v1.2.1: Cool Things and Stuff Update

Cirrus:

• Added the "hw" query for sessions to search by HardwareID.
• Added an 'on_error' argument to 'start_events' to handle exemptions during event processing.
  • Defaults to printing errors.

CloudSeed:

• Added a progress report status that reports the amount done / amount left.
• Added unicode mangeling.
• Updated the rules for the mangle engine.
• Fixed a bug where name matching was not done case-insensitive.

Doppler

• Added an error break when the websocket connection dies.
• Updated sizing of headers when displaying Bolt info.
• Fixed the "prune" function to display Bolt names if set.

JetStream:

• Updated the "strip" function to handle some additional use cases.
• Updated the sigining code to use the "faketime" command if supplied.
• Added support for Squirrel
• Fixed timestamp insertion for DLLs
• Removed 'GetConsoleWindow' and 'ShowWindow' from templates. (prevents an unnecessary import/link)

All:

• Updated to link to XMT v0.5.7

v1.2.0: The "finally I can name these stupid things" Release!

Renaming Bolts is now possible!

• New names can be used in place of the Bolt ID anywhere.
• The names and IDs can be used interchangeably.
• Sorting and autofill and will use the new names.
• Naming syncs with each connected Doppler client.
• Bolt names will NOT be reflected in the actions logfile (for consistency).
  Formatting Fixes
• Wider column widths to account for bolt names.
• "ps" command display now auto expands to fit the largest entry.
  • Added as XrMT can read process arguments
• Python spacing fixes
• Fixed bad spacing in file lists with small/invalid perm numbers
  Added support for native command timeouts
• The new "-t/--timeout" argument is present in most "run" type commands.
  New Commands
• "main/bolts" - rename: Rename a bolt (empty name resets the name)
• "main/bolt/" - rename|name: Rename the connected bolt (empty name resets the name)
  Better Glob support
• Globbing names/IP/os values are now possible in the Bolt menus
• Globbing IDs will also glob names.
• Supports most "glob" formats (*/?)
  JetStream/CloudSeed
• Fixed support for using env vars or (~) in the binary paths.
  Updated to the latest XMT version.

Full Changelog: v1.1.2...v1.2.0

v1.1.2: Bug Fixes and Reformatting

• Pulled XMT to v0.5.1-b1
• Fixed a bug where PublicKeys were not loaded
• Code reformatting

v1.1.1: XMT Bump and Documentation Updates!

• Fixed "log" build tag not working correctly on *nix
• Added support for the "erase_header" evasion type.
• Updated JetStream build tag parser to work correctly.
• Updated Cirrus to XMT v0.5.1
• Documentation Updates

v1.1.0: XMT v0.5.0 and Major Fixes!

Updated ThunderStom to use XMT v0.5.0!
Updated Documentation.

Bolts:

• Added a logfile output for Bolts for testing.
  • Use the "log" build tag.

Cirrus:

• Added "keys.Public" and "keys.Private" to the Cirrus server config files.
  • Allows for loading/saving the new Server KeyPair data.
  • Automatically generates key materials if none are present.
• New "/server" API endpoint
  • Returns the Server PublicKey string and PublicKey hash.
  • Use the "server_public_key" function to get this endpoint.
• Replaced alot of uses of "strconv" with the "util.Iota" functions.
• Support for the new "whoami" command.
• Support for redirecting the "pull" command output.

Doppler:

• Updated the "window" command to reflect the "input" sub-command.
• Added the ability to load Doppler options from a file instead of just env variables.
• Doppler CLI displays options now on startup.
• Updated error messages to remove newline breaks.
• "lsa" Command now shows the Bolt CPU architecture.
  • A "*" char means that the arch is not the native arch (ie: X86OnX64 or ARM64OnARM).
• Fixed a bug with displaying IPv6 addresses.
• Fixed a bug with displaying IPv4 addresses encoded in IPv6.
• Updated the "pull" command to support redirecting output.
• Added the "-I" command line flag to display Bolt info and exit.
• Added a "pubkey" and "pubkey_full" commands to get the server public key info.
• Fixed a bug where certain DLL/ASM files wouldn't get automatically picked up.
• Added the "whoami" command.
• Added the "show_window" command as an alias to "set_hide".
• Updated "upload" to use the file basename if no upload target is specified.
• Fixed the "shutdown" command to work in "All Bolts"
• Enabled the"jobs" command to work in "All Bolts" and will use the specified filter.
• Fixed a handle display bug for x86 Bolts in the "window ls" command.
• Updated the Bolts menu to only autocomplete "all" if the "a" and "l" are supplied
  instead of just "a".
• Fixed a zero value year display bug with Windows times.

JetStream / CloudSeed:

• Support for older versions of Golang (>=go1.10).
  • Auto detection of which command line arguments are used.
• Auto detection of Golang version to determine mod support.
• Auto go.mod vendoring if no GOPATH is specified.
• Auto vendors modfiles in a Go 1.10 format if older than go1.11.
• Removed the dependency on JetStream for cert generation targets.
• Loaded the certificate generation script from disk instead of writing a temp file.
• Updated "tiny_root" to use a local submodule instead of using Git downloaded files.
  • Added some function stripping code similar to the Garble project.
  • Supports >= go1.10
• Updated and refactored "strip_binary".
• Updated the Bolt generator to display Guardian info even if "ignore" is false.
• Added the ability to set the GOPATH value or set it via the "--gopath" command
  line argument.
• Added loong64/linux support.
• Removed the Garble "-literals" command line argument in Garble builds.
• Added support for detection of Garble availability in older Golang versions.
• Updated Windows C templates to support Windows Xp and above.

First Bugfix Version Bump

Small bugfixes
Version and copyright year update

Full Changelog: v1.0.0...v1.0.1

v1.0.0: First Release Version! 🎉🎉

First Release version of ThunderStorm!!

Super Update!

First Version Number!!!

• Bump to match XMT v0.4.5

New Features:

• Flurries now have support for KillDate
  • Works similar to Bolt Killdate and will top Flurry operation after the specified
    date/time.
  • Specified as an ISO8601 timestamp in the JetStream config or command line.
• Added GuardFirst to Bolts.
  • Allows for Bolts to setup the Guardian BEFORE starting up to prevent WorkHours
    from causing too many Bolts to run when active.
  • Enabled in the JetStream config or command line.
• Bolt logging buildtag added.
  • Use the "log" buildtag to make Bolts log to STDOUT.
• Bolts will exit if the Config they are supplied with has a KillDate that is after
  the current time.
• Cirrus logger!
  • Can be separate or the same as the C2 log.
  • Can be specified by command line arguments.
    • Default log level is WARNING.
  • By default, it uses the C2 log file if not specified.
• Cirrus will now offload non-active Scripts to disk after a period of time.
  • Scripts will be reloaded automatically if they are called/used.
• Doppler CLI "prune" will NOT prune Bolts waiting on WorkHours, unless the "-f"/"--force"
  argument is specified.
• Added support for reading KillDate, WorkHours and Capabilities.
• Added the new task.Evade type with constants!
  • The "zerotrace" command is still active, but is just a compatibility call.
• Files/Data used are now SHA256 hashed and logged!
  • Great for tracking back dropped files/data.
  • Includes written memory, Zombie, DLL and ASM!
• New Docs!
  • Commands.md
  • Identifiers
  • StringValues.md
• New way to format data: Data Specification Identifiers!
  • Removed the old "!" method of declaring local files.
• Doppler can now be ran using a config file instead of just arguments or env vars!

Support for New Tasks:

• WTS*
• CheckDLL
• PatchDLL
• Reboot
• Poweroff
• WorkHours
• KillDate
• Netcat
• Funcmap
• LoginUser (Interactive)
  • Added the "loginas" comand in Doppler.

Updates:

• JetStream DLLs now support "DllGetClassObject".
• Updated the builder to handle Golang 1.19.2 strings.
  • Builder will now error if a value is missing (indicates a Golang version incompatibility).
• Added updates to README
• Split shell file into multiple files to make editing easier.
• Updated the Job/Session prune handler.
• Fixed some log/output files permission for Cirrus.
• Updated Migrate/Spawn handling code to match the new XMT update for it.
• Job Pruner now will respect workhours and NOT expire jobs that are currently on
  hold due to WorkHours.
• Changed some HTTP response codes to more match the errors that may result from
  the call.
• Updated some of the Job text to match the result output.
• Spell check fixes.

Full Changelog: https://github.com/iDigitalFlame/ThunderStorm/commits/v1.0.0