Pentera v6.1 Release Notes PDF
Document Details
Uploaded by RapturousInfinity8915
2024
Tags
Summary
This document details the release notes for Pentera v6.1, a security testing platform. The release focuses on expanding functionality for cloud and Linux environments, including improvements to ransomware emulation, SSH support, residue cleanup, and vulnerability scanning capabilities. The notes also mention bug fixes and performance optimizations.
Full Transcript
Pentera v6.1 Release Notes April 2024 Reboot Required Pentera Core Execute a LockBit 3.0 campaign to test your defenses against the formidable ransomware Pentera’s Ransomware Emulation test now supports LockBit 3.0 for Linux hosts. LockBit 3.0 is an evolution of LockBit 2.0, with the highest numb...
Pentera v6.1 Release Notes April 2024 Reboot Required Pentera Core Execute a LockBit 3.0 campaign to test your defenses against the formidable ransomware Pentera’s Ransomware Emulation test now supports LockBit 3.0 for Linux hosts. LockBit 3.0 is an evolution of LockBit 2.0, with the highest number of victims across different verticals, making it the most dominant campaign to this day. After running the test, a detailed report will be available. We’ve also created a new LockBit 3.0 wiki article to learn more about the ransomware and its mitigation, and remediation options with a focus on Linux target hosts. Pentera v6.1 1 Ransomware emulation now supports Linux and SSH initial access You can now run ransomware emulation tests on Linux hosts via SSH protocol. Authentication can be achieved using one of two 2 methods, SSH credentials or SSH keys. Note: Currently, only the LockBit 3.0 campaign can be run on Linux hosts. Pentera v6.1 2 SSH Keys for residue cleanup You can now use SSH keys to clean up residues on Linux machines. This is in addition to local or domain accounts for Windows machines. For Linux machines, you can now provide SSH keys, in addition to the SSH credentials option that was already supported. Both methods can be used for authentication to the hosts that will be used for residue cleanup after testing. SSH keys for Linux is available in both the Environment> Residue Cleanup settings, and in the template settings for Black- and Gray-Box templates, and in the Ransomware Emulation test template. Pentera v6.1 3 Non-standard ports You can now include non-standard TCP ports in your tests to expand coverage for services using high or special ports. Add high or special TCP ports, or port ranges not typically used, to your test templates (Black Box, Gray Box, and Targeted test scenarios). You can add the ports either manually or by uploading a file. This feature is backward compatible with all test templates, making it possible to add non-standard ports to your existing templates. The new option is available in the Ranges section of the test template. You can add up to 1,024 ports in a single test. Pentera v6.1 4 Dynamic Attack Node (DAN) Enhancements New options in the DAN settings of the testing template provide more flexible deployment options. Connect Pentera to the DAN using SSH You now have two methods to connect Pentera with the DAN. Select the new SSH option (via port 22 or a custom port), or use SMB via port 445, as before. Assign a static IP to the parent node You can now enter a static IP address for the parent node, or dynamically assign an IP with DHCP, as before. Pentera v6.1 5 Enhanced Domain Reconnaissance We've revamped our Domain Recon engine to handle domains at scale. This includes: - Updated achievements - Existing achievements now feature revised names and descriptions for clearer insights. - New achievements – New achievements provide more perspectives on domain data. Pentera v6.1 6 Pentera Cloud Expand your cloud testing scope by scanning for vulnerabilities in workloads Scan for vulnerabilities in workloads running in your cloud environment. This new capability uses a third-party tool to scan workloads, and is enabled by default. Enhanced asset discovery in your Azure cloud Pentera Cloud can now discover and test the following assets from the beginning of the Cloud testing scenario: Azure App Services, Azure Storage Accounts, and Azure AKS Clusters. Once credentials are obtained, accessible assets will be discovered. These assets are common and essential in Azure, making them attractive to attackers. Pentera v6.1 7 Validate database connection strings to obtain credentials Once Pentera obtains the right permissions to analyze cloud resource configurations, Pentera harvests and validates selected SQL connection strings, and uses them to connect to various databases, such as Amazon RDS and Azure SQL server. Once validated, a new achievement for validating service credentials appears in the Attack Vector, and further data extraction can be performed. Pentera v6.1 8 Pentera v6.1 9 Bug fixes and maintenance We appreciate your patience as we continue to fix your reported issues and optimize Pentera’s platform. - This version brings refinements and optimizations to the core components in Pentera, resulting in improved performance, especially noticeable in longer tests and larger environments. - Fixed an issue in Cloud tests; now the cloud asset’s color represents the severity of the vulnerabilities found on the asset. - Fixed an issue where uploading a custom password dictionary failed after a while with the error message: "Double check the Distributed Architecture tab for disconnections before trying again." End-of-life notice Pentera provides ongoing support for versions 5.9 and above. Customers with versions below 5.9 should upgrade for the latest features and bug fixes. Pentera v6.1 10
