Changelog
v1.17.0
2024-08-26
- New features:
- Execution retention period can now be specified at the project or task level
- Files can be deleted in Node file explorer (requires at least STARTUP Edition)
- Enhancements:
- Add a delay between failed login attempts to prevent brute-force attacks
- Execution lists can be dynamically filtered by task name
- Node lists can be dynamically filtered by node name
- In SQL report tasks, chart base width becomes a minimum width: if the displayed width is less than the base/minimum width, a horizontal scroll bar appears rather than shrinking the chart
- Add explicit Node unreachable error on failed SSH connection attempt
- Revamp SSH connection management
- Back-end is built with Go 1.23
- Bug fixes:
- Removal of Windows Defender false positives with ctfreak.exe
- Fix unreleased resources on failed Postgresql database connections over SSH tunneling
- API execution creation now returns http code 201 instead of 200
- Fix default submit button issues on task edition
v1.16.0
2024-07-30
- New features:
- Node file explorer: CTFreak can now be used as a read-only SFTP web client for all your nodes
- Enhancements:
- Smoother UI navigation with improved concurrent read-only access to backend database
- Update dependencies
- Bug Fixes:
- Fix saving of node filter tag exclusion when editing tasks
v1.15.0
2024-06-27
- New features:
- Improved HTTP Request tasks:
- Add optional HTTP response logging (status, headers and body)
- JSON response body auto-prettifying
- Improved HTTP Request tasks:
- Enhancements:
- Add FreeBSD amd64 & arm64 build and install process
- Add Linux arm64 build
- Remove Linux arm32 build
- Back-end is built with Go 1.22
- Update dependencies
- Update internal log timestamp format
- Reworking of FREE & STARTUP Edition license
- Bug Fixes:
- Fix scrolling reset issues when editing large scripts
- Remove redundant logs when executing SQL script task
v1.14.2
2024-05-12
- Bug Fixes:
- Fix gitlab incoming webhook calls
- Improve logs of failed incoming webhook calls
v1.14.0
2024-02-13
- New features:
- Parameterizable tasks:
- Define a list of parameters per task
- Parameter types can be either Selector, Checkbox, Integer, Date, or Text
- Each parameter has a default value
- Set parameter values on new execution form
- Use them in your Bash or Powershell script tasks as environment variables
- Use them in your SQL report tasks as query parameters
- Very useful to allow business users to execute a task with restricted options
- Parameterizable tasks:
- Project constants can now be used in your SQL report tasks as query parameters
- Enhancements:
- !!Breaking change!!: the
:
symbols in SQL report task queries must now be doubled, so as not to be confused with a query parameter CF_PC_
project constant prefixes have been renamed toCPC_
(renaming in existing bash and powershell scripts will be done automatically on CTFreak instance update)- Improve Rest API error messages
- Update dependencies
- !!Breaking change!!: the
- FREE Edition specs update and new BUSINESS Edition (see ctfreak.com homepage)
- Bug Fixes:
- Fix default submit button issues on some forms
- Use SMTP without authentication when SMTP Username is empty
v1.13.2
2024-01-10
- Bug Fixes:
- Support
LOGIN
SMTP authentication method in addition toPLAIN
to enable email notifications to be sent to MS Office 365 smtp server
- Support
v1.13.1
2023-12-28
- Enhancements:
- Migrate to CodeMirror 6
- Update dependencies
- Reworking of license page
- Bug Fixes:
- Fix line wrap overflow issue when editing scripts
- Fix chart duplication issue on SQL report tasks
v1.13.0
2023-10-24
- New features:
- Project constants:
- Define a list of constants per project
- Use them in your bash or powershell script tasks as environment variables
- Update the value of your constants instead of updating your scripts
- Project constants:
- Enhancements:
- Replace deprecated dependency to manage OpenID Connect token
- Migrate front-end to Svelte 4
- Update dependencies
- Reworking of demo project
v1.12.0
2023-09-21
- New features:
- In SQL Report tasks:
- Charts can be duplicated
- New options to force axes to begin at zero
- In SQL Report tasks:
- Enhancements:
- Improve UI:
- Increase selection area size for links
- Reduces footer refresh rate
- Update colors
- Add license alerting:
- Remaining days before license expiration
- License check issues
- New About page with third-party software list
- Improve UI:
- Bug Fixes:
- Reverse top and bottom axis for horizontal bar/line charts
- Fix typo in sql report
v1.11.1
2023-08-13
- Enhancements:
- List of notifiers now transitions from a table to a grid on mobile resolution
- Back-end is now built with Go 1.21
- Bug Fixes:
- Upon first startup, create the directory $HOME/.config if it is missing as needed
v1.11.0
2023-08-05
- New features:
- New SQL Report task:
- Generate a responsive report from SQL queries
- Mix multiple data sources
- Choose from various types of charts
- The FREE Edition allows creating up to 2 SQL report tasks
- New project viewer role:
- A user with this role on a given project will only be able to view the execution results of the project’s tasks (not the log files)
- This role is ideal for restricting business users to access only the reports generated by SQL Report task
- New SQL Report task:
- Enhancements:
- Redesign of sub-execution database storage
- New task type selector
- Update dependencies
- FREE Edition specs update
- Bug Fixes:
- Fix empty workflow edition issue
- Remove Delete execution button for user with executor role
- Fix cache issues on iOS
v1.10.1
2023-06-20
- Enhancements:
- Add command line arguments to setup external url and main OpenID Connect auth provider at startup of CTFreak
- Call OpenID Connect
userinfo
endpoint as fallback for missing claims in ID Token
v1.10.0
2023-06-18
- New features:
- Maximum number of concurrent shell script/command executions is now configurable for dedicated tasks
- Enhancements:
- A SQL script task can now be re-executed only on the failed databases of a previous execution
- Bug Fixes:
- Add explicit OpenID Connect “Empty user name” error message
- Fix Typo in SSH credentials
- Fix node/database execution list refresh issues with active/failed executions filter
v1.9.2
2023-05-30
- Enhancements:
- Retrieve mysql error number on failed database connection
- Bug Fixes:
- Aborted SQL script task should return Aborted instead of Failed for final status
RAISE NOTICE
commands now properly appear in logs of SQL Script tasks for Postgresql databases without SSH tunneling- Fix SQL Script Aborting for Postgresql databases with SSH tunneling
v1.9.0
2023-05-12
- New features:
- CTFreak now manages databases (following the same principle as nodes) !
- Mysql and Postgresql are the first supported types, with others being added in future updates
- Nodes can be used to connect to databases via an SSH tunnel
- New SQL script task: execute SQL or PL/SQL script on databases
- New global settings option to disable task scheduling
- CTFreak now manages databases (following the same principle as nodes) !
- Enhancements:
- !!Breaking change!!: node names are now unique. Any existing duplicates (if there are any) will therefore be given a new name “{old name}-1”, “{old name}-2”, … after the update.
- Failed external node source syncs return more detailed errors
- Node filters no longer exclude nodes without credential
- Add all/active/failed executions filter for execution list
- Update dependencies
v1.8.4
2023-04-11
- New features:
- Custom logo displayed on the login page and in the header of the sidebar menu (PRO Edition only)
- Enhancements:
- Perform a database vacuum when ctfreak starts
v1.8.3
2023-03-19
- Enhancements:
- Redesigned notification conditions in task editor
v1.8.2
2023-03-11
- New features:
- New Replacement multiple execution policy: when receiving an execution request while an execution is already running for a given task, abort the running one and chain a new execution
v1.8.1
2023-03-10
- New features:
- New Smart chaining multiple execution policy: when receiving an execution request while an execution is already running for a given task, chain the new execution (this is particularly useful for setting up a CI/CD pipeline)
- Enhancements:
- Requests for forbidden concurrent executions are rejected rather than resulting in a new failed execution
- Project task lists can be dynamically filtered by task name
- Add profile page
- Use profile picture for OpenID Connect users
- Bug Fixes:
- OpenID Connect users “Full name” field is not editable anymore
- Fix the link that redirects to the cron format documentation
v1.7.2
2023-02-23
- Enhancements:
- Use a darker theme color for better text readability
- Bug Fixes:
- When requesting the aborting of the execution of a command or script task, a SIGHUP signal is now sent for a graceful shutdown
v1.7.1
2023-02-18
- New features:
- Add Incoming Webhooks:
- Generic webhook to execute a task with a simple HTTP POST request
- Github/Gitlab webhook to execute a task after an event (push, …)
- Add Incoming Webhooks:
- Enhancements:
- Add task type preselection page
- Add notifier type preselection page
- Schedule embedded database analyze once a day to improve performance
- API return distinct error messages for missing discord/mattermost/slack/msteams notifier parameters
- Update dependencies
v1.6.0
2023-01-31
- New features:
- Add Telegram notifications
- Add MS Teams notifications
- Enhancements:
- Add a command line argument to bypass the http port stored in the config file
v1.5.2
2023-01-10
- Bug Fixes:
- CTFreak can now be properly run as a Windows service
v1.5.1
2023-01-09
- New features:
- New Powershell script task: execute powershell scripts on windows nodes through SSH
- New node page with the list of tasks using the node (very useful for checking if there are still tasks related to the node before deleting it)
- Enhancements:
- !!Breaking change!! for Windows CTFreak instances: CTFreak config folder is no longer
%AppData%\ctfreak
but%LocalAppData%\ctfreak
(think of moving your folder before your upgrade) - Add pagination of the task list on project pages
- All listings increase from 30 to 40 items per page
- The execution of a task now systematically requires a confirmation and redirects to the execution page
- Notifications previously sent only in case of failed executions are now also sent in case of aborted executions
- !!Breaking change!! for Windows CTFreak instances: CTFreak config folder is no longer
- Bug Fixes:
- Fix failed webhook call detection for Discord/Mattermost/Slack notifiers
- Discord notifier name should not contain “discord”
- Fix dead link in credential listing
v1.4.0
2023-01-04
- New features:
- Node filters now handles tag or node name exclusions with
!
prefix
- Node filters now handles tag or node name exclusions with
- Enhancements:
- Add a footer mention when a new ctfreak release is available to download
- Bug Fixes:
- Add a link to execution page in email notifications
v1.3.2
2022-12-28
- Bug Fixes:
- Fix Microsoft OpenID Connect preset
- Add X-Accel-Buffering http header to prevent logs loading issues with nginx reverse-proxy
v1.3.1
2022-12-27
- Enhancements:
- Add Salesforce & Onelogin OpenID Connect presets
- Bug Fixes:
- Fix missing nodes menu for admin users without any project manager role
v1.3.0
2022-12-22
- New features:
- Add SSO via OpenID Connect
- Add user rights management
- Users are deletable
- Enhancements:
- Hide unassigned projects from non-admin users
- Update dependencies
- Bug Fixes:
- Fix for disabled users not being taken into account in some cases
- Fix null error messages on user creation or update
v1.2.0
2022-10-25
- New features:
- Add new Email Notifier
- All notifiers can now be tested on demand
- Add notifications for execution failures
- Enhancements:
- Remove empty headers on HTTP Request task creation
v1.1.2
2022-10-18
- Bug Fixes:
- Fix typo on Credential page
- Fix OAuth Access Token
v1.1.1
2022-09-26
- New features:
- New HTTP Request task type to call API endpoints (webhook, ping, …).
- PRO Edition now unlocks concurrent task executions instead of concurrent SSH connections (In other words, the FREE Edition now allows for concurrent SSH connections within the same task).
v1.0.9
2022-09-14
- New features:
- A task can now be re-executed only on the failed nodes of a previous execution.
- Enhancements:
- Add failed nodes filter for node execution list.
v1.0.8
2022-09-04
- New features:
- Add node attribute os family
- Enhancements:
- Do not prevent the creation of forbidden concurrent executions, just mark them as failed.
- Remove node attribute ssh shell
v1.0.7
2022-09-02
- Enhancements:
- Client request a forced reload to clean browser cache when the client version does not match the server version.
- Highlight nodes and external node sources with missing credential.
- Typo: rename keys to credentials