Skip to content


Features / Enhancements

Single Sign On

The NodeZero portal now has experimental support for Single Sign-On using OpenID Connect (OIDC). See SSO for details.

Password Audit Operation

NodeZero AD Password Audit is an easy way to audit the strength and similarity of user passwords in an Active Directory environment. See the Password Audit page for more info on how and why you should be using this new type of NodeZero operation on a regular basis.

Remote Access Tool (RAT)

NodeZero can now leverage detected weaknesses and vulnerabilities to deploy Remote Access Tools (RATs). These tools provide additional access that NodeZero uses to further explore attack paths during operations. NodeZero coordinates these RATs to conduct more extensive post-exploitation on hosts, including common MITRE ATT&CK® techniques such as system information gathering and credential dumping. See the Remote Access Tool page for information.

Bulk Authorize External Assets

The External Assets page of the NodeZero portal has been revamped to improve ability to sort, filter, and bulk-authorize assets.

Runner Management

NodeZero Runners enable automated deployment of the NodeZero Docker container to a specific host. This release adds a Runner Management page to the portal to enable better visibility and control over your runners.

BloodHound Data

NodeZero now collects BloodHound data during Pentest operations. If requested, this data can be made available for download for a short time after an operation completes. See the BloodHound page for more information.

Attack Content

  • Added exploits for new weaknesses
  • Added AWS attack content

Bug Fixes

  • Resolved a bug that was impeding screenshot capture during external operations.
  • Resolved a bug related to inadequate sanitization of certain values in the proofs of weaknesses.
  • Corrected an issue leading to false positives during the detection of default logins for Cacti web applications (IPQ-494).