http://open-source-security-software.net/project/stoq/releases.atom 2024-05-16T16:40:57.353422+00:00 python-feedgen stoq v0.9.6 2015-11-19T01:43:19+00:00 2015-11-19T01:43:19+00:00 stoq v0.9.7 2015-12-03T13:53:25+00:00 2015-12-03T13:53:25+00:00 stoq v0.9.8 2016-01-30T02:35:39+00:00 2016-01-30T02:35:39+00:00 stoq v0.9.10 2016-03-01T20:11:58+00:00 2016-03-01T20:11:58+00:00 stoq v0.9.11 2016-03-23T16:45:38+00:00 2016-03-23T16:45:38+00:00 stoq v0.9.20 2016-05-25T21:24:20+00:00 2016-05-25T21:24:20+00:00 stoq v0.9.30 2016-10-05T16:15:54+00:00 2016-10-05T16:15:54+00:00 stoq v0.9.32 2016-10-06T14:24:03+00:00 Bug fixes 2016-10-06T14:24:03+00:00 stoq v0.9.34 2016-10-13T02:40:23+00:00 2016-10-13T02:40:23+00:00 stoq v0.9.35 2016-10-13T14:49:21+00:00 2016-10-13T14:49:21+00:00 stoq v0.10.1 2016-10-18T18:34:15+00:00 2016-10-18T18:34:15+00:00 stoq v0.10.13 2017-01-17T16:32:21+00:00 2017-01-17T16:32:21+00:00 stoq v0.10.16 2017-07-19T12:29:58+00:00 2017-07-19T12:29:58+00:00 stoq v0.11.1 2017-07-24T18:43:10+00:00 Add support for handling multiple results from a worker Bug fixes 2017-07-24T18:43:10+00:00 stoq v0.12.0 2017-07-28T19:17:41+00:00 2017-07-28T19:17:41+00:00 stoq v0.13.0 2017-08-04T01:25:21+00:00 - Add native support for plugins rather than rely on yapsy - Attempting to minimize core dependencies - Add test suite 2017-08-04T01:25:21+00:00 stoq 0.14.0 2017-12-07T14:36:27+00:00 2017-12-07T14:36:27+00:00 stoq 0.15.0 2017-12-21T16:10:48+00:00 2017-12-21T16:10:48+00:00 stoq v0.16.0 2018-01-16T14:20:22+00:00 2018-01-16T14:20:22+00:00 stoq v0.17.0 2018-01-17T20:31:30+00:00 2018-01-17T20:31:30+00:00 stoq v0.18.0 2018-02-22T14:17:29+00:00 2018-02-22T14:17:29+00:00 stoq v0.18.1 2018-02-23T20:20:46+00:00 2018-02-23T20:20:46+00:00 stoq v0.19.0 2018-03-16T17:22:42+00:00 2018-03-16T17:22:42+00:00 stoq v0.20.0 2018-04-20T09:17:22+00:00 - Adding support for flattened results - `worker.start()` now returns post-processed results (i.e., template, split, flattened) - Updated tests for new functionality 2018-04-20T09:17:22+00:00 stoq v0.20.1 2018-04-20T17:34:13+00:00 - Test cleanup/additions - Minor bug fixes 2018-04-20T17:34:13+00:00 stoq v0.20.2 2018-05-04T16:55:44+00:00 - Fix build process (thanks pip v10) - Minor bug fixes - Add additional tests - Minor documentation update 2018-05-04T16:55:44+00:00 stoq v0.21.0 2018-05-08T03:07:12+00:00 - Update `Stoq()` to be more verbose with named parameters - Accept `plugin_options` when instantiating `Stoq()` to allow for options to be passed to all plugins - Updated documentation - Support datetime objects in `Stoq.dumps()` - Code cleanup 2018-05-08T03:07:12+00:00 stoq v0.99 2018-05-18T12:04:04+00:00 This is a near final release for v1.0 **Changes** - Improved handling of json dumps when handling `datetime` and `set` objects - Plugin imports have been broken out into multiple libs - Minor bug fixes **Breaking Changes** - `stoq-cli.py` is now a console script located in the default path and is now run with the command `stoq` - `STOQ_HOME` environment variable defines where default configuration files and plugins are located - If not in `STOQ_HOME`, it will default to `CWD` - `runtests` command renamed to `test` - `test` command now supports arguments `stoq`, `all`, or list of plugin names 2018-05-18T12:04:04+00:00 stoq v0.99.0 2018-05-18T12:04:04+00:00 This is a near final release for v1.0.0 **Changes** - Improved handling of json dumps when handling `datetime` and `set` objects - Plugin imports have been broken out into multiple libs - Minor bug fixes **Breaking Changes** - `stoq-cli.py` is now a console script located in the default path and is now run with the command `stoq` - `STOQ_HOME` environment variable defines where default configuration files and plugins are located - If not in `STOQ_HOME`, it will default to `CWD` - `runtests` command renamed to `test` - `test` command now supports arguments `stoq`, `all`, or list of plugin names 2018-05-18T12:04:04+00:00 stoq v1.0.0 2018-06-06T01:18:29+00:00 2018-06-06T01:18:29+00:00 stoq v1.0.1 2018-09-07T11:56:47+00:00 Ensure archiving occurs if the source and archive plugin is defined as `file` 2018-09-07T11:56:47+00:00 stoq v1.0.2 2018-09-24T16:58:40+00:00 2018-09-24T16:58:40+00:00 stoq v2.0.0rc2 2018-11-29T01:28:52+00:00 2018-11-29T01:28:52+00:00 stoq v2.0.0rc4 2018-12-14T00:49:41+00:00 2018-12-14T00:49:41+00:00 stoq v2.0.0rc5 2018-12-16T23:57:54+00:00 2018-12-16T23:57:54+00:00 stoq v2.0.0 2018-12-18T13:48:26+00:00 Final release of v2.0.0 2018-12-18T13:48:26+00:00 stoq v2.0.1 2019-01-11T04:21:04+00:00 ### Added - Allow `--max-recursion` from command line and `max_recursion` when instantiating `Stoq()`. - Allow `max_dispatch_passes` when instantiating `Stoq()`. - Allow `--request-source` and `--request-extra` from command line. ### Changed - Fix requirements URL when installing plugins from stoQ plugin repository - Minor bug fixes 2019-01-11T04:21:04+00:00 stoq v2.0.2 2019-01-15T03:15:12+00:00 ### Changed - Fix erroneous error from being displayed when installing or listing plugins - Fix plugin install if requirements.txt does not exist - Documentation update for installation (@chemberger) 2019-01-15T03:15:12+00:00 stoq v2.0.3 2019-02-15T15:59:24+00:00 ### Added - Allow `--plugin-dir` from command line to force one or more plugin directories - Provide better logging when a plugin is installed from github as a non-root user outside of a venv - Gracefully handle exceptions in `ConnectorPlugins` ### Changed - Improve handling of plugin configuration options. Plugin options can now also be in stoq.cfg. (Thanks for feedback @chemberger!) - Set default precendence for plugin configuration options to be 1) `plugin_opts` when instantiating `Stoq`, 2) `stoq.cfg`, 3) Plugin config file (Thanks for feedback @chemberger!) - Make formatted exceptions more legible in results 2019-02-15T15:59:24+00:00 stoq v2.0.4 2019-03-29T14:42:10+00:00 ### Added - `Stoq.reconstruct_all_subresponses()` method to allow for reconstructing `StoqResponse` objects iteratively (@maydewd) ### Changed - Force payload content to be of type `bytes` 2019-03-29T14:42:10+00:00 stoq v2.0.5 2019-06-07T13:39:35+00:00 ### Added - Provide console output if stoQ configuration file does not exist (Thanks for feedback @jakubgs!) - Add command line option `--config-file` to define stoQ configuration file - Add command line option `--log-level` to allow for setting of the log level - Documentation for simplified method of defining plugin options within `__init__` ### Changed - Raise StoqPluginException if installing a plugin that is already installed - Display `plugin_path` when plugin is successfully installed - Raise StoqPluginNotFound when attempting to load non-existent or invalid plugin 2019-06-07T13:39:35+00:00 stoq v2.0.6 2019-11-08T15:15:22+00:00 ### Changed - Fix issue where deep dispatchers defined from the CLI were not passed to `Stoq()` - Update URL for plugins to include v2 branch when using `--github` 2019-11-08T15:15:22+00:00 stoq v2.0.7 2019-12-03T13:41:46+00:00 ### Changed - Fix plugin requirements path when installing from Github 2019-12-03T13:41:46+00:00 stoq v3.0.0b2 2019-12-04T19:21:55+00:00 ### Added - Support for asyncio within the framework and plugins - Better type checking support - `self.log` may be leveraged from within all plugin classes - Add new `Error()` class for standardizing errors from stoQ and plugins `Error()` will track plugin name, error message, and payload_id (optional) - Add configuration properties from `[Core]` and `[Documentation]` to each plugin object when loaded - `PayloadMeta` now has a `should_scan` boolean. Allows payloads to be logged and archived, but not scanned by worker plugin. - `Payload` is now updated as results are completed. Results from completed scans will be available to other plugins instantly - `Request()` class is passed to all dispatchers, workers, and archiver plugins. The `Request` object contains all payloads, request metadata, results, and errors from all other completed plugins. This will allow for all neccessary plugins to have a full understanding of the current state of the complete `Request`. - `WorkerPlugin`s now have a configuration option of `required_workers`. This allows for chained worker dependencies. If `required_workers` is defined, the parent plugin will not be run until all required plugins are completed successfully. The parent plugin may then use results from other completed plugins for their respective scanning tasks. - Duplicate extracted payloads are no longer simply skipped, they are appended to `Payload.results[].extracted_by` and `Payload.results[].extracted_from` - Add `StoqConfigParser` to `stoq.helpers` to extend options for `Stoq` and plugin configurations. - Parallelization is performed across all of the plugins that can run in a given round, instead of parallelizing across all of the plugins to perform on a given payload (#147) ### Changed - `PayloadResults` is now an object of `Payload.results`, rather than an independent object - Most objects have been removed from `Payload` and are now availabe in `Payload.results`, namely `extracted_by`, `extracted_from`, `payload_id`, `size`, `payload_meta` - `Payload.plugins_run` moved to `PayloadResults.plugins_runs` and is now a `Dict[str, List[str]]` rather than `Dict[str, List[List[str]]]` - `PayloadResults.workers` is now a `Dict[str, Dict]` rather than `List[Dict[str, Dict]]` - `PayloadMeta` is now an object of `PayloadResults.payload_meta` - `PayloadResults.extracted_by` is now a `List[str]` rather than `str` - `PayloadResults.extracted_from` is now a `List[str]` rather than `str` - Dispatchers run on each payload every round, instead of once per payload. This allows the dispatcher to take advantage of the request state model. (#147) - Worker plugins can specify additional plugins to run on the payload they scan, effectively giving them dispatch capability. With YARA, for example, this allows us to directly scan with YARA and dispatch to other plugins by running YARA once. Otherwise, we would run YARA as a dispatcher, and then immediately run YARA again as a worker plugin. (#147) - Archivers run at the very end along with connectors and decorators because we no longer scan a payload to completion at once. (#147) - The default value for max_recursion has increased because the average number of worker rounds taken to complete a scan is expected to increase. (#147) ### Deprecated - DeepDispatcher plugin class has been removed - `Payload.plugins_run` has been removed in favor of `PayloadResults.plugins_run`) - `Payload.worker_results` has been removed in favor of `PayloadResults.workers` - `RequestMeta` is no longer passed to plugins, in favor of the `Request` object - `plugins_opts` has been removed from plugin `__init__` function. All plugin configuration options are only available in `self.config` 2019-12-04T19:21:55+00:00 stoq v3.0.0b3 2020-02-05T19:07:23+00:00 ### Added - Ensure `plugin_name` is set to the name of the plugin class in case `Name` is not defined in the plugin's configuration. ### Changed - Updated Dockerfile: * exiftool updated to 11.86 * triddefs installed to trid plugin path * stoq-framework version to 3.0.0b3 - Set `provider_consumers` to `2` to avoid issues with provider timeouts - Documentation updates 2020-02-05T19:07:23+00:00 stoq v3.0.0 2020-03-18T13:48:28+00:00 ### Added - Support for asyncio within the framework and plugins - Better type checking support - `self.log` may be leveraged from within all plugin classes - Add new `Error()` class for standardizing errors from stoQ and plugins `Error()` will track plugin name, error message, and payload_id (optional) - Add configuration properties from `[Core]` and `[Documentation]` to each plugin object when loaded - `PayloadMeta` now has a `should_scan` boolean. Allows payloads to be logged and archived, but not scanned by worker plugin. - `Payload` is now updated as results are completed. Results from completed scans will be available to other plugins instantly - `Request()` class is passed to all dispatchers, workers, and archiver plugins. The `Request` object contains all payloads, request metadata, results, and errors from all other completed plugins. This will allow for all neccessary plugins to have a full understanding of the current state of the complete `Request`. - `WorkerPlugin`s now have a configuration option of `required_workers`. This allows for chained worker dependencies. If `required_workers` is defined, the parent plugin will not be run until all required plugins are completed successfully. The parent plugin may then use results from other completed plugins for their respective scanning tasks. - Duplicate extracted payloads are no longer simply skipped, they are appended to `Payload.results[].extracted_by` and `Payload.results[].extracted_from` - Add `StoqConfigParser` to `stoq.helpers` to extend options for `Stoq` and plugin configurations. - Parallelization is performed across all of the plugins that can run in a given round, instead of parallelizing across all of the plugins to perform on a given payload (#147) - Ensure `plugin_name` is set to the name of the plugin class in case `Name` is not defined in the plugin's configuration. ### Changed - `PayloadResults` is now an object of `Payload.results`, rather than an independent object - Most objects have been removed from `Payload` and are now availabe in `Payload.results`, namely `extracted_by`, `extracted_from`, `payload_id`, `size`, `payload_meta` - `Payload.plugins_run` moved to `PayloadResults.plugins_runs` and is now a `Dict[str, List[str]]` rather than `Dict[str, List[List[str]]]` - `PayloadResults.workers` is now a `Dict[str, Dict]` rather than `List[Dict[str, Dict]]` - `PayloadMeta` is now an object of `PayloadResults.payload_meta` - `PayloadResults.extracted_by` is now a `List[str]` rather than `str` - `PayloadResults.extracted_from` is now a `List[str]` rather than `str` - Dispatchers run on each payload every round, instead of once per payload. This allows the dispatcher to take advantage of the request state model. (#147) - Worker plugins can specify additional plugins to run on the payload they scan, effectively giving them dispatch capability. With YARA, for example, this allows us to directly scan with YARA and dispatch to other plugins by running YARA once. Otherwise, we would run YARA as a dispatcher, and then immediately run YARA again as a worker plugin. (#147) - Archivers run at the very end along with connectors and decorators because we no longer scan a payload to completion at once. (#147) - The default value for max_recursion has increased because the average number of worker rounds taken to complete a scan is expected to increase. (#147) ### Deprecated - DeepDispatcher plugin class has been removed - `Payload.plugins_run` has been removed in favor of `PayloadResults.plugins_run`) - `Payload.worker_results` has been removed in favor of `PayloadResults.workers` - `RequestMeta` is no longer passed to plugins, in favor of the `Request` object - `plugins_opts` has been removed from plugin `__init__` function. All plugin configuration options are only available in `self.config` 2020-03-18T13:48:28+00:00 stoq v3.0.1 2020-07-27T17:13:47+00:00 ### Added - Add `getjson()` function to allow plugins to use valid json strings are configuration options (@ytreister, #144) ### Changed - Fix stoq command line to properly parsed `--plugin-opts` and `--request-source` arguments that contain `=` or `:` characters - Ensure `always_dispatch` in `stoq.cfg` leverages `getlist()` when `Stoq()` is is instantiated. (#149) - Multiple fixes and updates to Dockerfile 2020-07-27T17:13:47+00:00