What's Changed

• Modernize model fields: GenericIPAddressField and db_default=Now() by @SupRaKoshti in #887
• Add IP enrichment via ThreatFox and AbuseIPDB. Progresses #522 by @opbot-xd in #867
• Skip IOCs with empty days_seen in scoring pipeline by @Sanchit2662 in #892
• Feeds page: add IntelOwl analysis link for each IOC. Closes #292 by @rootp1 in #865
• Several Docker-related improvements by @regulartim in #890
• Fix Docker regressions from PR #890. Closes #898 by @regulartim in #900
• Replace regex IP validation with ipaddress stdlib in EnrichmentSerializer. Closes #881 by @tanmayjoddar in #885
• feat(pipeline): GeoIP enrichment . Closes #524 by @drona-gyawali in #880
• Fix: clear user data and isSuperuser on logout by @Deepanshu1230 in #897
• Feeds filters controlled by Formik state. Closes #889 by @UsamaElareeny in #894
• Login attempts from various honeypots included. Fixes #470 by @rootp1 in #911
• feat(api): Geo related field addition in the feed_response. Closes #524 by @drona-gyawali in #909
• Disable submit buttons while submitting to avoid duplicate api request. Closes #903 by @UsamaElareeny in #915
• Fix DatabaseDefault crash in _update_days_seen. Closes #908 by @Sanchit2662 in #910
• Filter feed type. Closes #421 by @armoredvortex in #907
• build(deps): bump django from 5.2.11 to 5.2.12 in /requirements by @dependabot[bot] in #940
• Propagate firehol_categories in _merge_iocs. Closes #922 by @tanmayjoddar in #933
• build(deps): bump axios from 1.13.5 to 1.13.6 in /frontend by @dependabot[bot] in #937
• build(deps-dev): bump stylelint from 17.3.0 to 17.4.0 in /frontend by @dependabot[bot] in #939
• fix: remove redundant loading state in EnrichmentLookup. by @Deepanshu1230 in #942
• expose tags in API responses and add tag-based filtering. Closes #522 by @opbot-xd in #899
• Add rate limiting to feeds endpoints. by @manik3160 in #927
• Chore: Add missing rel attributes to target="_blank" links. Closes #912 by @ZGr3Y in #920
• Add button to reset filters on Feeds page. Closes #935 by @armoredvortex in #943
• fix: use correct query param key for format in feeds_advanced by @Sanchit2662 in #953
• fix(security): Secure ALLOWED_HOSTS configuration. Closes #925 by @chauhan-varun in #950
• feat(feeds): display country info in details popover. Closes #549 by @lvb05 in #954
• fix : remove redundant nested Suspense wrappers in Routes.jsx by @Deepanshu1230 in #966
• fix: return empty list instead of empty dict in load_training_data by @Sanchit2662 in #971
• refactor: remove localStorage persistence from Register form by @minthanttun20 in #958
• Advanced filtering, STIX 2.1 export, and shareable feed URLs by @R1sh0bh-1 in #839
• Implementation of the Tanner Honeypot Extraction and Including it in Pipeline. Closes #919 by @rootp1 in #944
• Fix: changepassword validation. Closes #951 by @UsamaElareeny in #963
• test: add test coverage for tasks.py wrapper functions. Closes #964 by @opbot-xd in #973
• fix(extraction): use min/max semantics for first_seen and last_seen in _merge_iocs. Closes #967 by @tanmayjoddar in #974
• fix: union instead of replace for include_similar in command_sequence… by @Sanchit2662 in #992
• Strip timezone from parsed ES timestamps to prevent naive/aware comparison. Closes #1003 by @regulartim in #1004
• Add GitHub and LinkedIn links to footer. Closes #979 by @Aditya30ag in #1002
• Add slack tests by @Abhijeet17o in #1000
• feature: normalize credentials into separate Credential model. Closes #668 by @rahulgunwanistudy-2005 in #902
• Remove country code from AbuseIPDB enrichment / Tags by @regulartim in #1001
• rDNS-based noise filtering for known scanners. Closes #527 by @Sahityaaryan in #934
• Frontend: Improve Error Boundary Coverage. Closes #978 by @chauhan-varun in #982
• test: add tests for AuthGuard and IfAuthRedirectGuard by @Deepanshu1230 in #988
• build(deps): bump stix2 from 3.0.1 to 3.0.2 in /requirements by @dependabot[bot] in #1015
• build(deps): bump numpy from 2.4.2 to 2.4.3 in /requirements by @dependabot[bot] in #1016
• Attack Origin Visualizer for Dashboard. Closes #955 by @armoredvortex in #983
• fix(extraction): add sort guard to _update_days_seen to prevent corrupted days_seen ordering. Closes #1007 by @tanmayjoddar in #1010
• Fix unauthenticated feeds memory exhaustion DoS. Closes #844 by @R1sh0bh-1 in #993
• test: add coverage for ClusterCommandSequences.run(). Closes #976 by @tanmayjoddar in #1005
• fix: record statistics only after input validation in cowrie_session_… by @Sanchit2662 in #1021
• Refactor: Reduce duplicated logic in chart components. Closes #969 by @swara-2006 in #990
• feat: allow querying CowrieSession API by password. Closes #607 by @rahulgunwanistudy-2005 in #1022
• feat(pipeline/api): replace IOC.asn with AutonomousSystem FK. Closes #770 by @drona-gyawali in #947
• perf: bulk-prefetch extraction data. Closes #1008 by @manik3160 in #1020
• fix: eliminate N+1 queries in IocRepository.add_honeypot_to_ioc(). Closes #1012 by @Abhijeet17o in #1024
• Migrate from uWSGI to gunicorn. Closes #891 by @SupRaKoshti in #904
• refactor: define IpReputation constants and replace hardcoded strings. Closes #1026 by @Sahityaaryan in #1030
• Add client-side validation to enrichment lookup. Closes #1023 by @chauhan-varun in #1031
• fix: normalize_credential_field missing truncation. by @Sanchit2662 in #1033
• tests: add test coverage for utilities in greedybear/utils.py. Closes #1043 by @manik3160 in #1047
• fix: replace socket.inet_aton with ipaddress.ip_address to support IPv6 sources. by @rahulgunwanistudy-2005 in #1064
• Fix: case-insensitive honeypot membership check in add_honeypot_to_ioc() by @Abhijeet17o in #1068
• build(deps): bump library/nginx from 1.29.5-alpine to 1.29.6-alpine in /docker by @dependabot[bot] in #1075
• build(deps): bump slack-sdk from 3.40.1 to 3.41.0 in /requirements by @dependabot[bot] in #1076
• feat: persist Feeds page filters in URL query params by @Deepanshu1230 in #1035
• build(deps): bump croniter from 6.0.0 to 6.2.2 in /requirements by @dependabot[bot] in #1077
• enh: Log feature importances after Random Forest training . Closes #1050 by @drona-gyawali in #1065
• Feature: Extract and store Cowrie file transfer metadata. Closes #848 by @cclts in #1041
• Feature: Implementation of Heralding extraction strategy. Closes #1006 by @rootp1 in #1042
• build(deps): bump sass from 1.97.3 to 1.98.0 in /frontend by @dependabot[bot] in #1078
• build...

What's Changed

• Migrate from RabbitMQ/Celery to Django Q2. Closes #778 by @opbot-xd in #789
• Migrate frontend from Create React App to Vite. Closes #783 by @R1sh0bh-1 in #807
• Fix and update watchman. Closes #818 by @regulartim in #819
• NEW Docker Compose native healthcheck. Closes #809 by @rootp1 in #821
• Migration of frontend tests from Jest to Vitest by @R1sh0bh-1 in #820
• fix: add missing HTTP error handling in MassScannersCron and WhatsMyI… by @remo-lab in #816
• build(deps): bump slack-sdk from 3.39.0 to 3.40.0 in /requirements by @dependabot[bot] in #826
• refactor(setup_schedules): Reduce duplication and improve maintainability. Closes #822 by @drona-gyawali in #824
• Add Enrichment Lookup component. Closes #436 by @armoredvortex in #827
• Allow special characters in passwords and update validation logic by @R1sh0bh-1 in #829
• Remove orphaned containers in gbctl update. Closes #832 by @regulartim in #833
• Fix changing the prioritization not resetting the ordering indicator. Closes #782 by @armoredvortex in #837
• fix: prevent ML training pipeline crash on zero-positive test sets by @remo-lab in #830
• Use npm ci in the Dockerfile. Closes #840 by @regulartim in #841
• Refactor training scheduling. Closes #835 by @regulartim in #836
• Prettier formatting fixes. Closes #842 by @rootp1 in #843
• Updated PR template by @regulartim in #850
• Update IntelOwl contribution link in CONTRIBUTING.md by @greedy-wudpeckr in #853
• Frontend dependencies upgrade. Closes #802 by @rootp1 in #834
• Bump eslint-plugin-react from 7.32.2 to 7.37.5 in /frontend by @dependabot[bot] in #493
• Bump bootstrap from 5.3.0 to 5.3.8 in /frontend by @dependabot[bot] in #566
• Bump sass from 1.77.2 to 1.93.2 in /frontend by @dependabot[bot] in #577
• Fix homepage logo on smaller screens by @armoredvortex in #860
• build(deps): bump pandas from 3.0.0 to 3.0.1 in /requirements by @dependabot[bot] in #869
• build(deps): bump slack-sdk from 3.40.0 to 3.40.1 in /requirements by @dependabot[bot] in #871
• build(deps): bump django-ses from 4.7.1 to 4.7.2 in /requirements by @dependabot[bot] in #872
• build(deps-dev): bump eslint-plugin-jsx-a11y from 6.7.1 to 6.10.2 in /frontend by @dependabot[bot] in #870
• Fix session list sorting on frontend. Closes #866 by @armoredvortex in #868
• build(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.32.0 in /frontend by @dependabot[bot] in #873
• Add section where the user can change their password. Closes #291 by @armoredvortex in #846
• feat(api): health overview endpoint with system & jobs status. Closes #845 by @drona-gyawali in #856
• Bump vite to 7.3.1 and update dependencies by @regulartim in #883
• 3.2.0 by @regulartim in #882

New Contributors

• @R1sh0bh-1 made their first contribution in #807
• @rootp1 made their first contribution in #821
• @remo-lab made their first contribution in #816
• @greedy-wudpeckr made their first contribution in #853

Full Changelog: 3.1.0...3.2.0

What's Changed

• feat: Add comprehensive start script to simplify setup and update processes. Closes #752 by @opbot-xd in #756
• Remove unused Log4pot from GeneralHoneypot. Closes #773 by @opbot-xd in #780
• Tooltip to show feed scores on frontend by @armoredvortex in #776
• Reorganize Celery beat schedule for better maintainability by @SupRaKoshti in #765
• Track IoC-Sensor relationship. Closes #779 by @opbot-xd in #784
• build(deps): bump django-ses from 4.6.0 to 4.7.1 in /requirements by @dependabot[bot] in #792
• build(deps): bump library/nginx from 1.29.4-alpine to 1.29.5-alpine in /docker by @dependabot[bot] in #791
• build(deps): bump elasticsearch from 9.2.1 to 9.3.0 in /requirements by @dependabot[bot] in #790
• feat(frontend): Dynamic GreedyBear news widget with filtering, sorting, and improved UX. Closes #762 by @drona-gyawali in #777
• Fix frontend update process. Closes #795 by @regulartim in #799
• Improve build performance. Closes #796 by @regulartim in #798
• Several improvements to gbctl. Follow up on #752 by @regulartim in #793
• Include Python version in virtualenv cache key in CI. Closes #806 by @regulartim in #805
• feat(test): Spliting test_view file for better test structure. Closes #794 by @drona-gyawali in #803
• 3.1.0 by @regulartim in #800

New Contributors

• @armoredvortex made their first contribution in #776
• @SupRaKoshti made their first contribution in #765

Full Changelog: 3.0.1...3.1.0

What's Changed

• refactor(docker): Add restart policy to all services to ensure startup after host reboot . Closes #761 by @drona-gyawali in #764
• build(deps): bump numpy from 2.4.1 to 2.4.2 in /requirements by @dependabot[bot] in #768
• build(deps): bump django from 5.2.10 to 5.2.11 in /requirements by @dependabot[bot] in #767
• Fix mount point of Postgres volume. Closes #766 by @regulartim in #771
• 3.0.1 by @regulartim in #772

Full Changelog: 3.0.0...3.0.1

What's Changed

• feat: add IOC type filter to Feeds API and page by @opbot-xd in #610
• Revert "feat: add IOC type filter to Feeds API and page" by @regulartim in #615
• feat: make feed license configurable via environment variable by @opbot-xd in #616
• feat: add IOC type filter to Feeds API and page by @opbot-xd in #617
• Refactor: Externalize Random Forest Parameters. by @opbot-xd in #623
• Fix negative predictions in Feeds API by @opbot-xd in #626
• Refactor extraction process. Closes #622. by @regulartim in #624
• Refactor: Rename models to singular form and fix admin registration by @srijan2607 in #643
• Fix/bug orphaned decorator by @srijan2607 in #649
• Bump library/nginx from 1.29.3-alpine to 1.29.4-alpine in /docker by @dependabot[bot] in #618
• Bump celery from 5.5.3 to 5.6.0 in /requirements by @dependabot[bot] in #605
• Bump slack-sdk from 3.37.0 to 3.39.0 in /requirements by @dependabot[bot] in #598
• Fix monitoring jobs. Closes #648 by @regulartim in #651
• Bump datasketch from 1.7.0 to 1.8.0 in /requirements by @dependabot[bot] in #604
• Bump scikit-learn from 1.7.2 to 1.8.0 in /requirements by @dependabot[bot] in #620
• Bump django-ses from 4.4.0 to 4.5.0 in /requirements by @dependabot[bot] in #619
• Refactor CowrieExtractionStrategy and add comprehensive tests by @opbot-xd in #639
• test(repository): add tests for uncovered repository methods. Closes #652 by @drona-gyawali in #656
• Add auto extraction of FireHol lists. Closes #548 by @opbot-xd in #642
• Optimize API Performance: Remove redundant serialization in feeds_response. Closes #629 by @opbot-xd in #662
• Bump joblib from 1.5.2 to 1.5.3 in /requirements by @dependabot[bot] in #660
• Bump celery from 5.6.0 to 5.6.1 in /requirements by @dependabot[bot] in #658
• Bump django from 5.2.8 to 5.2.9 in /requirements by @dependabot[bot] in #657
• Bump numpy from 2.3.5 to 2.4.0 in /requirements by @dependabot[bot] in #659
• Bump elasticsearch8 from 8.19.2 to 8.19.3 in /requirements by @dependabot[bot] in #661
• Fix missing logo192.png reference. Closes #627 by @Eshaan-byte in #655
• Migrate from flake8/black/isort to Ruff by @opbot-xd in #663
• Refactor naming conventions to comply with PEP8 (N801/N802/N803/N806). Closes #671 by @opbot-xd in #676
• feat: ntfy alerts for monitor logs. Closes #664 by @HARSHVARANDANI in #667
• refactor: fix flake8-bugbear violations (B006/B008/B017/B023/B904). Closes #677 by @opbot-xd in #679
• refactor: fix flake8-django violations (DJ001/DJ008/DJ012). Closes #681 by @opbot-xd in #684
• Bump django-ses from 4.5.0 to 4.6.0 in /requirements by @dependabot[bot] in #686
• Bump django from 5.2.9 to 5.2.10 in /requirements by @dependabot[bot] in #688
• refactor:honeypot extraction using DB-driven exclusion. closes #631 by @drona-gyawali in #670
• fix: Refactor MassScannersCron to handle flexible IP formats. Closes #678 by @opbot-xd in #685
• Bump elasticsearch client to version 9.x. Closes #690 by @regulartim in #691
• refactor: cleanup ruff ignores and fix N818. Closes #640 by @opbot-xd in #692
• Tests(Cronjobs): Adding tests for MonitorLogs and MonitorHoneyPots. by @amishhaa in #669
• Test(CronJob): Fix tests breaking after change of send_message function. by @amishhaa in #695
• Refactor scoring jobs to use IocRepository. Addresses #633 by @opbot-xd in #696
• Refactor cleanup, firehol, and mass_scanners cronjobs to use repositories. Addresses #633 by @opbot-xd in #698
• refactor : honeypot creation and enforce case-insensitive uniqueness . Closes #689 by @drona-gyawali in #693
• Split test_repositories.py into separate files for better maintainability. Closes #703 by @opbot-xd in #704
• Tests(Firehol): Adding and improving tests for Firehol. by @amishhaa in #697
• Bump numpy from 2.4.0 to 2.4.1 in /requirements by @dependabot[bot] in #706
• feat(tests): add comprehensive tests for cleanup.py. Closes #699 by @opbot-xd in #705
• Add migration to remove hard-coded honeypots. Fixes #632 by @Sumit-ai-dev in #717
• Standardize test base class inheritance. Closes #700 by @RaviTeja799 in #714
• feat(tests): add comprehensive tests for WhatsMyIPCron. Closes #708 by @shivraj1182 in #716
• Adding validation methods for cidr and validation for incoming get requests in Firehol.py. by @amishhaa in #711
• Make Celery wait for RabbitMQ via healthcheck (fix #720) by @shivraj1182 in #722
• Bump datasketch from 1.8.0 to 1.9.0 in /requirements by @dependabot[bot] in #724
• feat: Add test coverage reporting. Closes #701 by @opbot-xd in #712
• Remove hardcoded Cowrie and Log4pot fields from IOC model. Closes #637 by @opbot-xd in #725
• Feature: Authentication via email address. Closes #528 by @ManaswibRane in #723
• Standardize line endings and integrate frontend linters. Closes #729, Closes #727 by @opbot-xd in #730
• feat: Add Tor exit node extraction with separate TorExitNode model (#… by @Sumit-ai-dev in #728
• feat(api): add ASN-aggregated IOC statistics . CLOSES #458 by @drona-gyawali in #718
• Bump pandas from 2.3.3 to 3.0.0 in /requirements by @dependabot[bot] in #736
• Create end-to-end extraction pipeline tests. Progresses #636 by @opbot-xd in #735
• feat: Disable additional honeypots (Closes #738) by @Sumit-ai-dev in #739
• fix: Respect verbose parameter in feeds API response (Fixes #741) by @Sumit-ai-dev in #743
• fix: Remove redundant honeypots field from feeds API response (Fixes … by @Sumit-ai-dev in #745
• Handle missing ML models gracefully during extraction. Closes #748 by @regulartim in #749
• Add link to blog post for v3 release by @regulartim in #751
• Strategy-specific E2E tests and edge cases for ExtractionPipeline. Closes #636 by @opbot-xd in #740
• Reduce memory usage by chunking Elasticsearch queries. Closes #630 by @regulartim in #750
• test(migrations): add migrations test . closes #746 by @drona-gyawali in #753
• Remove Log4j. Closes #410 and #635 by @regulartim in #760
• 3.0.0 by @regulartim in #737

New Contributors

• @opbot-xd made their first contribution in #610
• @srijan2607 made their first contribution in #643
• @drona-gyawali made their first contribution in #656
• @Eshaan-byte made their first contribution in #655
• @HARSHVARANDANI made their first contribution in #667
• @amishhaa made their first contribution in...

What's Changed

• Bump slack-sdk from 3.36.0 to 3.37.0 in /requirements by @dependabot[bot] in #588
• Bump numpy from 2.2.4 to 2.3.3 in /requirements by @dependabot[bot] in #586
• Bump scikit-learn from 1.6.1 to 1.7.2 in /requirements by @dependabot[bot] in #587
• Bump numpy from 2.3.3 to 2.3.5 in /requirements by @dependabot[bot] in #597
• Bump django from 5.2.7 to 5.2.8 in /requirements in the pip group across 1 directory by @dependabot[bot] in #595
• Bump library/nginx from 1.29.1-alpine to 1.29.3-alpine in /docker by @dependabot[bot] in #594
• Bump psycopg2-binary from 2.9.10 to 2.9.11 in /requirements by @dependabot[bot] in #590
• Bump uwsgi from 2.0.30 to 2.0.31 in /requirements by @dependabot[bot] in #589
• Bump datasketch from 1.6.5 to 1.7.0 in /requirements by @dependabot[bot] in #596
• CowrieSession API. Closes #446 by @regulartim in #600
• Migrate to elasticsearch. Closes #601. by @regulartim in #602
• 2.1.0 by @regulartim in #603

Full Changelog: 2.0.1...2.1.0

What's Changed

• adjusting commit history by @mlodic in #584
• Bump pandas from 2.3.2 to 2.3.3 in /requirements by @dependabot[bot] in #576
• 2.0.1 by @regulartim in #585

Full Changelog: 2.0.0...2.0.1

What's Changed

• Upgrade Django to 5.2 and Postgres 18 (#579).
• Include mass scanners in advanced API by default (#581)
• Link to admin interface for staff users (#582)
• 2.0.0 by @regulartim in #583

Full Changelog: 1.6.8...2.0.0

Important Note

Upgrading from 1.x requires manual intervention! Please refer this guide.

What's Changed

• Bump library/nginx from 1.29.0-alpine to 1.29.1-alpine in /docker by @dependabot[bot] in #563
• Bump joblib from 1.5.1 to 1.5.2 in /requirements by @dependabot[bot] in #568
• Bump pandas from 2.2.3 to 2.3.2 in /requirements by @dependabot[bot] in #567
• 1.6.8 by @regulartim in #571

Full Changelog: 1.6.7...1.6.8

What's Changed

• added filter for whatsmyip domains by @mlodic in #557
• Bump djangorestframework from 3.16.0 to 3.16.1 in /requirements by @dependabot[bot] in #560
• 1.6.7 by @mlodic in #562

Full Changelog: 1.6.6...1.6.7