#3087) by @savacano28 in #3149
• [backend] Update dependency io.swagger.core.v3:swagger-annotations-jakarta to v2.2.31 (release/current) by @renovate in #3163
• [frontend] Update dependency @xyflow/react to v12.6.1 (release/current) by @renovate in #3164
• [frontend] Update dependency esbuild to v0.25.4 (release/current) by @renovate in #3165
• [frontend] Update dependency html-react-parser to v5.2.5 (release/current) by @renovate in #3166
• Fix : Report is not displayed correclty by @MarineLeM in #3156
• Add CVE finding type by @RomuDeuxfois in #3158
• [frontend/backend] remove pagination flag lock by @antoinemzs in #3160
• Refacto Inject Form by @MarineLeM in #3143
• [frontend] Update dependency @faker-js/faker to v9.8.0 (release/current) by @renovate in #3177
• [frontend] Update dependency ckeditor5 to v45.1.0 (release/current) by @renovate in #3178
• [frontend] Select a default target on tab change, load by @antoinemzs in #3167
• [frontend] Interactive view don’t take all the available screens (#3064) by @EmilieFo17 in #3128
• [frontend] Fix filter in dashboards by @savacano28 in #3170
• [backend] Update dependency io.swagger.core.v3:swagger-annotations-jakarta to v2.2.32 (release/current) by @renovate in #3183
• [frontend] Update dependency @mui/x-date-pickers to v8.3.1 (release/current) by @renovate in #3184
• [frontend] Update dependency immutable to v5.1.2 (release/current) by @renovate in #3186
• [frontend] Update dependency @xyflow/react to v12.6.4 (release/current) by @renovate in #3185
• [frontend] Fix overflow in traces by @savacano28 in #3182
• [frontend] Update dependency @types/qs to v6.14.0 (release/current) by @renovate in #3198
• [frontend] Update dependency pdfmake to v0.2.20 (release/current) by @renovate in #3197
• [frontend] Update dependency monocart-coverage-reports to v2.12.6 (release/current) by @renovate in #3196
• [frontend] Update eslint monorepo to v9.27.0 (release/current) by @renovate in #3195
• [frontend] Update dependency @vitest/eslint-plugin to v1.2.0 (release/current) by @renovate in #3194
• [frontend/backend] "players" target paginated tab by @damgouj in #3188
• [frontend/backend] "agents" target paginated tab by @antoinemzs in #3176
• [frontend/backend] remove ALL TARGETS tab and related functionality (#2663) by @antoinemzs in #3192
• [frontend] reenable tags filter in injects list (#3032) by @antoinemzs in #3189
• [frontend] Update dependency monocart-reporter to v2.9.19 (release/current) by @renovate in #3207
• [frontend] Update dependency dompurify to v3.2.6 (release/current) by @renovate in #3206
• [frontend] Update dependency zod to v3.25.7 (release/current) by @renovate in #3205
• [backend] add openapi docs to new endpoints (#2663) by @antoinemzs in #3201
• [backend] Asset group dynamic filter not null by @damgouj in #3209
• [frontend] fix Inject Form by @MarineLeM in #3211
• [backend] Modify result label for expectations by @savacano28 in #3175
• [frontend] Update dependency vite to v6.3.5 (release/current) by @renovate in #3217
• [frontend] Update dependency r...

Version 1.16.4

Enhancements:

• #3157 Add CVE finding type

Full Changelog: 1.16.3...1.16.4

Version 1.16.3

No changelog for this release.

Full Changelog: 1.16.2...1.16.3

Version 1.16.2

Bug Fixes:

• #3203 Inject stays in pending when an agent is inactive
• #3202 Crash on definition team
• #3199 The team disappears when updating its players in the Scenario/Simulation Definition tab.

Full Changelog: 1.16.1...1.16.2

Version 1.16.1

Enhancements:

• #1964 Frontend Error Logging

Bug Fixes:

• #3136 Page "Simulation > Animation > Mails" is not available
• #3122 Inject remains in a pending state with only inactive agents.

Pull Requests:

• Bump vite from 6.3.3 to 6.3.4 in /openbas-front by @dependabot in #3117
• Page "Simulation > Animation > Mails" is not available by @RomuDeuxfois in #3137

Full Changelog: 1.16.0...1.16.1

Version 1.16.0

💡Hello dear community! We are thrilled to announce the release of OpenBAS 1.16.0! 🎉

🚨 Major Update – Custom Dashboard & Security Coverage Widget (CE)

We’re rolling out a major update with the introduction of custom dashboards, enabling full customization of your data visualizations using common widgets (pie charts, bar charts, line charts), as well as a new BAS-focused widget: Security Coverage. This widget offers a comprehensive view of your security posture, displaying coverage by TTP directly on a MITRE ATT&CK matrix. Additional widgets will be released in upcoming iterations.

⚠️ Important Notice: This feature requires the deployment of Elasticsearch. If Elasticsearch is not properly configured, OpenBAS may stop functioning. Please ensure your environment is prepared accordingly.

Documentation: https://docs.openbas.io/latest/usage/dashboards/custom-dashboards/custom-dashboards/?h=custom

📬Alerting Capacity (CE)

A brand-new alerting feature has been added! Now, users can receive email notifications when there’s a decrease in either prevention or detection during two consecutive simulations of a scenario.

Documentation: coming soon

🔒 Enterprise Edition Lock (EE)

Following in the footsteps of OpenCTI, we’re introducing an Enterprise Edition lock. This will protect access to the following EE features:

• CrowdStrike Executor

• Tanium Executor

• Ask AI

• Remove Logos

  Documentation: https://docs.openbas.io/latest/administration/enterprise/?h=ee#what-is-openbas-ee

⚙️ CrowdStrike Executor Improvement (EE)

The CrowdStrike Executor has been significantly improved to avoid being detected by its own processes. Additionally, API interactions have been optimized for better performance.

Documentation: https://docs.openbas.io/latest/deployment/ecosystem/executors/#upload-openbas-scripts

🕵️ Findings (CE)

A powerful new feature called Findings is now available! This tab will highlight security risks identified through OpenBAS, such as IP addresses, credentials, CVEs, and more. This helps you better understand the capabilities of a threat and track risks more easily.

Findings are based on Output Parsers which will run Regex to your execution details.

Documentation:

• https://docs.openbas.io/latest/usage/payloads/payloads/?h=findin#output-parsers
• https://docs.openbas.io/latest/usage/findings/?h=findings
• https://docs.openbas.io/latest/usage/atomic/?h=findin#findings

⚡ Performance Improvements (CE)

We’ve started a large-scale performance improvement initiative. This is just the beginning, and we’re committed to making the platform faster and more scalable.

🔧 Bug Fixes & Enhancements: 🛠️

As always, this release includes several important bug fixes and improvements to ensure the platform runs smoothly and efficiently.

This release also includes lots of bug fixes and UI improvements. Here is the complete list:

Enhancements:

• #2965 [backend] Introduce inject targets search endpoint
• #2884 Implement "vertical bar" widget
• #2883 Implement "Line" widget
• #2868 Download OpenBAS implant with correct architecture for CS agent
• #2838 Implementation of the EE lock
• #2833 Bring execution traces at asset/agent level
• #2808 Ability to be alerted on the differences between 2 simulation’s expecations results on my scheduled scenario
• #2793 Improve redux selector to avoid performances issues when we have a lot of events in the stream
• #2776 Have a MITRE matrix Coverage widget in our custom dashboard
• #2730 Ability to add Salt Typhoon scenario executable
• #2682 Implement elastic search in OBAS
• #2332 Implement custom dashboard (CRUD)

Bug Fixes:

• #3084 Improve IP/MAC list display in endpoint view
• #3000 Inject export TTP link to UUID and not TTP ID
• #2986 tags for challenges are misleading and useless
• #2982 The layout in the List of injects in simulation/scenario is not correct
• #2961 Error on chaining injects traces
• #2960 Error on export inject
• #2801 Inject still in pending state if implant is killed
• #2572 Inject form not correctly updated when selecting another inject type
• #2569 Ask AI icon is floating around in rich text editor
• #2531 Use standard "-" for the absence of target
• #2524 Kill chain phase should be "-", instead of Unknown, as part of our standards when fields are empty
• #1882 Can't stop an atomic testing in unusual status

Pull Requests:

• [frontend] add output in payload form - chunk # 4 by @MarineLeM in #2790
• [frontend] Update dependency tss-react to v4.9.16 (release/current) by @renovate in #2817
• [frontend] Update dependency react-router to v7.4.1 (release/current) by @renovate in #2816
• [frontend] Update dependency mdi-material-ui to v7.9.4 (release/current) by @renovate in #2815
• [frontend] Update dependency react-hook-form to v7.55.0 (release/current) by @renovate in #2811
• Bump vite from 6.2.3 to 6.2.4 in /openbas-front by @dependabot in #2834
• [frontend] Update Yarn to v4.8.1 (release/current) by @renovate in #2810
• [frontend] Update react monorepo to v19.1.0 (release/current) by @renovate in #2812
• [backend] Update dependency io.hypersistence:hypersistence-utils-hibernate-63 to v3.9.9 (release/current) by @renovate in #2813
• [backend] Ability to spawn an OpenBAS implant with Crowdstrike by @guillaumejparis in #2807
• [frontend] Update material-ui monorepo (release/current) by @renovate in #2814
• [backend] Improve Crowdstrike executor by @damgouj in #2760
• [backend] Add extraction findings - chunk #3 by @savacano28 in #2720
• [backend] Update dependency io.opentelemetry.semconv:opentelemetry-semconv to v1.32.0 (release/current) by @renovate in #2851
• [backend] Update dependency org.springframework.security:spring-security-crypto to v6.4.4 (release/current) - autoclosed by @renovate in #2852
• [frontend/bakend] display outputparser in payload info tab - chunk #5 by @MarineLeM in #2843
• [frontend]Add top space in injector contract form by @johanah29 in #2791
• [frontend] Fix layout endpoint list by @savacano28 in #2856
• [frontend] Add loader in paginated list by @johanah29 in #2809
• [frontend] adapt theme as opencti by @MarineLeM in #2857
• Missing exception propagation by @impolitepanda in #2859
• [frontend] add an alert on atomic testing page when request in error (#2818) by @guillaumejparis in #2835
• [frontend] create reusable component for findings list by @MarineLeM in #2858
• [frontend] Update dependency @vitest/eslint-plugin to v1.1.39 (release/current) by @renovate in #2866
• [frontend] Update dependency @types/node to v22.14.0 (release/current) by @renovate in #2862
• [frontend] Update dependency @testing-library/react to v16.3.0 (release/current) by @renovate in #2861
• [frontend] Update react monorepo (release/current) by @renovate in #2864
• [frontend] Update dependency vitest to v3.1.1 (release/current) by @renovate in #2863
• [frontend] Update typescript-eslint monorepo to v8.29.0 (release/current) by @renovate in #2865
• [frontend] Update material-ui monorepo to v7 (release/c...