Data

Tools

Indexes

Applications

Experiments

Open Source Science

dstacaldera

https://github.com/r-a-y-y-a/dstacaldera

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.2%) to scientific vocabulary
Last synced: 8 months ago · JSON representation ·

Repository

Basic Info
  • Host: GitHub
  • Owner: r-a-y-y-a
  • License: apache-2.0
  • Language: Python
  • Default Branch: main
  • Size: 21.3 MB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created about 2 years ago · Last pushed almost 2 years ago
Metadata Files
Readme Contributing License Citation Codeowners Security

README.md

Release Testing Status Security Status codecov Documentation Status

MITRE Caldera™

MITRE Caldera™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

1) The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface. 2) Plugins. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.

Resources and Socials

Plugins

:star: Create your own plugin! Plugin generator: Skeleton :star:

Default

These plugins are supported and maintained by the Caldera team. - Access (red team initial access tools and techniques) - Atomic (Atomic Red Team project TTPs) - Builder (dynamically compile payloads) - Compass (ATT&CK visualizations) - Debrief (operations insights) - Emu (CTID emulation plans) - Fieldmanual (documentation) - GameBoard (visualize joint red and blue operations) - Human (create simulated noise on an endpoint) - Manx (shell functionality and reverse shell payloads) - Response (incident response) - Sandcat (default agent) - SSL (enable https for caldera) - Stockpile (technique and profile storehouse) - Training (certification and training course)

More

These plugins are ready to use but are not included by default and are not maintained by the Caldera team. - Arsenal (MITRE ATLAS techniques and profiles) - CalTack (embedded ATT&CK website) - Pathfinder (vulnerability scanning) - SAML (SAML authentication)

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.7+ (with Pip3)
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs
  • Recommended: GoLang 1.17+ to dynamically compile GoLang-based agents.

Installation

Concise installation steps: Bash git clone https://github.com/mitre/caldera.git --recursive cd caldera pip3 install -r requirements.txt python3 server.py --insecure

Full steps: Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins. Bash git clone https://github.com/mitre/caldera.git --recursive --branch x.x.x

Next, install the PIP requirements: Bash pip3 install -r requirements.txt Super-power your Caldea server installation! Install GoLang (1.17+)

Finally, start the server. Bash python3 server.py --insecure

Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use Caldera.

Docker Deployment

To build a Caldera docker image, ensure you have docker installed and perform the following actions: ```Bash

Recursively clone the Caldera repository if you have not done so

git clone https://github.com/mitre/caldera.git --recursive

Build the docker image. Change image tagging as desired.

WIN_BUILD is set to true to allow Caldera installation to compile windows-based agents.

Alternatively, you can use the docker compose YML file via "docker-compose build"

cd caldera docker build . --build-arg WIN_BUILD=true -t caldera:latest

Run the image. Change port forwarding configuration as desired.

docker run -p 8888:8888 caldera:latest ```

To gracefully terminate your docker container, do the following: ```Bash

Find the container ID for your docker container running Caldera

docker ps

Send interrupt signal, e.g. "docker kill --signal=SIGINT 5b9220dd9c0f"

docker kill --signal=SIGINT [container ID] ```

Contributing

Refer to our contributor documentation.

Vulnerability Disclosures

Refer to our vulnerability discolosure documentation for submitting bugs.

Licensing

To discuss licensing opportunities, please reach out to caldera@mitre.org or directly to MITRE's Technology Transfer Office.

Caldera Benefactor Program

If you are interested in partnering to support, sustain, and evolve Caldera™'s open source capabilities, please contact us at caldera@mitre.org.

Owner

  • Name: Rayson Yap
  • Login: r-a-y-y-a
  • Kind: user

Citation (CITATION.cff) 

cff-version: 1.2.0
message: "If you use this software, please cite it as below."
authors:
- name: "MITRE Corporation"
title: "CALDERA: A Scalable, Automated Adversary Emulation Platform"
version: 4.1.0
date-released: 2022-09-17
url: "https://github.com/mitre/caldera"

GitHub Events

Total
Last Year

Dependencies

.github/workflows/greetings.yml actions
  • actions/first-interaction 1d8459ca65b335265f1285568221e229d45a995e composite
.github/workflows/publish_docker_image.yml actions
  • actions/checkout 8e5e7e5ab8b370d6c329ec480221332ada57f0ab composite
  • docker/build-push-action ad44023a93711e3deb337508980b4b5e9bcdc5dc composite
  • docker/login-action f4ef78c080cd8ba55a85445d5b36e214a81df20a composite
  • docker/metadata-action c4ee3adeed93b1fa6a762f209fb01608c1a22f1e composite
.github/workflows/quality.yml actions
  • SonarSource/sonarcloud-github-action 5875562561d22a34be0c657405578705a169af6c composite
  • actions/checkout 8e5e7e5ab8b370d6c329ec480221332ada57f0ab composite
  • actions/setup-python 57ded4d7d5e986d7296eab16560982c6dd7c923b composite
.github/workflows/security.yml actions
  • actions/checkout 8e5e7e5ab8b370d6c329ec480221332ada57f0ab composite
  • actions/setup-python 57ded4d7d5e986d7296eab16560982c6dd7c923b composite
.github/workflows/stale.yml actions
  • actions/stale a20b814fb01b71def3bd6f56e7494d667ddf28da composite
Dockerfile docker
  • ubuntu latest build
docker-compose.yml docker
  • caldera latest
package-lock.json npm
  • 289 dependencies
package.json npm
  • eslint ^8.8.0 development
  • eslint-config-airbnb-base ^15.0.0 development
  • eslint-plugin-html ^6.2.0 development
  • eslint-plugin-import ^2.25.4 development
  • eslint-plugin-jinja2 ^0.1.0 development
  • stylelint ^14.3.0 development
  • stylelint-config-standard ^24.0.0 development
requirements-dev.txt pypi
  • bandit * development
  • coverage * development
  • dnspython ==2.1.0 development
  • pre-commit * development
  • pytest * development
  • pytest-aiohttp ==1.0.3 development
  • safety * development
  • tox * development
requirements.txt pypi
  • Markdown ==3.3.3
  • Sphinx ==5.1.1
  • aioftp ==0.16.1
  • aioftp *
  • aiohttp ==3.8.4
  • aiohttp-apispec ==2.2.3
  • aiohttp-jinja2 ==1.5.0
  • aiohttp-security ==0.4.0
  • aiohttp_session ==2.9.0
  • asyncssh ==2.11.0
  • cryptography >=3.2,<37.0.0
  • cryptography >=3.2
  • dirhash ==0.2.0
  • dnspython ==2.1.0
  • docker ==4.2.0
  • donut-shellcode ==0.9.2
  • jinja2 ==3.0.3
  • ldap3 ==2.8.1
  • lxml *
  • marshmallow ==3.5.1
  • marshmallow-enum ==1.5.1
  • myst-parser ==0.18.0
  • pyyaml >=5.1
  • reportlab ==3.6.12
  • sphinx_rtd_theme ==0.4.3
  • svglib ==1.0.1
  • websockets >=10.3