Skip to content

/ caldera

Automated Adversary Emulation
adversary-emulation caldera security-automation red-team mitre mitre-attack security-testing mitre-corporation
Python HTML CSS JavaScript Other
  1. Python 58.1%
  2. HTML 28.3%
  3. CSS 7.0%
  4. JavaScript 6.4%
  5. Other 0.2%
Branch: master
Find file
Clone or download

Clone with HTTPS

Use Git or checkout with SVN using the web URL.

Open in Desktop Download ZIP

Latest commit

@elegantmoose @b17zr elegantmoose
3 authors Planning svc bug (#1733) 
* Small typo

* function call change, didnt propogate

Co-authored-by: Mitch Kucia <mkucia@mitre.org>
Co-authored-by: elegantmoose <mkouremetis@mitre.org>
Latest commit ddfe225 Jun 5, 2020

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github/workflows Create stale.yml (#1516) Apr 10, 2020
app Planning svc bug (#1733) Jun 5, 2020
conf adding ability refresh time to the configuration file (#1717) May 28, 2020
data adding high viz status for links and allowing them to show up on the … ( Jan 20, 2020
docs First pass at Objectives and Goals documentation (#1728) Jun 2, 2020
plugins Tasker (#1688) May 20, 2020
static virts-1221b (#1712) Jun 1, 2020
templates Create your own plugin (#1731) Jun 4, 2020
tests Add post-processing functionality (#1698) Jun 4, 2020
.codecov.yml disable patch coverage (#1432) Mar 23, 2020
.coveragerc Fix for 'no version' error in UI when on a labeled version (#1605) May 1, 2020
.flake8 Revamp unit testing infrastructure (#1401) Mar 18, 2020
.gitignore adding result schema (#1663) May 18, 2020
.gitmodules adding new human plugin (#1558) Apr 21, 2020
.pre-commit-config.yaml Virts 1106d bandit ci (#1539) Apr 20, 2020
.travis.yml add safety to tox Apr 16, 2020
CONTRIBUTING.md Revamp unit testing infrastructure (#1401) Mar 18, 2020
Dockerfile Added git to Dockerfile and improved log. (#1389) Mar 16, 2020
LICENSE major upgrade Apr 26, 2019
README.md punctuation consistency (test push) (#1699) May 26, 2020
VERSION.txt Upgrading VERSION to 2.7.0. Release notes to follow. May 19, 2020
docker-compose.yml ensuring docker compose exposes all the ports we care about (#1641) May 12, 2020
release.sh inline plugins (#1684) May 19, 2020
requirements-dev.txt fixing up a few test areas (#1702) May 26, 2020
requirements.txt updating requirement (#1724) Jun 1, 2020
server.py adding timeout to updatable options on the UI for abilities. also add… May 28, 2020
tox.ini Virts 1106d bandit ci (#1539) Apr 20, 2020

README.md

Release Build Status codecov Documentation Status

CALDERA

Full documentation, training and use-cases can be found here.

CALDERA is a cyber security framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These are separate repositories that hang off of the core framework, providing additional functionality. Examples include agents, GUI interfaces, collections of TTPs and more.

Plugins

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Read Team project TTPs)
  • Builder (dynamically compile payloads)
  • Compass (ATT&CK visualizations)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.6.1+ (with Pip3)
  • Google Chrome is our only supported browser
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs

Installation

Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins. If you clone master - or any non-release branch - you may experience bugs.

git clone https://github.com/mitre/caldera.git --recursive --branch x.x.x

Next, install the PIP requirements:

pip install -r requirements.txt

Want to super-power your CALDERA server installation? Make sure GoLang (1.13+) is installed.

Finally, start the server.

python server.py --insecure

Once started, you should log into http://localhost:8888 using the credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use the framework.

Video tutorial

Watch the following video for a brief run through of how to run your first operation.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA's open source capabilities, MITRE maintains several in-house CALDERA plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to caldera@mitre.org or directly to MITRE's Technology Transfer Office.

You can’t perform that action at this time.