Skip to content

Releases: slimtoolkit/slim

Improved xray and build, new Docker Engine version support

02 Feb 13:57
@kcq kcq
Compare
Choose a tag to compare

New Features

  • New build command flags (--include-dir-bins and --include-ssh-client).
  • Simple images command to list container images.

Improvements

  • OCI image format support in xray.
  • Improved xray command reports to include object type information.

Bug Fixes

  • Fixes and dependency updates to support the new Docker Engine version (25.x).

Binaries

See the INSTALLATION section in the README: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation

Sensor artifact post-processing bug fix

22 Jan 21:21
@kcq kcq
Compare
Choose a tag to compare

Bug Fixes

  • Sensor artifact (post-)processing bug fix for additional PT generated artifacts.

Binaries

See the INSTALLATION section in the README: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation

Enhanced Monitor Data Event Log (mondel)

15 Jan 21:14
@kcq kcq
Compare
Choose a tag to compare

Improvements

  • Added command parameter information to process events in mondel.
  • Enhanced mondel event capture to prevent event data loss on sensor shutdown.

Binaries

See the INSTALLATION section in the README: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation

Simple container registry server and vulnerability EPSS lookup/query capabilities

07 Jan 20:30
@kcq kcq
Compare
Choose a tag to compare

New Features

  • New vulnerability command and the epss subcommand to lookup EPSS scores for vulnerabilities.
  • Simple registry server command to have a local OCI registry (thank you Sarvesh Raj, @sarveshraj, for your contribution!).
  • Simple registry push command to push local images to a registry.
  • Simple images command to list container images.
  • RPM packaging for the apps (thank you Rohan Jamadagni, @Rohansjamadagni, for your contribution!)

Improvements

  • Enhanced registry pull command to pull images from authenticated registries.
  • quiet mode improvements (WIP) to hide the standard execution context output when it's enabled.
  • quiet mode for the images command.
  • Interactive prompt updates to include the images, registry and vulnerability commands and a couple of global flags.
  • Monitor Data Event Log (mondel) enhancement to improve the write path.

Binaries

See the INSTALLATION section in the README: https://github.com/slimtoolkit/slim?tab=readme-ov-file#installation

Multi-arch images, listing container images, improved minification

10 Dec 18:50
@kcq kcq
Compare
Choose a tag to compare

New Features

  • Simple registry image-index-create command to create multi-architecture images.
  • Simple images command to list container images.

Improvements

  • Improved ptmon syscall handling.
  • Enhanced mondel events with timestamps and sequence numbers.
  • Extra docker socket validation checks.
  • Version info on exit/failure.
  • Temp container cleanup improvements.
  • ARM image build scripts for the containerized distribution.

Bug Fixes

  • Websocket http probe bug fix.
  • Various ptmon bug fixes.

Binaries

Build them from source or download from a CDN location:

Minor features and improvements for xray, build, profile and debug as well as minor new sensor features

02 Nov 18:22
@kcq kcq
Compare
Choose a tag to compare

New Features

  • Sensor control commands to control sensor execution when running in the standalone mode (first command: stop-target-app).
  • xray - detect system identities (users, groups) and their properties (--detect-identities flag, enabled by default).
  • build - Keep the OS/libc zoneinfo data (--include-zoneinfo flag, disabled by default).
  • build/profile - Mon(itor) Data Event Log (aka mondel) - optional data event log for sensor monitors to log/stream monitor events (--enable-mondel main app flag, --mondel/-n sensor flag(s)).

Improvements

  • target-app-running sensor lifecycle hook.
  • build/profile: --env-file to load env vars from a file.
  • build/profile: basic input validation to ignore malformed env var data for the --env flag.
  • build: Using internal output image builder by default (--image-build-engine flag)
  • Renamed the reverse engineered Dockerfile from Dockerfile.fat to Dockerfile.reversed (the reversed Dockerfile is also saved with the old name for backward compatibility

Bug Fixes

  • Various bug fixes (see commits/PRs for details)

Binaries

Build them from source or download from a CDN location:

Minor features and improvements for xray, build, profile and debug as well as minor new sensor features

01 Nov 23:28
@kcq kcq
Compare
Choose a tag to compare

New Features

  • Sensor control commands to control sensor execution when running in the standalone mode (first command: stop-target-app).
  • xray - detect system identities (users, groups) and their properties (--detect-identities flag, enabled by default).
  • build - Keep the OS/libc zoneinfo data (--include-zoneinfo flag, disabled by default).
  • build/profile - Mon(itor) Data Event Log (aka mondel) - optional data event log for sensor monitors to log/stream monitor events (--enable-mondel main app flag, --mondel/-n sensor flag(s)).

Improvements

  • target-app-running sensor lifecycle hook.
  • build/profile: --env-file to load env vars from a file.
  • build/profile: basic input validation to ignore malformed env var data for the --env flag.
  • build: Using internal output image builder by default (--image-build-engine flag)
  • Renamed the reverse engineered Dockerfile from Dockerfile.fat
    to Dockerfile.reversed

Bug Fixes

  • Various bug fixes (see commits/PRs for details)

Binaries

Build them from source or download from a CDN location:

Improved `debug` command with new capabilities and enhanced UX

26 Aug 02:04
@kcq kcq
Compare
Choose a tag to compare

Improvements

  • Auto-complete in the interactive prompt mode for the target, namespace, pod and session flags
  • Interactive debug command terminal that runs as if you are connected directly to the target image you are debugging (enabled by default)
  • Basic sessions for debug command
  • Ability to show logs for the existing debug command sessions
  • More debug command flags (see README)
  • README docs updates for the debug command

Bug Fixes

  • Many debug command bug fixes

Binaries

Build them from source or download from a CDN location:

Debug command refresh and kubernetes support, appbom command, bug fixes

13 Jul 07:57
@kcq kcq
Compare
Choose a tag to compare

New Features

  • Kubernetes runtime support for the debug command
  • appbom command in the main app and --appbom flag in the sensor
  • merge command to merge two container images (optimized to merge two minified images)

Improvements

  • More debug command flags
  • README docs for the debug command
  • Ability to detect the Docker Desktop unix socket
  • Code and logging cleanup

Bug Fixes

  • Sensor volume fix for sensor symlinks (to address the Homebrew installed problems with sensor)
  • Various dependency updates to get security fixes

Binaries

Build them from source or download from a CDN location:

Bug fixes and the experimental obfuscate-metadata build command flag to confuse vulnerability scanners

09 Jun 02:20
@kcq kcq
Compare
Choose a tag to compare

Improvements

  • New experimental build command flag to prevent the vulnerability scanners from discovering the metadata they need to identify the vulnerabilities (--obfuscate-metadata) inspired by the Malicious Compliance KubeCon EU 2023 talk

Bug Fixes

  • HEALTHCHECK instruction decoding enhancements to handle the data generated by buildah
  • fsutil format string bug fix

Binaries

Build them from source or download from a CDN location: