Changelog

What's new in CodeRed

Release notes for every update — focused on what changes for you, not how the internals work.

v1.2Universal AccessApril 2026

MCP Configuration — HTTP-Based Universal Setup

  • Simplified MCP configuration now uses HTTP protocol instead of command-based installation, making CodeRed compatible with any MCP-compliant agent (Claude Desktop, Cursor, Windsurf, or any future client).
  • Configuration is now identical across all platforms — just add the server URL and optional Bearer token to your MCP config file.
  • No installation overhead — works immediately without downloading or managing dependencies.
  • Documentation updated across all pages (Docs, Welcome, and Landing) to reflect the simplified HTTP setup process.

Test Now Feature — Public Playground Access

  • New prominent 'Test Now' banner on the home page — visitors can explore all 24 tools instantly without creating an account or purchasing an API key.
  • Public mode configuration provided on home page shows the HTTP setup without Bearer token authorization.
  • Global rate limit of 5 requests/second for public access — sufficient for interactive exploration and testing.
  • Playground link prominently placed right after Hero section to maximize trial-to-conversion flow.
  • Public access users can test all tools, see full output, and understand CodeRed's capabilities before committing to a paid plan.
v1.1Intelligence EngineMarch 2026

evasion_score — Smarter Detection Awareness

  • Detection risk is now scored on a normalized 0–100 scale across all databases, making results comparable across Windows, Linux, and Active Directory techniques.
  • New strict_mode option — when enabled, scoring assumes an active EDR/SIEM environment, giving more conservative and realistic risk estimates.
  • When a technique scores above the risk threshold, the tool now automatically suggests up to 3 lower-risk alternatives from the same category.
  • Recommendations now identify what type of detection rules a technique triggers and include targeted evasion hints specific to the detection method.

attack_chain — Context-Aware Kill Chains

  • Scenario parser now detects Active Directory, cloud (AWS/Azure/GCP), web application, and OT environments automatically from the objective description.
  • Each technique in the output now includes a command preview with visible placeholder variables — ready to adapt without extra research.
  • Linux engagements automatically pull in relevant linPEAS recon modules in the Reconnaissance phase.
  • Web engagements automatically incorporate matching payload categories (SQLi, SSRF, LFI, etc.) in the Initial Access phase.
  • New chain-level metrics: overall stealth score (weighted average across all techniques) and confidence percentage (phases with multiple technique options).

v1.0 — Initial Release

← Back to home