Skip to content

VitoYane/caldera

Folders and files

NameName
Last commit message
Last commit date

Latest commit

author
Tran, Chris
Dec 28, 2021
9a6d857 · Dec 28, 2021
Dec 28, 2021
Dec 17, 2021
Sep 27, 2021
Apr 1, 2021
Nov 22, 2021
Dec 6, 2021
Dec 10, 2021
Dec 17, 2021
Dec 28, 2021
Jul 22, 2020
Sep 2, 2021
Mar 18, 2020
Jun 16, 2021
Feb 15, 2021
Apr 20, 2020
Jun 21, 2021
Sep 27, 2021
Jul 22, 2020
Apr 26, 2019
Nov 29, 2021
Feb 16, 2021
Jul 22, 2020
Oct 1, 2021
Jun 28, 2021
Feb 18, 2021
Dec 2, 2021
Oct 27, 2021
Dec 28, 2021
Sep 28, 2021

Repository files navigation

Release Testing Status Security Status codecov Documentation Status

CALDERA™

Full documentation, training and use-cases can be found here.

CALDERA™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.

Plugins

⭐ Create your own plugin! Plugin generator: Skeleton

Default

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Red Team project TTPs)
  • Builder (dynamically compile payloads)
  • CalTack (embedded ATT&CK website)
  • Compass (ATT&CK visualizations)
  • Debrief (operations insights)
  • Emu (CTID emulation plans)
  • Fieldmanual (documentation)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

More

These plugins are ready to use but are not included by default:

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.7+ (with Pip3)
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs

Installation

Concise installation steps:

git clone https://github.com/mitre/caldera.git --recursive
cd caldera
pip3 install -r requirements.txt
python3 server.py --insecure

Full steps: Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins.

git clone https://github.com/mitre/caldera.git --recursive --branch x.x.x

Next, install the PIP requirements:

pip3 install -r requirements.txt

Super-power your CALDERA server installation! Install GoLang (1.13+)

Finally, start the server.

python3 server.py --insecure

Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use CALDERA.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to [email protected] or directly to MITRE's Technology Transfer Office.

About

Automated Adversary Emulation Platform

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 49.7%
  • HTML 24.5%
  • CSS 15.6%
  • Sass 7.9%
  • JavaScript 2.1%
  • Dockerfile 0.2%