Skip to content
master
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Apr 26, 2019

README.md

Release Build Status codecov Documentation Status

CALDERA™

Full documentation, training and use-cases can be found here.

CALDERA™ is a cyber security framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These are separate repositories that hang off of the core framework, providing additional functionality. Examples include agents, GUI interfaces, collections of TTPs and more.

Plugins

Create your own plugin! Plugin generator: Skeleton

Default

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Red Team project TTPs)
  • Builder (dynamically compile payloads)
  • CalTack (embedded ATT&CK website)
  • Compass (ATT&CK visualizations)
  • Debrief (operations insights)
  • Fieldmanual (documentation)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

More

These plugins are ready to use but are not included by default:

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.6.1+ (with Pip3)
  • Google Chrome is our only supported browser
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs

Installation

Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins. If you clone master - or any non-release branch - you may experience bugs.

git clone https://github.com/mitre/caldera.git --recursive --branch 2.8.1

Next, install the PIP requirements:

pip3 install -r requirements.txt

Super-power your CALDERA server installation! Install GoLang (1.13+)

Finally, start the server.

python3 server.py --insecure

Collectively this would be:

git clone https://github.com/mitre/caldera.git --recursive --branch 2.8.1
cd caldera
pip3 install -r requirements.txt
python3 server.py --insecure

Once started, you should log into http://localhost:8888 using the credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use the framework.

Video tutorial

Watch the following video for a brief run through of how to run your first operation.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to caldera@mitre.org or directly to MITRE's Technology Transfer Office.

You can’t perform that action at this time.