Google Git
Sign in
apache/caldera/refs/tags/4.0.0-alpha
commit
d742b2b2aadeda77b4979bf497330393cff470bb
[log]
author
William Booth <18699738+wbooth@users.noreply.github.com>
Wed Oct 06 13:19:34 2021 -0400
committer
GitHub <noreply@github.com>
Wed Oct 06 13:19:34 2021 -0400
tree
98b28add50d4f1bdbd0af3523b570b413772ab27
parent
72673e0b84623cdcbc295f333694d24f557213c4 [diff]
parent
86c35888c1d68317d558473c27078a27ccfefcaa [diff]
Merge pull request #2305 from mitre/bleepbop/VIRTS-2881/health-v2-api-pytest

[VIRTS-2881] Health API v2 Pytests
tree: 98b28add50d4f1bdbd0af3523b570b413772ab27
  1. .github/
  2. app/
  3. conf/
  4. data/
  5. plugins/
  6. static/
  7. templates/
  8. tests/
  9. .codecov.yml
  10. .coveragerc
  11. .dockerignore
  12. .eslintrc.js
  13. .flake8
  14. .gitignore
  15. .gitmodules
  16. .pre-commit-config.yaml
  17. .stylelintrc.json
  18. CONTRIBUTING.md
  19. docker-compose.yml
  20. Dockerfile
  21. LICENSE
  22. package-lock.json
  23. package.json
  24. README.md
  25. requirements-dev.txt
  26. requirements.txt
  27. SECURITY.md
  28. server.py
  29. tox.ini
README.md

Release Testing Status Security Status codecov Documentation Status

CALDERA™

Full documentation, training and use-cases can be found here.

CALDERA™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.

Plugins

:star: Create your own plugin! Plugin generator: Skeleton :star:

Default

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Red Team project TTPs)
  • Builder (dynamically compile payloads)
  • CalTack (embedded ATT&CK website)
  • Compass (ATT&CK visualizations)
  • Debrief (operations insights)
  • Emu (CTID emulation plans)
  • Fieldmanual (documentation)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

More

These plugins are ready to use but are not included by default:

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.7+ (with Pip3)
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs

Installation

Concise installation steps:

git clone https://github.com/mitre/caldera.git --recursive --branch 4.0.0-alpha
cd caldera
pip3 install -r requirements.txt
python3 server.py --insecure

Full steps: Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins. If you clone master - or any non-release branch - you may experience bugs.

git clone https://github.com/mitre/caldera.git --recursive --branch 4.0.0-alpha

Next, install the PIP requirements:

pip3 install -r requirements.txt

Super-power your CALDERA server installation! Install GoLang (1.13+)

Finally, start the server.

python3 server.py --insecure

Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use CALDERA.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to caldera@mitre.org or directly to MITRE's Technology Transfer Office.