<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3026858&amp;fmt=gif">

DRONE Release Notes



Version 1.7.2

  • Added Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-42321) identifier to Vulnerability Analyzer



Version 1.7.1

  • Fixed an issue with the Package Manager Analyzer 

  • Fixed an issue with the auto selection of the available analyzers



Version 1.7.0

  • DRONE can now fly on Linux with the analyzers below;

    • Generic WebShell Analyzer

    • Vulnerability Analyzer

    • YARA Scanner

    • Process Analyzer

    • CronJob Analyzer

    • Package Manager Analyzer

    • Shell History Analyzer

  • Added support for 32-bit systems

  • Added Regex and Wildcard support on keyword search

  • Added SMB v1 identifier to Vulnerability Analyzer

  • Added minimum score to report option to the CLI

  • Added support for analyzing multiple MFT files

  • Improved YARA scanner performance

  • Fixed an issue on Sigma rule execution



Version 1.6.0

  • Blog News: DRONE v1.6.0

  • Added YARA Scanner

  • Added Ransomware Identifier

  • Added an option on CLI to synchronize Sigma public repository

  • Added an option on CLI to pull YARA repositories given from the config file

  • Added an option on CLI to specify the output directory

  • Added an option on CLI to specify of case id

  • Improved Process Analyzer

  • Webshell verdict level increased to Dangerous from Matched

  • Fixed an issue with the license usage

  • Fixed an issue with the process loader


Version 1.5.0

  • Added HTTP Proxy option to the CLI

  • Added Admin share usage detection via Shellbags

  • Added Provider filter option to the Events of Interest Analyzer

  • Improved Browser History Analyzer

  • Improved Tower's data transmission

  • Fixed an issue with the Tower's grid renderer




Version 1.4.1



Version 1.3.0

  • Blog News: v1.3.0

  • Added config file for saving settings and license (DRONE.Config.yml)

  • Added support for custom event list (DRONE.EventsOfInterest.yml)

  • Added -a parameter for enabling analyzers from the command line

  • Added attribution to Sigma Detections

  • Improved Syslog reporting

  • Improved HTML reporting

  • Updated VMProtect version

  • Updated Sigma Rules repository

  • Decreased file size to 17MB

  • Removed manual command line mission providing

  • Fixed an issue with Datetime parsing (credits: Chris Culina)

  • Fixed an issue with Syslog

  • Fixed an issue with the HTML report




DRONE was born on 13th May 2021 with our first public Beta release 1.2

Download the AIR Features Guide
It only takes 2 mins to setup your free AIR trial
Providing Cyber Resilience to World-class Enterprises Globally
PwC Garmin Sophos Turkish Airlines KPMG EY Deloitte Turkcell Integrity360