v1.2.1

Fixing and improving the update xml files to hopefully rule out some situations where Windows Machines did not pull the published updates after syncing to our HTTP (WSUS) instance. Done by @5tuk0v.

What's Changed

• Slight modification to XML files to broaden update applicability by @5tuk0v in #17

New Contributors

• @5tuk0v made their first contribution in #17

Full Changelog: v1.2.0...v1.2.1

v1.2.0

Added a --serve-only mode to skip the ARP spoofing and routing logic in case the attacker already has control over the traffic (e.g. control over DNS). Also fixed a bug where the help page did not show properly.

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

• Support for WSUS attack with TLS cert, see: https://blog.digitrace.de/2026/01/using-adcs-to-attack-https-enabled-wsus-clients/
• Added "1!" to generated password for complex password requirement and log generated KB number by @KcanCurly in #14

New Contributors

• @KcanCurly made their first contribution in #14

Full Changelog: v1.0.1...v1.1.0

v1.0.1

Fixed a parsing bug reported in #13 in registrypol in: liamsennitt/registrypol#1

Full Changelog: v1.0.0...v1.0.1

v1.0.0

First release 🎉

Main features:

• Autodiscovery of the WSUS server (via GPO parsing)
• ARP spoofing the WSUS server (or the gateway if the WSUS server is not on the same subnet)
• Setting up routing rules to redirect WSUS traffic to your own server
• Pre-defined and tested commands including the PsExec Binary