Giters

IInsomnia / caldera

Automated Adversary Emulation Platform

Home Page:https://caldera.mitre.org

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Release Testing Status Security Status codecov Documentation Status

CALDERA™

Full documentation, training and use-cases can be found here.

CALDERA™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.

Plugins

⭐ Create your own plugin! Plugin generator: Skeleton

Default

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Red Team project TTPs)
  • Builder (dynamically compile payloads)
  • CalTack (embedded ATT&CK website)
  • Compass (ATT&CK visualizations)
  • Debrief (operations insights)
  • Emu (CTID emulation plans)
  • Fieldmanual (documentation)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

More

These plugins are ready to use but are not included by default:

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.7+ (with Pip3)
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs
  • Recommended: GoLang 1.17+ to dynamically compile GoLang-based agents.

Installation

Concise installation steps:

git clone https://github.com/mitre/caldera.git --recursive
cd caldera
pip3 install -r requirements.txt
python3 server.py --insecure

Full steps: Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins.

git clone https://github.com/mitre/caldera.git --recursive --branch x.x.x

Next, install the PIP requirements:

pip3 install -r requirements.txt

Super-power your CALDERA server installation! Install GoLang (1.17+)

Finally, start the server.

python3 server.py --insecure

Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use CALDERA.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to caldera@mitre.org or directly to MITRE's Technology Transfer Office.

About

Automated Adversary Emulation Platform

https://caldera.mitre.org

License:Apache License 2.0

Languages

Language:Python 50.5%Language:HTML 22.3%Language:CSS 16.5%Language:Sass 8.3%Language:JavaScript 2.3%Language:Dockerfile 0.1%