v0.3.0

Changes

• refactor: remove legacy Python compatibility comments and dead code (#331) (383db3a)
• feat: add stall-recovery cold-start fallback for automated op recovery (#330) (e1ee8a6)
• chore(deps): update dependency community.general to v12.6.1 (#329) (b9d7530)
• chore(deps): update rust crate hickory-resolver to 0.26 (#328) (bedcd99)
• chore(deps): update actions/create-github-app-token action to v3.2.0 (#327) (e3f668a)
• chore(deps): update renovatebot/github-action action to v46.1.14 (#326) (aac2bbb)
• feat: improve credential domain reconciliation for low-trust sources (#325) (9b262a7)
• refactor: remove localuser_spray automation and update domain naming to contoso.local (#324) (3374f01)
• refactor: centralize and enforce domain domination checks in orchestrator automation (#323) (1f2d24c)
• refactor: improve domain/credential logic and result processing for multi-domain ops (#322) (716599a)
• fix: harden NTLM hash validation and improve cross-forest secretsdump (#320) (3b4d36e)
• style: remove redundant comments and clarify phase labels in automation and tooling (#321) (1d75078)
• feat: improve credential handling and trust enumeration robustness (5282fbe)
• fix: normalize ntlm hash output for compatibility with external parsers (#319) (0eb1c74)
• refactor: implement ttl-based assist-abandon dedup and improve credential relay logic (#318) (ef9b34c)
• refactor: switch ec2 deploy logic from BCP_BUCKET to S3_BUCKET (#317) (a05b8ab)
• fix: correct domain assignment for text-extracted credentials (#316) (b147f59)
• refactor: extract, document, and test pure work selection and payload builders (#233) (95f48cb)
• feat: add automated krbtgt hash extraction and impacket failure recovery (#295) (c68c69e)
• chore(deps): update github/codeql-action action to v4.35.4 (#288) (e773f3f)
• chore(deps): update actions/labeler action to v6.1.0 (#289) (7215727)
• chore(deps): update dependency amazon.aws to v11.3.0 (#290) (16cfa1a)
• feat: implement operation state event log with JetStream and Postgres projection (#279) (f59bb9e)
• ci: automate pre-commit autofix application for renovate bot PRs (#276) (837b46e)
• chore: update infrastructure automation and agent deployment for reliability and GPU support (#275) (67bcb16)
• fix: improve ssm failure diagnostics and opentelemetry dependency management (#274) (a67b9e8)
• chore: group opentelemetry and tracing-opentelemetry updates in renovate config (#271) (21666fc)
• feat: enforce operation scope for tool invocations and improve credential attribution (#272) (2cb9af0)
• feat: inject real operation values into agent prompt templates and reporting (#270) (adee1a1)
• chore(deps): update returntocorp/semgrep docker digest to 326e5f4 (#266) (a1a30f3)
• chore(deps): update rust crate async-nats to 0.48 (#269) (c96aa1b)
• chore(deps): update rust crate tokio to v1.52.3 (#267) (37a60e7)
• feat: migrate task queues to nats jetstream and add nats broker integration (#244) (22476d6)
• test: improve tracing span attribution and add span regression tests (#264) (fb65972)
• refactor: improve tracing and context propagation in orchestrator automation (#263) (670e4f9)
• feat: add OpenTelemetry task and operation IDs to agent telemetry spans (#261) (846a1da)
• feat: add CLI commands for inspecting and replaying session logs (#260) (93706f8)
• feat: add azure variant of ares golden image and update source repo (#249) (032d59c)
• chore(deps): update dependency cowdogmoo/warpgate to v4.6.0 (#255) (231a47f)
• chore(deps): update github/codeql-action action to v4 (#259) (ce317a4)
• feat: wrap provider.chat in llm.call span with timing and tokens (#262) (7b261fa)
• chore(deps): update github/codeql-action action to v3.35.3 (#258) (33bad63)
• chore(deps): update rust crate tokio to v1.52.2 (#257) (dc6ac63)
• chore(deps): update rust crate redis to v1.2.1 (#256) (344d701)
• chore(deps): update renovatebot/github-action action to v46.1.13 (#254) (0560cbb)
• chore(deps): update actions/cache action to v5.0.5 (#253) (85166eb)
• chore(deps): update returntocorp/semgrep docker digest to 7810f1d (#252) (3cca22d)
• chore(deps): update actions/upload-artifact digest to 043fb46 (#251) (341ad19)
• chore(deps): update actions/setup-go digest to 4a36011 (#250) (6fc181d)
• feat: add systemd memory and OOM protection for SSM agent and Redis worker (#248) (af12103)
• fix: exclude machine accounts from reuse candidate detection (#246) (60b2915)
• docs: overhaul and expand GOAD deployment checklist for clarity and completeness (#247) (64ab0c0)
• feat: add token budget circuit breaker and session log to agent loop (#245) (ff10d2b)
• docs: improve ansible development documentation and harden goad attack box (#243) (53ca3c9)
• chore(deps): update dependency grafana.grafana to v6.1.0 (#242) (4ae7f6b)
• chore(deps): update actions/create-github-app-token action to v3.1.1 (#240) (dc3b5d8)
• chore(deps): update rust crate reqwest to v0.13.3 (#241) (d750941)
• ci: expand build workflow to monitor ansible directory changes (#239) (07cb503)
• feat: enforce lockout-safe password spraying and expand multi-domain credential access (#238) (7899d61)
• feat: add rpcclient as required tool and clarify pass-the-hash handling (#237) (30415fd)
• refactor: unify redis key usage and collection loading for op data (#236) (d4a3569)
• chore(deps): update renovatebot/github-action action to v46.1.10 (#235) (130ee5e)
• docs: update warpgate template README for ares project and new agent structure (#234) (9157164)
• test: add comprehensive unit and integration tests for all modules (#232) (8a7b1b8)
• feat: add comprehensive attack strategy system with technique prioritization (#231) (19dde80)
• feat: add advanced automation for ADCS, GPO, shadow creds, RBCD, LAPS, MSSQL, and expand test coverage (#227) (edf0076)
• chore(deps): update dependency community.general to v12.6.0 (#229) (2b08a58)
• chore(deps): update dependency pre-commit to v4.6.0 (#230) (a4ee342)
• chore(deps): update dependency ansible-core to v2.20.5 (#228) (fad9d53)
• refactor: remove rust-based agent templates and standardize worker unit naming (#226) (e22c8cf)
• build: update base images, dependencies, and security patches for faster and safer builds (#225) (f9fb1e4)
• test: add comprehensive unit tests for credential, hash, user, and trust extraction logic (#223) (f337b6a)

Checksums

15df38d7d0002adf8319f82efd617e39f1de02980e6c13111a9da037a18ae4f3  ares-v0.3.0-aarch64-unknown-linux-gnu.tar.gz
41f88dd0a07646d241a72417e53954fb50da49d56f2b7273e3b1c42eb62de574  ares-v0.3.0-x86_64-apple-darwin.tar.gz
45aea8f3ab1c22f8c6a5fd7e3aea06cf70c5b5455079e66578ebb191adbdeedf  ares-v0.3.0-x86_64-unknown-linux-gnu.tar.gz
ccf1366da70b9e5e44e0ed8eee988d2eebda150b0ca66a2b565ff6c746524907  ares-v0.3.0-aarch64-apple-darwin.tar.gz

What's Changed

• test: add comprehensive unit tests for credential, hash, user, and trust extraction logic by @l50 in #223
• build: update base images, dependencies, and security patches for faster and safer builds by @l50 in #225
• refactor: remove rust-based agent templates and standardize worker unit naming by @l50 in #226
• chore(deps): update dependency ansible-core to v2.20.5 by @dreadnode-renovate-bot[bot] in #228
• chore(deps): update dependency pre-commit to v4.6.0 by @dreadnode-renovate-bot[bot] in #230
• chore(deps): update dependency community.general to v12.6.0 by @dreadnode-renovate-bot[bot] in #229
• feat: add comprehensive attack strategy system with technique prioritization by @l50 in #231
• docs: update warpgate template README for ares project and new agent structure by @l50 in #234
• chore(deps): update renovatebot/github-action action to v46.1.10 by @dreadnode-renovate-bot[bot] in #235
• refactor: unify redis key usage and collection loading for op data by @l50 in #236
• feat: add rpcclient as required tool and clarify pass-the-hash handling by @l50 in #237
• feat: enforce lockout-safe password spraying and expand multi-domain credential access by @l50 in #238
• ci: expand build workflow to monitor ansible directory changes by @l50 in #239
• chore(deps): update rust crate reqwest to v0.13.3 by @dreadnode-renovate-bot[bot] in #241
• chore(deps): update actions/create-github-app-token action to v3.1.1 by @dreadnode-renovate-bot[bot] in #240
• chore(deps): update dependency grafana.grafana to v6.1.0 by @dreadnode-renovate-bot[bot] in #242
• docs: improve ansible development documentation and harden goad attack box by @l50 in #243
• feat: add token budget circuit breaker and session log to agent loop by @l50 in #245
• docs: overhaul and expand GOAD deployment checklist for clarity and completeness by @l50 in #247
• fix: exclude machine accounts from reuse candidate detection by @l50 in #246
• feat: add systemd memory and OOM protection for SSM agent and Redis worker by @l50 in #248
• chore(deps): update actions/setup-go digest to 4a36011 by @dreadnode-renovate-bot[bot] in #250
• chore(deps): update actions/upload-artifact digest to 043fb46 by @dreadnode-renovate-bot[bot] in #251
• chore(deps): update returntocorp/semgrep docker digest to 7810f1d by @dreadnode-renovate-bot[...

v0.2.0

Changes

• chore: bump crate versions to 0.2.0 for ares packages (6e1bb65)
• refactor: split monolithic binary into dedicated orchestrator, worker, and cli crates (#222) (24243a2)
• feat: improve multi-forest automation, trust handling, and cross-domain attribution (#219) (ffbcb8b)
• refactor: update OTEL traces endpoint and simplify OTEL env var handling (4a47e81)
• fix: improve destination address and MITRE tactic span attribution (#221) (1797417)
• refactor: unify ares binaries into single 'ares' binary with subcommands (#216) (4e2f567)
• feat: improve blue team detection prompt accuracy and log query performance (#217) (32dc77b)
• refactor: unify rust-native ares template naming and documentation (#218) (c151ac4)
• refactor: centralize detection config and lateral movement logic in ares-core (#214) (f35e514)
• ci: prevent build summary from creating zombie runs on cancellation (#213) (147deca)
• ci: improve ansible collection install robustness and pre-commit performance (#211) (f02a5cb)
• chore(deps): update rust crate clap to v4.6.1 (#204) (4579d52)
• chore(deps): update actions/create-github-app-token action to v3.1.1 (#206) (c0083b7)
• chore(deps): update rust crate tokio to v1.52.0 (#209) (196c521)
• chore(deps): update dependency ansible-core to v2.20.4 (#207) (fd5dffd)
• chore(deps): update rust crate rstest to 0.26 (#208) (240d132)
• chore(deps): update rust crate uuid to v1.23.1 (#205) (b98998a)
• chore(deps): update renovatebot/github-action action to v46.1.9 (#203) (d3bd4fe)
• feat: introduce YAML-driven blue detection templates and auto-submit investigations (#202) (b178bff)
• feat: add Rust-native Ares agent templates and golden image support (#201) (472e3cf)
• feat: add redis server role, improve impacket handling, and update dev workflow (#200) (4c77da0)
• ci: update workflow dependencies and permissions for improved security and reliability (#199) (f8650a0)

Checksums

29ba95cd333e55646763e580a10bdd0dc3e768383bd84c2d452d4880301060af  ares-v0.2.0-aarch64-unknown-linux-gnu.tar.gz
37256bb392e67e64e970479ec5f52797380c6d725436450d8dc60e80f7390b30  ares-v0.2.0-aarch64-apple-darwin.tar.gz
a39df121d29b0b9148a77e900c42b36f8677f2989c715ea483037142f1d48bcb  ares-v0.2.0-x86_64-apple-darwin.tar.gz
ef43b06ac27164d5d9049de1bd5868da88f77af1c4e37ad134c4c6a3e18d0bda  ares-v0.2.0-x86_64-unknown-linux-gnu.tar.gz

What's Changed

• ci: update workflow dependencies and permissions for improved security and reliability by @l50 in #199
• feat: add redis server role, improve impacket handling, and update dev workflow by @l50 in #200
• feat: add Rust-native Ares agent templates and golden image support by @l50 in #201
• chore(deps): update renovatebot/github-action action to v46.1.9 by @dreadnode-renovate-bot[bot] in #203
• chore(deps): update rust crate uuid to v1.23.1 by @dreadnode-renovate-bot[bot] in #205
• chore(deps): update rust crate rstest to 0.26 by @dreadnode-renovate-bot[bot] in #208
• chore(deps): update dependency ansible-core to v2.20.4 by @dreadnode-renovate-bot[bot] in #207
• chore(deps): update rust crate tokio to v1.52.0 by @dreadnode-renovate-bot[bot] in #209
• chore(deps): update actions/create-github-app-token action to v3.1.1 by @dreadnode-renovate-bot[bot] in #206
• chore(deps): update rust crate clap to v4.6.1 by @dreadnode-renovate-bot[bot] in #204
• ci: improve ansible collection install robustness and pre-commit performance by @l50 in #211
• ci: prevent build summary from creating zombie runs on cancellation by @l50 in #213
• feat: improve blue team detection prompt accuracy and log query performance by @l50 in #217
• refactor: unify ares binaries into single 'ares' binary with subcommands by @l50 in #216
• fix: improve destination address and MITRE tactic span attribution by @l50 in #221
• feat: improve multi-forest automation, trust handling, and cross-domain attribution by @l50 in #219
• refactor: split monolithic binary into dedicated orchestrator, worker, and cli crates by @l50 in #222

Full Changelog: v0.1.0...v0.2.0

v0.1.0

Changes

• ci: output checksums as job output and use in release notes (ee01a9d)
• chore(deps): update softprops/action-gh-release action to v3 (#196) (7f391e2)
• chore(deps): update actions/download-artifact action to v8 (#193) (2442bdb)
• build: update redis and reqwest dependencies, refactor redis connection usage (#198) (524513f)
• build: update reqwest dependencies and features for compatibility (#197) (81663e1)
• chore(deps): update rust crate thiserror to v2 (#195) (38ad3f9)
• chore(deps): update actions/cache action to v5 (#192) (dc45faf)
• fix(deps): update rust crate reqwest to 0.13 (#190) (8f6bb31)
• fix(deps): update rust crate md-5 to 0.11 (#189) (f01e654)
• Initial commit (26b29af)

Checksums

217210b25a7b496924ea5ae74ae52265b72edea84ae4dfcf8cf0d2bf4c52e617  ares-cli-v0.1.0-aarch64-unknown-linux-gnu.tar.gz
3418d4806ff2bdb48529409e0bb8a8600a228214b4fdf03a16fbd9ea6a430508  ares-worker-v0.1.0-aarch64-unknown-linux-gnu.tar.gz
778793592014da85ba41813e368a36ec507bfda345fe1c3ee1db5bcd33d711ff  ares-orchestrator-v0.1.0-aarch64-apple-darwin.tar.gz
77e4f028b1ec9e7acc30a61e49ea5a90a12f007654dbc4f56c288a5c0e2d1f34  ares-orchestrator-v0.1.0-x86_64-unknown-linux-gnu.tar.gz
827d8763805f7c636beb6383091ff65abdca40dc964870da8df6be1e990815fa  ares-orchestrator-v0.1.0-aarch64-unknown-linux-gnu.tar.gz
8cd91b5413f33c2fe238989d2a47f2536e7e06db2730de7618a16480fbc6df10  ares-cli-v0.1.0-x86_64-apple-darwin.tar.gz
a188a728b773b29ee47b698cc466a0f87c50614edf487a2f5a31c94402a4f842  ares-worker-v0.1.0-x86_64-unknown-linux-gnu.tar.gz
c750b6e512bb88a9c69b575530b1e6b28bf0d5e5440766111762269eefb85b4b  ares-cli-v0.1.0-aarch64-apple-darwin.tar.gz
ce50906705ce7a8c9bb216781a7aaea61a102a6bfb2f0c6ac9526d9bc4d52cee  ares-worker-v0.1.0-aarch64-apple-darwin.tar.gz
e096de2bc669fbb707f38c60097734fd36ff3438d0dde9a2b6c4ffe8e61c0320  ares-cli-v0.1.0-x86_64-unknown-linux-gnu.tar.gz
f849759a53f9e918894e19dacb4883d1bc8b0a1a2aa2a86542d01d8d0213eaa4  ares-orchestrator-v0.1.0-x86_64-apple-darwin.tar.gz
fd59e52013dd687bf5cab9f5b5417923198162f7290fd3b8a6e89f20b8f2e1a6  ares-worker-v0.1.0-x86_64-apple-darwin.tar.gz

What's Changed

• fix(deps): update rust crate md-5 to 0.11 by @dreadnode-renovate-bot[bot] in #189
• fix(deps): update rust crate reqwest to 0.13 by @dreadnode-renovate-bot[bot] in #190
• chore(deps): update actions/cache action to v5 by @dreadnode-renovate-bot[bot] in #192
• build: update reqwest dependencies and features for compatibility by @l50 in #197
• chore(deps): update actions/download-artifact action to v8 by @dreadnode-renovate-bot[bot] in #193
• chore(deps): update softprops/action-gh-release action to v3 by @dreadnode-renovate-bot[bot] in #196

Full Changelog: https://github.com/dreadnode/ares/commits/v0.1.0