Skip to content

Releases: dotgibson/htpx

v2.4.0

Choose a tag to compare

@github-actions github-actions released this 16 Jul 14:13

Added

  • GCP parity — 2 new red↔blue pairs (+4 entries) and a recon entry (+1). Brings
    GCP up from a single pair to rough parity with the other big-three clouds.
    Persistence (T1098): IAM policy backdoor — setIamPolicy binding a rogue
    principal — detected on the SetIamPolicy ADD binding delta in Cloud Audit
    Logs. Defense Evasion (T1562.008): Cloud Audit log tamper — DeleteSink /
    auditConfigs strip — detected via the self-witnessing Admin Activity events
    (plus a Data Access gap monitor). Also adds an unpaired Discovery
    (T1580/T1526/T1069.003) gcp-enum-recon entry (projects / Asset Inventory /
    IAM blast-radius mapping), mirroring the unpaired on-prem smb-enum-nxc.

Changed

  • asrep-probing-4771 retargeted to the real AS-REP roast artifact. The
    detection now keys primarily on a successful 4768 with pre-authentication
    type 0 (the AS-REP etype is negotiated — often RC4 0x17, AES where RC4 is
    disabled — so the clause keys on the type-0 invariant, not the cipher) — the
    roastable AS-REP its red mate actually emits — and keeps
    the 4771 0x18 one-source-many-accounts burst as a secondary Kerbrute
    enumeration/spray tell. Previously it only saw the collateral 4771 probing, not
    the roast itself.

v2.3.0

Choose a tag to compare

@github-actions github-actions released this 10 Jul 15:39
b26df80

Added

  • Command & Control + Impact corpus (14 new red↔blue pairs, +28 entries). Fills
    the two tactics that had zero coverage. TA0011 Command & Control (8 pairs):
    HTTPS beacon sleep+jitter, DNS tunneling, domain fronting, mutual-TLS/JA3, ICMP
    tunneling, web-service C2 (Telegram/Slack/Gist), DGA rendezvous, and reverse
    tunnels (chisel/ligolo) — each attack paired with the network/host detection that
    survives its evasion (inter-arrival regularity, Sysmon-22 query shape, SNI/Host
    mismatch, JA3 fingerprints, NXDOMAIN entropy). TA0040 Impact (6 pairs):
    recovery inhibition (vssadmin/wbadmin/bcdedit), mass file encryption, pre-
    encryption service kills, cloud data destruction (CloudTrail delete burst),
    cryptojacking (Stratum), and account access removal (4724/4725/4726). Corpus-only
    (no flat-view markers); every new entry carries a valid, non-deprecated ATT&CK
    technique ID.

v2.2.0

Choose a tag to compare

@github-actions github-actions released this 09 Jul 23:54
79f19a3

Added

  • /corpus-review maintenance routine (.claude/commands/corpus-review.md +
    .github/workflows/claude-routines.yml). A weekly, report-first Claude routine that
    reviews the judgment layer ci.yml can't gate: ATT&CK-ID validity (against live
    MITRE), red↔blue semantic pairing fidelity, coverage holes, and detection
    quality. Files a deduplicated issue and changes nothing. Inert by default
    scaffolded but dormant until a CLAUDE_CODE_OAUTH_TOKEN repo secret is added. Runs
    Thu 08:00 UTC, off the rest of the fleet's routine crons.
  • /release-readiness + /release-notes routines (.claude/commands/ + two new
    dispatch-only jobs in claude-routines.yml). The htpx twin of Core's release
    routines: release-readiness reads the Conventional Commits + CHANGELOG since the
    last tag and files a go/no-go verdict with the recommended next SemVer;
    release-notes drafts the CHANGELOG entry from those commits. Both report-first and
    dispatch-only — run them at release time via Actions → claude-routines → Run
    workflow → routine
    . Same inert-by-default token gate.

Fixed

  • ATT&CK tactic corrections surfaced by the first /corpus-review run (T1195.002,
    T1047), both verified against live MITRE:
    • T1195.002 (Compromise Software Supply Chain) is an Initial Access technique,
      not Execution — retagged TA0002TA0001 (+ phase) in the npm/pypi
      malicious-publish pair (4 entries).
    • T1047 (WMI) is filed by MITRE only under Execution, not Lateral Movement —
      retagged TA0008TA0002 (+ phase) in the wmiexec pair (2 entries).
      Red↔blue tags stay in agreement; pairings unchanged, so ci.yml's pairing/slot/drift
      gates are unaffected.

Internal

  • Hardened the report-first routines' "change nothing" guarantee into a mechanical one
    (read-only --permission-mode default; read-only Bash allowlists; tightened git
    allowlist) and fixed a sync-fanout tag-resolve race that could throw a spurious red
    X on CHANGELOG-only merges. Renovate action-pin bumps.

v2.1.0

Choose a tag to compare

@github-actions github-actions released this 08 Jul 23:58
5a3a496

Added

  • renovate.json - configuration for Renovate app.

v2.0.0

Choose a tag to compare

@github-actions github-actions released this 06 Jul 23:37
efbe8f3

Changed

  • README second-pass polish. The dotgibson shield now tracks the
    dotfiles-core release version; dropped the showcase and LinkedIn shields for a
    one-line header (LinkedIn moved to Contact); the docs links now point at the
    documentation hub root (/docs); and About gained Languages (Markdown) +
    Tools (MITRE ATT&CK, fzf) subsections.
  • README rebuilt as a lean showcase landing page. Brought the README up to the
    dotgibson exemplar bar — a reference-style shields header, the org logo, a
    collapsible TOC, then a lean body (what htpx is and how it's vendored into
    dotfiles-Kali, Getting Started, a representative corpus slice, and the
    entry-first contribution workflow). The full 70+-row corpus table is trimmed to
    a representative sample that points at entries/ and the on-site red↔blue view.
    Added a .markdownlint.jsonc (mirrored from Core) scoping the showcase HTML via
    MD033 allowed_elements.

Added

  • Slack platform (3 companion-only red↔blue pairs) — the SaaS-collaboration seam, detected
    over the Slack (Enterprise Grid) audit logs (product: slack, field action):

    • slack-malicious-appslack-app-audit — install a broad-scope OAuth app for durable
      message/file access; detect app_installed (T1098).
    • slack-external-shareslack-external-share-audit — invite an attacker-controlled
      workspace into a channel via Slack Connect to exfil its history; detect
      shared_channel_invite_sent / _accepted (T1567).
    • slack-2fa-disableslack-2fa-audit — turn off enforced 2FA to weaken workspace auth;
      detect pref.two_factor_auth_changed with 2FA off (T1562.001).
  • PyPI registry platform (3 companion-only red↔blue pairs) — the Python mirror of the npm
    round, detected over the PyPI project journal (product: pypi, field action):

    • pypi-malicious-publishpypi-publish-audit — upload a trojanized release via a stolen
      API token (bypassing trusted publishing); detect new release not via a trusted publisher
      (T1195.002).
    • pypi-role-addpypi-role-audit — add a rogue Owner/Maintainer for durable publish
      rights; detect journal add Owner / add Maintainer (T1098).
    • pypi-trusted-publisherpypi-trusted-publisher-audit — register an attacker-controlled
      OIDC trusted publisher for a credential-less publish backdoor; detect an add-trusted publisher journal entry (T1098).
  • npm registry platform (3 companion-only red↔blue pairs) — the software supply-chain
    seam, detected over the npm account/org audit log (product: npm, field action):

    • npm-malicious-publishnpm-publish-audit — publish a trojanized package version via
      a compromised maintainer token; detect package.publish by an off-CI actor (T1195.002).
    • npm-owner-addnpm-owner-audit — add a rogue maintainer for durable publish rights;
      detect package.owner_add / team.user_add (T1098).
    • npm-2fa-disablenpm-2fa-audit — disable require-2FA-to-publish (npm access set mfa=none) so a stolen token ships quietly; detect package.edit mfa=none (T1562.001).
  • Cloudflare edge platform (3 companion-only red↔blue pairs) — detections over the
    Cloudflare account audit log (product: cloudflare, fields action.type/resource.type):

    • cf-api-tokencf-api-token-audit — mint a long-lived API token for durable
      control-plane access after account compromise; detect resource.type=api_token
      action.type=create (T1098).
    • cf-waf-disablecf-waf-disable-audit — delete/disable a WAF or firewall rule to
      expose the origin; detect firewall_rule/ruleset delete/update (T1562.001).
    • cf-worker-deploycf-worker-deploy-audit — deploy a malicious Worker to skim/proxy
      live edge traffic; detect resource.type=worker create/update (T1648).
  • Google Workspace platform (3 companion-only red↔blue pairs) — detections over the
    Google Workspace admin/token/user audit logs (product: google_workspace, field
    eventName):

    • gws-oauth-grantgws-oauth-audit — consent-phish a malicious OAuth app into
      Gmail/Drive scopes; detect token authorize (T1528).
    • gws-super-admingws-admin-audit — promote a controlled user to super admin;
      detect GRANT_DELEGATED_ADMIN_PRIVILEGES / ASSIGN_ROLE (T1098.003).
    • gws-mail-forwardgws-mail-forward-audit — external auto-forwarding for BEC
      exfil; detect email_forwarding_out_of_domain (T1114.003).
  • Snowflake data cloud platform (3 companion-only red↔blue pairs) — mirrors the
    2024 Snowflake credential-attack TTPs, detected via ACCOUNT_USAGE.QUERY_HISTORY
    (product: snowflake, query_type/query_text):

    • snowflake-exfil-stagesnowflake-exfil-auditCOPY INTO external stage bulk
      unload; detect QUERY_TYPE=UNLOAD (T1567.002).
    • snowflake-rogue-usersnowflake-user-audit — backdoor user + ACCOUNTADMIN grant;
      detect CREATE_USER / privileged GRANT (T1136.003).
    • snowflake-network-policysnowflake-network-policy-audit — open/drop the IP
      allowlist so stolen creds work anywhere; detect NETWORK POLICY changes (T1562.007).
  • Jenkins CI/CD platform (3 companion-only red↔blue pairs) — the self-hosted
    counterpart to the GitHub/GitLab SaaS rounds, detected via the Jenkins Audit Trail
    plugin log (product: jenkins, keyword/URI matches):

    • jenkins-script-consolejenkins-script-console-audit — Groovy Script Console
      RCE + in-memory credential dump; detect /script / /scriptText (T1059).
    • jenkins-api-tokenjenkins-api-token-audit — mint a user API token for durable
      non-interactive access; detect generateNewToken (T1098).
    • jenkins-job-backdoorjenkins-job-backdoor-audit — create/reconfigure a job to
      run attacker code on the controller + agents; detect /createItem / /job/<name>/configSubmit
      (T1072).
  • Terraform Cloud / IaC platform (3 companion-only red↔blue pairs) — detections
    are Terraform Cloud audit-trail SPL (product: terraform, nested resource.type /
    resource.action):

    • tfc-agent-hijacktfc-agent-audit — rogue agent pool routes plans/applies to
      attacker infra (captures cloud creds + state); detect agent_pool create (T1543).
    • tfc-token-backdoortfc-token-audit — mint an org/team API token for durable
      API + state access; detect authentication_token create (T1098).
    • tfc-var-injectiontfc-var-audit — inject a workspace env variable to run code
      / exfil at apply; detect variable create/update (T1072).
  • HashiCorp Vault platform (3 companion-only red↔blue pairs), opening the
    secrets-management seam — detections are Vault audit-device SPL (product: vault
    on the Sigma side):

    • vault-secret-exfilvault-secret-read-audit — bulk-read KV secrets to drain
      the credential store; detect read breadth over secret/ paths (T1555).
    • vault-approle-backdoorvault-approle-audit — create a rogue AppRole for
      durable machine auth; detect create/update on auth/approle/role/ (T1098).
    • vault-audit-disablevault-audit-device-audit — disable a Vault audit device
      to blind the SIEM; detect delete on a sys/audit/ path (T1562.001).
  • GitLab CI/CD platform (3 companion-only red↔blue pairs), mirroring the GitHub
    Actions round on GitLab audit-event telemetry (product: gitlab, field
    event_type):

    • gl-runner-hijackgl-runner-audit — attach an attacker-controlled runner to
      the project to capture CI jobs + masked variables; detect
      set_runner_associated_projects (T1543).
    • gl-protected-branch-offgl-protected-branch-audit — remove protected-branch
      rules to land unreviewed code; detect protected_branch_removed /
      protected_branch_created (T1562.001).
    • gl-token-backdoorgl-token-audit — mint a project access / deploy token for
      durable access; detect project_access_token_created /
      personal_access_token_created / deploy_token_created (T1098).
  • Harbor container registry platform (3 companion-only red↔blue pairs), opening
    the container-image / registry supply-chain seam — detections are Harbor
    registry audit-log SPL (product: harbor on the Sigma side):

    • harbor-image-backdoorharbor-image-push-audit — push a trojanized image
      over a trusted tag to poison downstream pulls; detect operation=push
      artifact (T1525, Implant Internal Image).
    • harbor-robot-backdoorharbor-robot-audit — mint a long-lived robot
      account for durable registry access; detect operation=create
      resource_type=robot (T1098).
    • harbor-artifact-deleteharbor-artifact-delete-audit — delete the trusted
      artifact to force a poisoned re-pull + erase evidence; detect operation=delete
      artifact/repository (T1070).
  • GitHub Actions CI/CD platform (3 companion-only red↔blue pairs), opening a
    new logsource the way the Okta round did — detections are GitHub Enterprise
    audit-log SPL (product: github on the Sigma side):

    • gh-self-hosted-runnergh-runner-audit — rogue self-hosted runner
      harvests job source + secrets; detect self_hosted_runner.created (T1543).
    • gh-branch-protection-offgh-branch-protection-audit — disable/override
      branch protection to land unreviewed code; detect protected_branch.destroy /
      protected_branch.policy_override (T1562.001).
    • gh-deploy-key-backdoorgh-cred-audit — writable deploy key / fine-grained
      PAT for durable access; detect repo.create_deploy_key /
      personal_access_token.access_granted (T1098).
  • Corpus is now 71 paired concepts + 1 unpaired recon entry.

v1.4.0

Choose a tag to compare

@github-actions github-actions released this 01 Jul 03:30
ce75aef

Fixed

  • sync-fanout.yml Sync step: call Kali's sync-companion.sh with NO argument.
    It was passed main as a positional, but that arg is the REMOTE (URL), not a
    branch so it tried to pull from a remote named main (fatal: 'main' does not appear to be a git repository). The script derives both the htpx remote
    and the branch (main) from companion.lock itself.
  • sync-fanout.yml auth: the Sync step now injects all git auth + the bot identity
    via step-scoped GIT_CONFIG_COUNT/KEY/VALUE instead of git config --global
    (no token written to ~/.gitconfig; consistent with the Resolve step).
    htpx is read with the built-in GITHUB_TOKEN via a more-specific,
    .git-anchored url.insteadOf (longest match wins, and the anchor avoids
    rewriting same-prefix repos like <owner>/htpx-tools), so the
    git subtree pull works without FLEET_SYNC_TOKEN ever needing htpx access;
    FLEET_SYNC_TOKEN stays scoped to the dotfiles-Kali clone/push/PR.

v1.3.0

Choose a tag to compare

@github-actions github-actions released this 30 Jun 16:46
664b8c4

Fixed

  • sync-fanout.yml Resolve step: the htpx clone / ls-remote reads are now
    authenticated with the built-in GITHUB_TOKEN (contents: read). They were
    unauthenticated, so on a private htpx the fan-out died at the first clone with
    could not read Username for 'https://github.com'. Auth is injected via
    GIT_CONFIG_COUNT/KEY/VALUE env (an url.insteadOf rewrite scoped to that
    step), so the token is never written to ~/.gitconfig and can't shadow the next
    step's actions/checkout; FLEET_SYNC_TOKEN stays reserved for the cross-repo
    writes to dotfiles-Kali.
  • Release + fan-out workflows hardened (PR review): auto-tag.sh now fails loud
    when --release is requested but gh is absent; auto-tag.yml cuts
    tags/releases only from the default branch; sync-fanout.yml resolves and
    verifies the tag exists before checkout (a bad dispatch input is a clean no-op),
    aborts the sync if gen-views.sh fails (no PR), and fails on ANY core.lock
    diff versus the base branch — not just the core_sha field.