v2.0.0

What's Changed

• Implement STIX export feature by @0xv1n, @infosecB in #215

Full Changelog: v1.7.3...v2.0.0

v1.7.3

What's Changed

New LOOBins

• sysadminctl by @cyberbuff in #211

Updated LOOBins

• Add Sigma rules and references to tmutil.yml by @DefenderDaniel in #208
• Add Sigma Detection to nscurl.yml by @DefenderDaniel in #206
• Add Sigma detection and resource link to pbpaste.yml by @DefenderDaniel in #207
• Add Sigma detections for chflags, csrutil and hdiutil by @cyberbuff in #212

Full Changelog: v1.7.1...v1.7.3

v1.7.2

What's Changed

• Add Sigma rules and references to tmutil.yml by @DefenderDaniel in #208
• Add Sigma Detection to nscurl.yml by @DefenderDaniel in #206
• Add Sigma detection and resource link to pbpaste.yml by @DefenderDaniel in #207

Full Changelog: v1.7.1...v1.7.2

v1.7.1

What's Changed

New LOOBins

• Add LOOBin for streamzip by @0xv1n in #192
• Add LOOBins for codesign by @txhaflaire in #200

Updated LOOBins

• Update defaults by @demonduck in #197
• Adding chflags command by @demonduck in #196
• Add multiple Jamf Protect detection rules by @txhaflaire in #201, #194
• Add another example for the log loobin by @txhaflaire in #199

New Contributors

• @demonduck made their first contribution in #197
• @txhaflaire made their first contribution in #194

Full Changelog: v1.7.0...v1.7.1

v1.7.0

What's Changed

• Add use cases for launchctl, dscl, csrutil by @marcopedrinazzi in #189
• Add use cases for dscacheutil, fix descriptions of previous use cases by @marcopedrinazzi in #188
• Fix broken links to Check Point research by @0xv1n in #190

New Contributors

• @marcopedrinazzi made their first contribution in #189
• @0xv1n made their first contribution in #190

Full Changelog: v1.6.0...v1.7.0

v1.6.0

What's Changed

• Update dscl by @Res260 in #181
• Update ioreg.yml by @pratinavchandra in #183
• Update system_profiler.yml by @pratinavchandra in #182
• Update nscurl by @DefenderDaniel in #184
• Update defaults by @infosecB in #185

New Contributors

• @pratinavchandra made their first contribution in #183
• @DefenderDaniel made their first contribution in #184

Full Changelog: v1.5.0...v1.6.0

LOOBins v1.5.0

What's Changed

• Migrate to Pydantic v2 by @infosecB in #175
• Add version argument to PyLOOBins cli by @infosecB in #177
• Add test to release Github action by @infosecB in #178

Full Changelog: v1.4.3...v1.5.0

LOOBins v1.4.3

What's Changed

• Add release action, remove pre by @infosecB in #172
• Formatting and spelling fixes by @infosecB in #173

Full Changelog: v1.4.2...v1.4.3

LOOBins v1.4.2

What's Changed

• Change tactics in osacompile by @Res260 in #167
• Add swift by @0v3rride in #170

New Contributors

• @0v3rride made their first contribution in #170

Full Changelog: v1.4.1...v1.4.2

LOOBins v1.4.1

What's Changed

New Binaries

• Adding Say command by @pinarsadioglu in #163

Updated Binaries

• Remove the "Execution" tactic from 4 LOOBins by @Res260 in #158
• Add the "Defense Evasion" tactic to caffeinate by @Res260 in #159
• Add the "Defense Evasion" tactic to ssh-keygen by @Res260 in #160
• Change several mentions of reconnaissance to discovery by @Res260 in #161

New Contributors

• @pinarsadioglu made their first contribution in #163

Full Changelog: v1.3.0...v1.4.1