Changelog ZAIUX® Evo

Segui l’evoluzione di ZAIUX® Evo, scopri le ultime modifiche pubblicate e le nuove funzionalità aggiunte che lo rendono sempre più potente e versatile.

v2.8.2

2024-10-16
  • Added legend for graphs in the user UI
  • Implemented new Credential Phishing technique to test user awareness
  • Reduced Initial Access Loader entropy
  • Bugfix in wmiquery

v2.8.1

2024-10-10
  • New Cloud infrastructure for BAS sandboxes
  • Fixes for domain user imports following attack techniques
  • New chart in the UI showing the history of scores obtained by the Site

v2.8.0

2024-08-27
  • Added support for the exploitation of user enrollment to vulnerable certificates
  • New technique exploiting unquoted service paths
  • Password Spraying performed for passwords found by GPP Credentials Extraction
  • Added support for SID-based interaction with well known Active Directory object for enhanced language support
  • Updated OS filter in the BAS Monitoring Dashboard
  • Integrated latest C2 Team Server
  • Improved Thread Stack Spoofing by using valid "call" opcodes before the return address in the call-stack

v2.7.5

2024-07-31
  • Added filtering based on computer OS in the BAS monitoring Dashboard

v2.7.4

2024-07-23
  • Improved RDP client credentials attack
  • Added ADCS ESC4 vulnerbale certificate template discovery

v2.7.3

2024-07-15
  • Added material to the Partner Program page
  • Added download button for the English version of the datasheet

v2.7.2

2024-07-12
  • Added 3 new Active Directory health check tests
  • Improved queries for AD enumeration
  • Optimized planning policies for some techniques
  • Updated malware for initial deployment
  • Updated UAC-bypass techniques for local privilege escalation

v2.7.1

2024-07-03
  • Fixed duplicated LPE attack description
  • Optimized readability of some techniques' result
  • Added new tests to the active directory health check
  • Improved CAs parsing
  • Minor bugfixes

v2.7.0

2024-06-25
  • New partner area available on the dashboard
  • In-memory PE execution updated to evade specific edr detections
  • Improved implant stability
  • Minor bugfixes

v2.6.13

2024-06-20
  • Optimizations for information gathering techniques regarding local privileges and processes
  • Improved stealthness of RDP credentials download

v2.6.12

2024-06-18
  • Improved ADCS vulnerable certificate templates discovery and description

v2.6.11

2024-06-17
  • Updated keying mechanism
  • Optimized preliminary EDR detection phase
  • Fixed a memory allocation bug during process enumeration
  • Minor updates for technique descriptions in the report
  • Minor bug fixes

v2.6.10

2024-06-11
  • Added new technique: GPP Credentials Extraction
  • Improved Lateral Movement abusing Remote Desktop Protocol
  • Added various evasion features
  • Improved stability
  • Minor bugfixes

v2.6.9

2024-06-04
  • New technique Certify Pre-Owned ESC3
  • Improved data analysis for ADCS certificate templates during the AD enumeration phase

v2.6.8

2024-05-24
  • Fixed a race condition during sleep obfuscation phase which caused the Implant to hang
  • Improved thread stack spoofing at-rest

v2.6.7

2024-05-21
  • Optimized LDAP queries during the AD enumeration phase
  • Improved data analysis for ADCS discovery during the AD enumeration phase

v2.6.6

2024-05-13
  • Internal refactoring
  • Minor report optimizations

v2.6.5

2024-05-06
  • Chart added to the report
  • Context Analysis bypass improved during Sleep Obfuscation
  • Added enhanced CFG Bypass support
  • Various bugfixes

v2.6.4

2024-04-30
  • New lateral movement technique leveraging AppDomain injection
  • Improved Active Directory enumeration via custom dotnet collector
  • Improved ldap query parsing
  • Added detailed information about abused protocols during lateral movement
  • Report visualization improvement
  • Minor bug fixes

v2.6.3

2024-04-22
  • Improved parsing of ldap queries
  • Bug fix in local privilege escalation technique 1