MITRE Caldera is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response. It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.
The principal goal of this Makejail is to help us install, configure and run MITRE Caldera into a FreeBSD jail container.
Before you can install MITRE Caldera using this Makejail you need some initial configurations
We need add somes lines to /etc/rc.conf
# sysrc pf_enable="YES"
# sysrc pflog_enable="YES"
# cat << "EOF" >> /etc/pf.conf
nat-anchor 'appjail-nat/jail/*'
nat-anchor "appjail-nat/network/*"
rdr-anchor "appjail-rdr/*"
EOF
# service pf reload
# service pf restart
# service pflog restart
rdr-anchor section is necessary for use dynamic redirect from jails
# sysrc gateway_enable="YES"
# sysctl net.inet.ip.forwarding=1
Create a virtualnet for add MITRE Caldera jail from caldera-makejail. Otherwise you can use your own virtualnet if you created it previously
# appjail network add caldera-net 10.0.0.0/24
it will create a bridge named caldera-net in where Caldera jail epair interfaces will be attached. By default caldera-makejail will use NAT for internet outbound. Do not forget added a pass rule to /etc/pf.conf because caldera-makefile will try to download and install packages and some another resources for configuration of it
pass out quick on caldera-net inet proto { tcp udp } from 10.0.0.2 to any
Create a container named caldera with a private IP address 10.0.0.2. Take on mind IP address must be part of caldera-net network
# appjail makejail -f gh+AppJail-makejails/caldera -j caldera -- --network caldera-net --caldera_ip 10.0.0.2
When it is done you will see credentials info for connect to MITRE Caldera via web browser.
################################################
MITRE Caldera admin credential
Hostname : https://jail-host-ip:8443
Username : admin
Password : Z1EtVnltRtirHDOTVY4=
################################################
################################################
MITRE Caldera blue credential
Hostname : https://jail-host-ip:8443
Username : blue
Password : M0WmJnQOLG3va+b0LM8=
################################################
################################################
MITRE Caldera red credential
Hostname : https://jail-host-ip:8443
Username : red
Password : 1TPza2NLp0h1scaZ2uA=
################################################
Keep them to another secure place
This project is licensed under the BSD-3-Clause license.