11/06/2024
New Features
- Updated form validation for reporting topics as
Exploited In The Wild. Users are now forced to provide a valid reference url, or create an assessment if they cannot provide a source.
Bug Fixes:
- There are no bug fixes for this release.
10/25/2024
New Features
- Automated EITW Reports from the AKB Worker for New Entries in the CISA KEV Catalog.
Bug Fixes:
- There are no bug fixes for this release.
09/17/2024
New Features
- Added new
Government or Industry Alertreference type.
Bug Fixes:
- There are no bug fixes for this release.
06/27/2024
New Features
- There are no new features for this release.
Bug Fixes:
- The tag “Observed in Nation State attacks” has been adjusted to “
Observed in State-sponsored attacks” to reflect industry standard terminology.
05/31/2024
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed unexpanded tags and references data in
/topics/{id}Public API endpoint.
- Fixed a bug causing a
500 Internal Server Errorwhen exceeding thesizequery param limit for the/topicsPublic API endpoint.
05/16/2024
New Features
- Added 2 new workers:
- CISA KEV Worker
- The CISA KEV worker will tag items that have been listed by CISA KEV automatically.
- We still invite you to add these tags to your assessments.
- The CISA KEV worker will tag items that have been listed by CISA KEV automatically.
- POC Worker
- The POC worker will add POCs to vulnerabilities from https://github.com/nomi-sec/PoC-in-GitHub. We will only add top 3 POCs for a given CVE.
- POCs added by this worker must have at least 2 GitHub stars.
- The POC worker will add POCs to vulnerabilities from https://github.com/nomi-sec/PoC-in-GitHub. We will only add top 3 POCs for a given CVE.
- CISA KEV Worker
Bug Fixes:
- Removed Twitter(X) Login
10/16/2023
New Features
- Added 3 new tags:
- Observed in Ransomware Attacks
- Observed in Nation State Sponsored Attacks
- CISA KEV listed
- Observed in Ransomware Attacks
Bug Fixes:
- There are no bug fixes for this release.
10/10/2023
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed broken email notifications for updates to topic assessments and comments.
2/07/2022
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed broken Twitter avatars.
11/16/2021
New Features
- Load time for User Profile pages is significantly reduced. The page default shows the latest 20 contributions. Users can then filter by Assessments or Replies, which are paginated.
- Topic creation is restricted to Admins only at this time. We hope to allow all Users to create Topics when we find a better way to integrate them with the overall corpus of data.
Bug Fixes:
- The sort order is fixed for Recent Activity on both the Topics page and Topic Search page.
9/08/2021
New Features
- The Activity Feed is now the homepage.
- Added a search filter for Mitre Tags.
- Search query string now supports CVE format
YYYY-SSSSin addition toCVE-YYYY-SSSS
Bug Fixes:
- There are no bug fixes for this release.
8/23/2021
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed the misalignment of the permalink icon on user profile slugs.
- Fixed the spurious firing of multiple notifications for the same event, causing, for example, duplicate entries on the Activity Feed.
8/17/2021
New Features
- Added tooltips to “exploitability” labels on topic pages and FAQ.
- Deleting “Exploited In The Wild” reports now happens dynamically, without a page refresh.
- Added enhanced OpenGraph preview images when linking to AttackerKB on Twitter/Slack/etc.
- Made the alignment of items on the activity feed more consistent.
Bug Fixes:
- Unparsed markdown is no longer rendered in embedded OpenGraph preview descriptions.
8/11/2021
New Features
- The Add References modal dialog was enhanced to allow users to submit more than one reference and prompt for the CVE ID when a topic is missing a canonical reference.
- Exploited in the Wild enhancements:
- Individual reports are linkable.
- The delete report confirmation uses a modal dialog.
- Individual reports are linkable.
Bug Fixes:
- Fixed the API use of ‘Basic’ HTTP Authentication Scheme (RFC 7617) to support a case insensitive ‘Basic’.
- Fixed an issue with the email unsubscribe if the email address contained a plus sign.
- Fixed in-app notification box issues with scroll shadow and behavior when the window is resized.
- Fixed an issue with Attacker Value and Validation tooltips not being visible on narrow windows or mobile portrait view.
7/16/2021
New Features
- Users can now log in with their Rapid7 account! If a user’s existing AttackerKB account was created using GitHub or Twitter and that account email address matches their Rapid7 account email address, either can be used to log in to an existing account. Otherwise, a new account associated with the Rapid7 account email address will be created.
Bug Fixes:
- Gracefully handle search for a nonexistent tag.
7/13/2021
New Features
- Database operation enhancements to provide better data consistency.
Bug Fixes:
- Fixed a UI bug in the scrollable in-app notification box.
7/1/2021
New Features
- There are no new features for this release.
Bug Fixes:
- User search results are now sorted in alphabetical order.
- Fixed a bug where some users would appear in user search results more than once.
- The notification box is now scrollable if a user has many notifications.
- Links to a Rapid7 Analysis from inside an assessment now work properly.
- The Attacker Value and Exploitability bar graphs are now less crowded in mobile view.
5/17/2021
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed a user score calculation bug.
5/11/2021
New Features
- Users can now log in with Twitter! If a user’s GitHub email address matches their Twitter email address, either can be used to log
in to an existing account. Otherwise, a new account associated with the Twitter email address will be created.
Bug Fixes:
- There are no bug fixes for this release.
4/27/2021
New Features
- There are no new features for this release.
Bug Fixes:
- The AttackerKB logo in emails is now a clickable link to the AttackerKB homepage.
4/23/2021
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed a bug where if an assessment had more than 10 tags, rendering would be limited to 10 tags.
- Fixed markdown header styling for levels 4 through 6.
4/15/2021
New Features
- Enhanced Exploited in the Wild reports. Multiple users can report a CVE as Exploited in the Wild, and they can add details and sources to their Exploited in the Wild reports. There is a new section under the Vulnerability Details tab that displays all Exploited in the Wild reports for a topic.
Bug Fixes:
- There are no bug fixes for this release.
4/9/2021
New Features
- A large set of performance improvements were completed. Page load times should be consistently fast throughout AttackerKB.
- Search results now include matches based on the Rapid7 Analysis contents.
Bug Fixes:
- Fixed notification avatar aspect ratio.
2/19/2021
New Features
- There are no new features for this release.
Bug Fixes:
- Fixed error when attempting to view a page beyond the search result limit. Added message to inform users to refine the search when the maximum of 10,000 displayable topics is exceeded.
- Centered “Vulnerability Details” text on tab.
- Fixed a number of field name and field values overflowing the Vulnerability Details tab.
- Fixed horizontal scroll issue with the navigation bar on mobile.
- Fixed topics and users labels alignment with their counts on the search results sidebar.
- Improved handling when a user session expires while editing a topic.
- Fixed percent symbol search error.
- Improved mobile page loading performance.
- Fixed search filters overflowing into the results on smaller windows and tablets.
1/8/2021
New Features
- The CVSS V3 Severity and Metrics presentation now defaults to scores and vector only. The display of the “long-hand” base metric labels and values can be toggled by clicking the element to the right of the vector.
Bug Fixes:
- Fixed topic previews from somtimes overflowing in narrow window views of the search page results.
12/31/2020
New Features
- Topics have a new section: More from AttackerKB Community. Located at the bottom of a topic, it includes several preview panes of the most-recent assessments added for other topics. Users can explore AttackerKB a little more easily. They can go directly to an interesting assessment by clicking the preview pane itself or following links to its parent topic or its author’s profile page, both embedded in the preview.
Bug Fixes:
- Fixed a recent regression so that users not signed in to AttackerKB can once again view User Profile pages.
- Changing the SORT BY dropdown selection on the User Profile page no longer results in an infinite reload loop.
- Fixed a bug causing a
500 Internal Server Errorwhen including aHORIZONTAL TAB(AKA0x09, AKA%09) in the topic search query string.
- Fixed the topic watchers and assessment count icons from overflowing the topic preview panes on the homepage of smaller mobile viewports.
12/18/2020
New Features
- In the topic header, known values of USER INTERACTION, PRIVILEGES REQUIRED, or ATTACK VECTOR are now clickable links that lead to a topic search by that attribute and value. For example, if ATTACK VECTOR is Local, then clicking “Local” will search for all topics with an attack vector that is local.
- A Watched Topics tab has been added to the User Profile page. Users can view all of the topics they are watching and easily un-watch any if they so choose.
Bug Fixes:
- There are no bug fixes for this release.
12/11/2020
New Features
- A written analysis is no longer required when submitting an assessment. The minimum requirement is now one of the following: Attcker Value, Exploitability, or a written analysis.
- The CVSS V3 score is now included in a topic’s Vulnerability Details when applicable.
- Deleting an in-app notification is now done in the background without a page refresh, making the user experience smoother and quicker.
Bug Fixes:
- There are no bug fixes for this release.
12/04/2020
New Features
- Search Page filtering now supports multiple selections. A user can, for example, search for all topics from CVE years 2020 and 2019 that have a Network Attack Vector with a High Attacker value.
- The Activity Feed now includes the event of topics being tagged as Exploited in the Wild.
- User Profile Settings now includes a switch to toggle all email notification types with one click.
- Permalinks have been added for different activity feed items such as assessments, comments, and Rapid7 Analyses.
Bug Fixes:
- There are no bug fixes for this release.
11/19/2020
New Features
- There are no new features for this release.
Bug Fixes:
- The Search Results page now returns results in the correct order for the SORT BY drop down selection.
- Made a small reduction to the homepage load time.
11/12/2020
New Features
- Added the ability for users to easily opt out of email notifications. A new link in the email footer takes a user to the
new Email Unsubscribe Request page. Their email address is automatically populated
and are offered a choice to unsubscribe from all email notifications or just to the notification type associated with the email
from which they clicked the link.
- Topic revision diffs now include Disclosure Date, Vendor and Product Information, User Interaction, Privileges Required,
Attack Vector, and the CVSSv3 Base Score.
- Added some buffering to email notifications that prevents the onslaught of emails related to events of the same subject and
type that occur closely in time.
Bug Fixes:
- Clicking the attribution link for Exploited in the Wild reported by the system no longer returns a
404error.
10/27/2020
AttackerKB is now out of beta! We’re thrilled to be reaching this milestone and we couldn’t have done it without all of the assessments, feedback, and other contributions provided by the community. THANK YOU!
The beta tag will be removed from the navigation bar, but that in no way means we’re done adding new features or improving our data. We’ll continue to work hard on AKB to ensure it is a valuable resource to the security community. Please continue to send us feedback using the feedback bubble on the site, or talk to our team directly on Slack.
AttackerKB is only just getting started.
New Features
- Added more information to the footers of email notifications to better indicate what setting triggered the notification
to be sent and who the intended recipient was (to help thwart phishing attempts).
- The API is now using versioned URLs so we can continue to add new functionality without breaking existing integrations.
All API endpoints are now prefaced with the version, for examplehttps://api.attackerkb.com/topicsis now
https://api.attackerkb.com/v1/topics. The API docs have been updated to reflect this.
- Creating a topic will now navigate to the Add References screen as a reminder to add canonical references (e.g. the CVE ID)
for better tracking and identification of the topic.
- Entries for the Rapid7 Analysis being updated will no longer display on the Activity Feed.
The updates were causing a lot of noise in the feed due to the fast-moving nature of high impact vulnerabilities.
- Topics can now be watched by clicking the watch icon on the home page or search results page.
- Improved styling on the Attacker Value bars on the home page to increase readability.
- Topic references are now included in responses from the API.
- New filters have been added to filter topics on Rapid7 Analysis, Metasploit modules, and if it has been exploited in the wild.
Bug Fixes:
- Clicking the
Report and add more detailsbutton when marking a topic Exploited in the Wild was not properly navigating
to the create assessment form.
- Fixed some display issues with search filters on lower browser resolutions.
- Fixed a bug that would incorrectly change the URL in the browser when switching between tabs. This had a side effect of
breaking the Add Reference action, which should no longer be an issue.
- Logging into AttackerKB should now properly redirect to the page that was being viewed rather than always navigating to
the home page.
- Fixed a bug that was causing the CVE Year filter to return incorrect results.
- Empty boxes should no longer display on the Vulnerability Details tab.
- Fixed an issue that caused timeouts when pulling large numbers of topics from the API.
- The delete button on references should now display properly on references that were created by you.
- Searching for an “empty” query will once again return a list of all available topics.
10/01/2020
New Features:
- A huge performance pass was completed over the majority of the site. Loading pages should be significantly faster throughout all
of AttackerKB. Extra effort was added to improve loading on mobile.
- Clicking anywhere on topic slugs on the home page and search results page will now take you to the topic.
- Clicking the grey tags on the topic slug will now take you to the search results page showing other topics with similar tags.
- New entries are now added to the Activity Feed page when a Rapid7 Analysis is created or updated.
- Metasploit modules that are associated with a topic will now display in the top section of a topic.
- MITRE ATT&CK tags can now optionally be selected when creating an assessment.
- Added tooltips to MITRE ATT&CK information to better explain functionality.
Known Bugs:
- Going to the search results page with an empty search query returns 0 results.
9/24/2020
New Features:
- References can now be added to a topic by clicking the Add References button on the Vulnerability Details tab.
- References are now listed in individual categories to help better organize them.
- Made changes to search to support the new references changes. We’re still collecting feedback on the implementation so
please feel free to fill out the Submit Feedback form if you
experience any errors with search.
9/23/2020
New Features:
- Added the ability to display announcements site-wide. When active, the announcement will display directly below the top
navigation bar. They can be dismissed by clicking theX.
- The CVSS v3 score will now be displayed for each topic next to the CVE ID.
- Topic revision history entries will properly display MITRE ATT&CK tags as they appeared when that revision was created.
- A check box was added to the assessment creation form to allow marking a topic as “exploited in the wild”. This will toggle
on the badge displayed in the upper-right corner of a topic in the same way clicking the button would.
Bug Fixes:
- Fixed a bug that incorrectly allowed MITRE ATT&CK tags to be added when viewing topic revisions.
9/15/2020
New Features:
- Added support for MITRE tags. Users can now add topic tags to represent MITRE ATT&CK tactics and techniques.
- Added in-app and email notifications for new Rapid7 Analyses added to topics. These notifications are enabled
by default, and users can adjust their notification preferences from their settings page.
9/8/2020
New Features:
- Updated workflow for reporting vulnerabilites as “exploited in the wild”.
- Removed homepage link to AttackerKB Beta survey.
Bug Fixes:
- Improved responsiveness of topic pages on mobile.
8/28/2020
New Features:
- The top section of the topic page has been redesigned to consolidate information and make important details stand out.
- A new tooltip has been added to help make visitors aware of the ability to watch a topic.
- The tags for vulnerability characteristics on the topic cards should now properly display the same data as within the
topic page.
Bug Fixes:
- Fixed a bug causing long strings in comments to break outside of the boundaries of the comment box.
- Tags for the vulnerability characteristics that appear within the cards on the home page will no longer jump
to multiple lines on mobile.
8/6/2020
New Features:
- Re-architected the design for topic and assessment tags to use a related data model. This is to support easier
addition of new tags and allow for enhanced functionality in future updates. The UI remains mostly unchanged. Changes
to the data model can be seen in the API documentation.
- Added date tracking for Rapid7 Analysis to show when that data was first added and when it was last updated. This is not
backwards compatible so only Rapid7 Analysis created from now on will display this data.
- Hovering over a badge on a user’s profile page or near their avatar will display a tooltip giving more information on how
that badge was awarded.
- Clicking the Cancel button when creating or editing an assessment will ensure any entered changes are removed.
- Switching between tabs on the topic page will now update the URL to the direct link for that tab.
Bug Fixes:
- Fixed a bug that was causing updates from AKB Workers to appear as performed by the wrong user.
7/23/2020
New Features:
- Added a new Activity Feed page. This will allow you to easily see all of the assessments and replies that have been
created across AttackerKB in chronological order. A link to this feed has been added to the top navigation bar.
- Added vendor and product information to topics where the data is available. This data is located on the Vulnerability Details
tab of topics where it is present.
- You are now able to filter search results and based on vendor and product. Enter the values you are looking to filter on into
the relevant fields on the left side of the search page and hit Apply to limit the results only to topics that match that data.
Bug Fixes:
- Topic descriptions containing long strings should no longer venture outside of their designated boundaries.
6/22/2020
New Features:
- Creating a new topic, adding an assessment to a topic, or commenting on an assessment will now cause you to automatically watch that topic.
A new setting has been added to the Profile>Settings page to toggle this behavior on or off.
- The search result count will now indicate the correct set of results you are viewing based on the page currently being viewed.
- Search results now use the full width of the page.
- The
Filtersmenu will now be hidden by default when searching on mobile. A new toggle has been added to show/hide the menu.
Bug Fixes:
- The
Nextlink will no longer incorrectly display on the Search Results page when there are no results on the next page.
6/12/2020
New Features:
- AttackerKB will now also include topics with a
RESERVEDstate.
- Added a new filter option on the search results page to return topics where the CVE state is either
PublicorReserved.
- Added the following new filters to the API. This allows you to return records from before or after the date specified.
See the documentation for more information.
createdAfter
createdBefore
revisedAfter
revisedBefore
- Improved the preview data when linking to AttackerKB on Twitter. Linking directly to an assessment will now preview
the content of the assessment rather than the topic. Also, the preview image should now be populated correctly.
- API activity is now tracked for performance and analytics purposes. See the API tab of your profile page for terms.
6/4/2020
New Features:
- Added two new tags, Exploited in the wild and Requires elevated access, for use when assessing topics.
- Added additional badges that are awarded when creating 5, 20, 30, and 40 assessments.
- Made adjustments to search results so topics with assessments, comments, and watchers will appear higher in the results.
Topics that do not have any of those pieces of content will be sorted by Disclosure Date.
- Added the ability to search for exact phrases by wrapping the phrase in quotation marks.
Bug Fixes:
- Fixed a bug that was causing an error when your search query contained special characters.
5/21/2020
New Features:
- A new tab has been added to topics to highlight Rapid7’s direct analysis of high-profile vulnerabilities.
This analysis is intended to be factual and unbiased. The new tab will only be displayed for topics where
Rapid7 analysis has been provided.
- The leaderboard can now be adjusted to show the top 50 leaders instead of only displaying the top 10.
See the new dropdown toggle at the top of the leaderboard page to adjust this view.
- Added a link to a survey on the home page to help us improve AttackerKB! Please check it out and provide your feedback.
Your input will directly affect development decisions and help make this tool more valuable for the world.
- (Re-)added a user’s score next to their username on assessments and comments to better indicate their contributions to AttackerKB.
Bug Fixes:
- Fixed a bug that was causing links to specific tabs on pages from navigating to the correct location.
5/7/2020
New Features:
- Added the ability to filter search results by various attributes such as CVE year, attacker value, tags, and more.
- Made a number of changes to “topic watching”:
- Added a counter to topics indicating the number of people currently watching the topic for updates.
- Changed the icon for watching a topic to better differentiate it from the notification icon.
- Added the ability to watch a topic to the “sticky” header.
- Added a counter to topics indicating the number of people currently watching the topic for updates.
- Added the ability to sort the home page by “Most Watched” topics.
- Added a changelog page, but that was probably pretty obvious if you’re reading this.
Bug Fixes:
- Fixed a bug that was causing two notifications to be sent when a user was mentioned in a comment or assessment.
- Fixed an issue with the way diffs were displayed on tags when viewing topic and assessment revisions.
- Fixed incorrect styling on the topic revision dropdown in certain browsers – rapid7/attackerkb#36.
- Fixed some issues viewing topic revisions on mobile – rapid7/attackerkb#46.
- Fixed a bug where topic metadata was incorrectly being removed when an edit was made to a topic.
