Skip to content

2.5.1
Compare
Choose a tag to compare
@privateducky privateducky released this 21 Jan 13:58
· 3109 commits to master since this release
2.5.1
9fcaefa

Big features

  • You can now run an operation with a varying amount of "visibility" (or probability of being detected). This is a new option when you start an operation, under stealth. This range is from 1 (very stealthy) to 100 (very visible). Each ability is automatically assigned a default visibility of 50 when it is loaded into the database. By default, an operation will run with a visibility=50 and it will run all abilities that are <= the visibility of the operation. When abilities are run inside of an operation, they are evaluated based on the new "adjustments" block on the fact source chosen for the operation. These adjustments look at all facts inside the operation and determine whether or not to modify an ability's visibility score. From the GUI, when the operation is running, all links which have high visibility will show up as pink. These will be accompanied by a "+" button which allows you to add them into the operation, if you'd like.

Smaller items

  • Our default logging now disables, by default, all logging except for the specific logging statements within the CALDERA code base. This means all logs from external libraries (like asyncio) will be ignored.

Rest API changes:

None

Plugin changes:

Stockpile

  • A few new abilities have been added

Breaking changes:

We expect plugin developers to only interact with the core system (and other plugins) through the list of services passed to their plugin and through importing the c_[object] modules in the core code. As such, each release we will highlight the changes in these two areas, as they could introduce breaking changes to a plugin.

In general

  • The data/facts directory has been renamed to data/sources, globally (including in plugins).

Services

file_svc

  • A new function was added: get_file
  • A new function was added: create_exfil_sub_directory

rest_svc

  • A new function was promoted from private to public: construct_agents_for_group.

base_planning_svc

  • A new base function was added: remove_links_above_visibility, which allows a planner to trim down the links according to the new visibility object score.

Objects

c_visibility:

  • This is a new object, which hold information about an ability's probability of getting detected by the defense.

c_link:

  • Now creates a new visibility object for each instance of c_link.
  • A new function, can_ignore, will return whether the c_link instance is in a state that can be ignored (discarded or high_viz, currently)
  • A new state was added, HIGH_VIZ, which a link will be if it is determined to be high visibility (as in, higher than the operation threshold).

c_operation:

  • The allow_untrusted parameter was removed. This is no longer an option.
  • The max_time parameter was removed. This is no longer an option.
  • A new function was added, has_fact, which will return True/False if a given trait+value pairing is in the operation fact list.
  • The OUT_OF_TIME state has been removed
  • A new optional parameter, ignore_enforcement_modules has been added.

c_source:

  • A new optional parameter, adjustments, has been added. This contains all the adjusted visibility scores for abilities, as determined by the fact source passed in.
Assets 2