Skip to content

2023.02

Features / Enhancements

NodeZero

  • Detects login forms containing AWS credentials for the AWS Cognito Role in External Operations, and flags any instances where the credentials have permission beyond what is required for Cognito as a new weakness: H3-2022-0076.
  • Discovers and enumerates SMB credential files on NFS shares, SMB shares, and websites, and verifies these credentials against in-scope SMB services. This enables the use of the discovered credentials for credential pivoting.

Portal

When logging into the portal, you might get prompted to click a button to "Try New Experience", we hope you do! The new experience has been opened up for everyone to use, whereas previously it only existed for folks with early access.

There are many tweaks to visualizations and some content, but most importantly some key features that haven't been delivered for the original portal experience. They include:

  • Ability to Pause & Resume pentests
  • Externally Pentest IPs
  • 1-Click-Verify multiple weaknesses at once
  • Added Systemic Issues
  • Added Copy Pentest ID as an option to make CLI Scheduling easier
  • Totally new Attack Graphs

New experience only

  • Documentation in the new experience now links to the recently published docs.horizon3.ai in the help section
  • You can now toggle between relative time, absolute UTC time, and absolute local time for the timestamps on an attack path.

Current and New experience

  • Sample pentests are now excluded from search results on the main pentests page (unless the search text contains the text: “sample”).
  • The full action log CSV for a pentest is now included in the pentest-reports zip file.
    • (Also reflects in the corresponding GQL Query)

API

  • A command-line tool for interacting with the H3 API is now available: h3-cli
  • You can now schedule a pentest to run automatically on a recurring basis using the H3 CLI tool

Bugfixes

NodeZero

  • Fixed bug in Cyanide module related to repeat relaying of certain hashes
  • Fixed bug in ssh_verify_credentials module that affects downstream module success