CalvinBackup/phishingclub
1
0
Fork 0
mirror of https://github.com/phishingclub/phishingclub.git synced 2026-02-12 16:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7b2f43cfececd20d02ecd3cdaf377da06e2a07ba
phishingclub/RELEASE.md
Ronni Skansing 7b2f43cfec update release notes 
Signed-off-by: Ronni Skansing <rskansing@gmail.com>
2026-02-08 02:50:58 +01:00

340 lines
13 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Changelog
## [1.30.2] - 2026-02-08
- Fix authenticated blind SQL injection related to orphaned recipients.
Thanks to [Rayn Light](https://www.linkedin.com/in/rayn-light-723a6a261) for responsible disclosure, detailed report and quick feedback.
## [1.30.1] - 2026-02-05
- Fix various proxy rewrite replace bugs
- Fix proxy multiline yaml
## [1.30.0] - 2026-02-04
- Added toggle test campaigns from campaign page
- Added proxy rewrite replace support multi lines
- Added delete event for open campaigns
- Added save pagination choice globally
- Minor table and select UI improvements
- Fix missing allow / deny list on created campaign
- Fix dashboard toggle test campaigns and label in table
## [1.29.0] - 2026-01-30
- Add search to proxy hosts in visual mode
- Add support for recipient variables in proxies
- Add support for {{.Origin}} in proxy response headers
- Add support to remove header via. empty replace when using regex
- Extended timeout for application update
- Fix proxy dom engine should only handle content type HTML
- Fix CTRL+S inside proxy visual mode
## [1.28.0] - 2026-01-29
- Added proxy builder visual mode
- Added proxy import / export
- Added calendar week mode, start by today, and start of week
- Added option to add custom database DSN query params
- Improved calendar UI
- Improved view as company frame
- Improve loading spinner on navigation
- Improve campaign trend chart in log scale
- Minor database index optimization
- Fix complete refresh not required on links in profile menu
## [1.27.1] - 2026-01-27
- Fixed rID variable using key instead of value in email
- Added experimental ARM support in all release builds
## [1.27.0] - 2026-01-22
- Added support for attachments as inline images in emails and the email editor
- Fix delete orphans recipients when recipient is in active campaign
- Fix error in update options
- Fix faulty migration
- Fix added AllowDenyIDs on get campaign by id endpoint for consistency
## [1.26.0] - 2025-12-19
- Added ContentRaw variable to API Senders
- Fix proxy capturing on 302 responses
- Fix remove frontend max length on start url
- Fix removed frontend validation on email FROM
- Fix import text description
## [1.25.0] - 2025-12-17
- Added webhook data level selection and webhook filtering
- Fix and improve upload campaign reporters with column selection
- Fix disable webhook on created campaign
## [1.24.0] - 2025-12-15
- Added import oauth
- Add warning before viewing email that cause an event to trigger
- Improved campaign timeline performance and added now indicator
- Fix multi select was cut off when overflowing modal
- Fix campaign recipient event modal switching sort between asc and desc
## [1.23.0] - 2025-12-13
- Added Session Sushi as recommended handling of captured cookies
- Rename whitebox/blackbox to Simulation/Red Team
- Added support for capturing PUT, PATCH and more content types
- Added status modal after import recipients
## [1.22.0 / 1.21.1] - 2025-12-03
- Added preview recipients modal to create campaign modal
- Added readonly to recipient email on update modal
- Added CTRL+s save on create modals that are primarily editors
- Improved installer UI width
- Added clientside validation to username and password on installer
- Added recipient CSV clientside parsing warnings and errors
- Fix rewrite_urls query param mapping bug in proxies
- Fix CTRL+s save on update now keep position in editor
## [1.21.0] - 2025-11-27
- Added new capture engines for json, formdata and urlencoded
- Added support for multiple find in captures
- Added Random Recipient variable
- Added support for variables in email subject line
- Added support for proxy targers with ports
- Added schema http/https in proxy
- Fix added noreferrer to external links
- Minor UI improvements
## [1.20.0] - 2025-11-23
- Added Blackbox / Whitebox display mode
- Obfuscation template can now be edited
- For MITM proxying Surf HTTP client is now exclusively used
- Added copy recipient email (not content) to campaign action
- Improved campaign page detail and actions UI
- Improved input placeholder color in dark mode
- Fixed various MITM bugs related to impersonation and Surf HTTP client
## [1.19.0] - 2025-11-21
- Added OAuth Providers and integration with API Senders
- Added copy email on recipient actions on campaign page
- Fix bad error message on custom sent message failure
- Fix bad error sometimes caused by context cancellation on custom send message
- Fix campaign template able to be both SMTP and API Sender
- Fix has next page in pagination on campaign page
- Fix campaign recipients endpoint uses standard response
- Improved recipient actions text on campaign page
## [1.18.0] - 2025-11-18
- Added option to add jitter to scheduling
- Fix set cancelled only for recipients of campaign
- Fix missing tabindex and active style for checkboxes
- Improve range slider for campaign distribution
## [1.17.1] - 2025-11-16
- Fixed missing meta data on a couple of eserivents
## [1.17.0] - 2025-11-16
- Added option to to add data to webhook events
- Fix added a couple of webhook calls
- Fix add global rewrite rules to requests without mitm session
- Fix bad handling of brotli/gzip with browser empersonation
- Fix cookie events captured before all required captures
- Removed unused sorting column
## [1.16.0] - 2025-11-12
- Added synthetic 'email read' event when visiting a lure without having loaded a tracking pixel in a email
- Added {{.FromName}}, {{.FromEmail}} and {{.Subject}} variable support to API sender
- Fix {{.APIKey}} not rendered in API request header
## [1.15.1] - 2025-11-11
- Fix missing meta data field on some events
- Handle unknown events on campaign page
## [1.15.0] - 2025-11-11
- Added tools page with ip geo lookup and JA4 fingerprint builder
- Added option to save additional recipient event data (ja4, Sec-CH-UA-Platform header and Accept-Lang header)
- Deny page visits are now saved as events
- Fix updating geo filter not updating filter
## [1.14.0] - 2025-11-09
- Added allow / deny filtering based on geo IP
- Added support for sock5 with authentication
## [1.13.1] - 2025-11-07
- Fix bad calculation for submitted on campaign page
- Fix ensure folder exists for attachments
## [1.13.0] - 2025-11-07
- Added proxy request JA4 impersonation
- Added JA4 filtering with wildcard support in allow deny lists
- Changed IP filtering to filtering
- Bumped dependencies
- Fixed overly eager proxy auto completion in editor
- Fixed bug in obfuscation that could cause dublicate variables
## [1.12.0] - 2025-11-04
- Added tls directive for proxy domains
- Added self signed certificates for domains
- Added expand mode to SimpleCodeEditor
- Align proxy editor UI with normal editor
- All campaign trendline settings are saved
- Clear proxy session when changing a proxy config
- Fixed unused config field
## [1.11.0] - 2025-11-01
- Added option to use campaign obfuscation
- Removed details/editor and added expand option to editor
- Fix editor preview bug when toggled multiple times
## [1.10.0] - 2025-10-31
- Added release image on ghcr
- Added option to pin menu
- Pagination now disables previous and/or next button in appropriate cases
- Added log scale and relative metrics to Campaign Trendline
- Trendline settings are now saved
- Updated custom company stats table to more than just percentages
- Various UI style fixing mostly related to firefox and tables
- Various fixes to Campaign Trendline
- Fix proxy host rules reacting to other hosts rules
- Fix custom stats not added to completed campaigns on dashboard
- Fix bug with importing data in nested folders
- Fix preview domain always visible in editor
- Fix bug where domains might be shown in editor
## [1.9.1] - 2025-10-25
- Fixed missing proxy logic for modifying sessionless request and headers
- Fixed actions width to align with header width
## [1.9.0] - 2025-10-24
- Revamped proxy access directive
- Added proxy rewrite URL directive
- Added custom stats for company
- Various changes to the proxing logic
- Simplified create campaign modal
- Simplefied create template modal
- Campaign anonymization now requires confirmation
- Improved dashboard campaign trendline
- Fixed response for host specific path matched any host
- Fixed copy button copied wrong text
- Fixed bad dark mode color on copy campaign recipient event
- Fixed check campaign name before step 2 on copy campaign
- Fixed copy campaign transfering values that should be reset
- Fixed bad mapping on campaign templates 'is complete'
- Fixed proxy should not be available in all contexts
- Fixed bug when deleting all assets of a domain
- Added beta tag for Proxy functionality
## [1.8.0] - 2025-10-19
- Campaigns now support Anti-Bot / Evasion page
- Proxy campaign pages now support IP filtering
- Minor UI update / fixes
## [1.7.0] - 2025-10-16
- New DOM engine choice for proxy rewrite directive
- New response proxy directive
- New orhaned recipients page with delete all
- Quick navigation with CTRL+p
- A comment can now be added to a company
- Added confirm alerts to company and shared data export
- When in company context tables show which scope a row belongs to
- Fix panic on missing nil checks of various proxy rules
- Fix panic on export shared view data
- Fix missing validation of type on allow/deny list
- Fix error still shown when updating with shortcut
- Fix campagin box position on trendline
## [1.6.2] - 2025-10-13
- Remove dark mode browser specific styling for date components
## [1.6.1] - 2025-10-13
- Fix proxy domain comparison
- Improve campaign trendline campaign box
- Escape context in analytics graphs
- Fix login page on dark mode
## [1.6.0] - 2025-10-12
- Added debug flag
- Option to install example templates on setup
- Support for CTRL+s to save when updating email, page or domain without closing editing modal
- Many UI updates
- Set as sent now has a confirm modal
- Improve tabbing in form modals
- Fix if first page is a proxy, skip the campaign template domain
## [1.5.0] - 2025-10-08
- Added access control rules for proxys
- Completion help for proxys in editor
- Vim mode for editors
- Fix proxy header rewrite not being done
- Fix company attachments in shared context
- Fix panic on loading tracking pixel for deleted campaign
- Various UI fixes
- Campaigns now default to saving submitted data
- Updated embedded licenses
- Removed securejoin dependency in favor of os.OpenRoot (native)
## [1.4.0] - 2025-09-30
- Added proxy (MITM) functionality
- Added 'Advanced mode' to interactive installer
- Various UI fixes
- Fix Editor style isolation
- Bump dependency
## [1.3.1] - 2025-09-21
- Improved width of links in tables
- Fixed asset page not showing domains
- Fixed domain assets shown under global assets
- Improve asset delete modal text
- Removed asset preview icon background
- Minor improvements to install / login UI
## [1.3.0] - 2025-09-19
- Added dark mode support and various UI improvements
- Added manual backup functionality
- Added reported functionality for phishing campaigns
- Added recipient manual send action
- Added validation on save
- Added link to release information on update modal and page
- Fixed copy campaign wrong text on create
- Fixed HTML to text template handling
- Fixed bad title on settings page
- Fixed dashboard scroll to top issue
- Improved send again texts
- Improved modal error position
- Moved recent campaigns to bottom of dashboard
- Bumped Go version and dependencies
## [1.2.1] - 2025-09-15
- Add debug logging to SMTP
- Fix excessive table URL params
- Bump backend and frontend dependencies
- Add debug log for SMTP
## [1.2.0] - 2025-09-04
- Added support for YmdHis Date and Base64 template functions
- Improved campaign review details
- Fix import modal not scrolling to bottom after import
## [1.1.13] - 2025-08-30
- Fix too many get all sessions params sent
- Fix invalidate all sessions
- Fix missing change company
- Fix improve table checkboxes to Yes/No
- Table menu is now larger and placed more correctly
- Simple code editor for API senders body
- Removed CRM/License link from developer panel
## [1.1.12] - 2025-08 -29
- Added a update button to campaigns details page
- Toggle test campaign on dashboard
- Fix trend legend alignment
- Improve domain TLS certificate management naming
- Campaign creator, sort by and order not optional in delivery
- Smaller height on table rows
- Fix group recipient column headers
- Improve validation error messages
- Campaign details show correct "Data saving" and "anonymization"
- Campaign update handle anonymization and close at
## [1.1.11] - 2025-08-29
- Show full error on invalid password when installing
## [1.1.10] - 2025-08-27
- Removed systemd inline comments
- Version check for updates in development
## [1.1.9] - 2025-08-23
- Fixed db lock bug in installer
- Removed license text in installer
Reference in New Issue View Git Blame Copy Permalink