Skip to content

Releases: CrowdStrike/caracara

Version 0.2.1

04 Jan 17:28
@ChristopherHammond13 ChristopherHammond13
v0.2.1
2fc5afc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.2.1

Version 0.2.1

This version of Caracara bumps up dependencies, and ensures that all installations get at least version 1.2.9 of FalconPy which includes some important bug fixes for features used by Caracara.

Assets 2
Loading

Version 0.2.0

29 Nov 18:43
@ChristopherHammond13 ChristopherHammond13
v0.2.0
b581e0f
Compare
Choose a tag to compare
Version 0.2.0

This version of Caracara brings some important updates:

  • IOA support is now available in alpha, thanks to some awesome work by @swedgwood!
  • Dependencies have been bumped to get the latest fixes in FalconPy and Py7zr (including a fix for a CVE), as well as in other libraries.

Contributors

swedgwood
Assets 2
Loading

Version 0.1.6

16 Nov 23:37
@ChristopherHammond13 ChristopherHammond13
v0.1.6
945999c
Compare
Choose a tag to compare
Version 0.1.6

This release adds a couple of small filters that should have a real impact.

  1. We now support the cswindiag and put-and-run RTR commands
  2. You can now filter by host ConnectionStatus (Online or Offline), which avoids the need to use tricks like LastSeen GTE -30m to guess which systems are online
Assets 2
Loading

Version 0.1.5

23 Sep 12:14
@ChristopherHammond13 ChristopherHammond13
v0.1.5
fce2e0b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.1.5

This release adds basic support for MSSP CID introspection

Assets 2
Loading

Version 0.1.4

10 Aug 12:55
@ChristopherHammond13 ChristopherHammond13
v0.1.4
80e983b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.1.4

This releases integrates #39, which fixes a bug in the RTR automatic session renewal code and bumps up some of our dependencies.

Assets 2
Loading

Version 0.1.3

27 Jul 21:11
@ChristopherHammond13 ChristopherHammond13
v0.1.3
ab7cc85
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.1.3

This release upgrades some aspects of our deployment pipeline and divides up hosts.describe_devices into two sub-functions, callable by developers:

  • hosts.get_device_ids, which takes optional filters as a parameter and returns matching Device IDs in a tenant
  • hosts.get_device_data, which takes a list of Device IDs and returns the device data as a list of dictionaries
Assets 2
Loading

Version 0.1.2

27 Jul 03:51
@ChristopherHammond13 ChristopherHammond13
v0.1.2
eee1022
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 0.1.2

This release brings a slew of improvements to the hosts module, including grouping support, along with more than 100 commits of bug fixes. We recommend that all Caracara users migrate to this release.

Assets 2
Loading

Version 0.1.1

09 Jun 04:17
@jshcodes jshcodes
v0.1.1
7589540
Compare
Choose a tag to compare
Version 0.1.1

Caracara v0.1.1

This update resolves a results batching issue when the result set exceeded the DATA_BATCH_SIZE.

The Client object can now accept environment variable representations for the following arguments:

  • client_id
  • client_secret
  • cloud_name
  • user_agent
  • member_cid

Format: ${VARIABLE_NAME}

Two new examples are added, and the list_windows_devices.py example was updated.

Testing for releases via Poetry is also implemented.

  • Enhancement
  • Bug fixes
  • Documentation

Bandit analysis

[main]	INFO	running on Python 3.9.9
Run started:2022-06-08 03:57:19.208325

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 3606
	Total lines skipped (#nosec): 1

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):

Added features and functionality

  • Updated: Added total results returned to list Windows devices example.
    • examples/list_windows_devices.py
  • Added: New example, list all devices.
    • examples/list_all_devices.py
  • Added: New example, find devices.
    • examples/find_devices.py
  • Added: Environment variables are now allowed for initialization arguments to the Client constructor.
    • client.py
    #!/usr/bin/env python3
from caracara import Client

client = Client(client_id="${FALCON_CLIENT_ID_TALON1}", client_secret="${FALCON_CLIENT_SECRET_TALON1}")

for device_id, device_data in client.hosts.describe_devices().items():
    print(f"{device_id} {device_data['hostname']}")

Issues resolved

  • Bug fix: Fix within batch handler causing results to be dropped in large result sets. Closes #26.
    • common/batching.py

Other

  • Testing for new packaging deployment

Full Changelog: v0.1.0...v0.1.1

Assets 2
Loading

Version 0.1.0

07 Jun 03:34
@jshcodes jshcodes
v0.1.0
5443b0f
Compare
Choose a tag to compare
Version 0.1.0

Caracara v0.1.0

This update represents a brand new approach to Caracara, complete with new code, new examples and new usage. It should be considered a full replacement for previous versions, building on lessons learned from FalconPy and the original version of Caracara.

  • Enhancement
  • Major Feature update
  • Bug fixes
  • Breaking Change
  • Updated unit tests
  • Documentation

Bandit analysis

➜  caracara git:(ver_0.1.0) poetry run bandit -r $EXAMPLES --configfile $EXAMPLES/.bandit
poetry run bandit -r $ROOT --configfile .bandit
poetry run bandit -r $TESTS --configfile $TESTS/.bandit
[main]	INFO	Found project level .bandit file: examples/.bandit
[utils]	WARNING	Unable to parse config file examples/.bandit or missing [bandit] section
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: None
[main]	INFO	using config: examples/.bandit
[main]	INFO	running on Python 3.10.4
Run started:2022-05-12 18:33:27.275268

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 488
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: None
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: None
[main]	INFO	using config: .bandit
[main]	INFO	running on Python 3.10.4
[manager]	WARNING	Test in comment: The is not a test name or id, ignoring
[manager]	WARNING	Test in comment: password is not a test name or id, ignoring
[manager]	WARNING	Test in comment: infected is not a test name or id, ignoring
[manager]	WARNING	Test in comment: is is not a test name or id, ignoring
[manager]	WARNING	Test in comment: generic is not a test name or id, ignoring
[manager]	WARNING	Test in comment: and is not a test name or id, ignoring
[manager]	WARNING	Test in comment: always is not a test name or id, ignoring
[manager]	WARNING	Test in comment: the is not a test name or id, ignoring
[manager]	WARNING	Test in comment: same is not a test name or id, ignoring
Run started:2022-05-12 18:33:28.469316

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 3502
	Total lines skipped (#nosec): 1

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):
[main]	INFO	Found project level .bandit file: tests/.bandit
[utils]	WARNING	Unable to parse config file tests/.bandit or missing [bandit] section
[main]	INFO	profile include tests: None
[main]	INFO	profile exclude tests: B101
[main]	INFO	cli include tests: None
[main]	INFO	cli exclude tests: None
[main]	INFO	using config: tests/.bandit
[main]	INFO	running on Python 3.10.4
Run started:2022-05-12 18:33:29.322828

Test results:
	No issues identified.

Code scanned:
	Total lines of code: 123
	Total lines skipped (#nosec): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
	Total issues (by confidence):
		Undefined: 0
		Low: 0
		Medium: 0
		High: 0
Files skipped (0):

Added features and functionality

This is a complete re-write of Caracara. Please see the new README for usage information, and the examples folder for example usage.

Additional changes

New Contributors

Full Changelog: v0.0.31...v0.1.0

Contributors

ChristopherHammond13, dependabot, and jshcodes
Assets 2
Loading

Version 0.0.31

26 Nov 22:42
@jshcodes jshcodes
v0.0.31
687d566
Compare
Choose a tag to compare
Version 0.0.31

What's Changed

  • Bump crowdstrike-falconpy from 0.6.5 to 0.7.2 by @dependabot in #2
  • Bump crowdstrike-falconpy from 0.7.2 to 0.7.3 by @dependabot in #3
  • Bump crowdstrike-falconpy from 0.7.3 to 0.7.4 by @dependabot in #4
  • Bump crowdstrike-falconpy from 0.7.4 to 0.8.1 by @dependabot in #5
  • Bump crowdstrike-falconpy from 0.8.1 to 0.8.3 by @dependabot in #6

New Contributors

Full Changelog: v0.0.28...v0.0.31

Contributors

dependabot
Assets 2
Loading