GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mitre → Caldera

mitre / Caldera

Licence: apache-2.0
Automated Adversary Emulation Platform

Programming Languages

python
139335 projects - #7 most used programming language
CSS
56736 projects
HTML
75241 projects
Sass
350 projects
javascript
184084 projects - #8 most used programming language

Labels

hackingcybersecuritysecurity-automationred-teamsecurity-testingmitre-attackmitreadversary-emulationcalderamitre-corporation

Projects that are alternatives of or similar to Caldera

Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-98.85%)
Mutual labels:  cybersecurity, red-team, security-automation, security-testing
ezEmu
See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Stars: ✭ 89 (-97.15%)
Mutual labels:  security-testing, mitre-attack, adversary-emulation
Shuffle
Shuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (-86.44%)
Mutual labels:  cybersecurity, security-automation, mitre-attack
mitreattack-python
A python module for working with ATT&CK
Stars: ✭ 208 (-93.35%)
Mutual labels:  cybersecurity, mitre-attack, mitre-corporation
mitrecnd.github.io
MITRE Shield website
Stars: ✭ 17 (-99.46%)
Mutual labels:  cybersecurity, mitre-attack, mitre-corporation
Adversary emulation library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (-90.56%)
Mutual labels:  cybersecurity, red-team, mitre-attack
attack-evals
ATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (-98.18%)
Mutual labels:  cybersecurity, mitre-attack, mitre-corporation
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-88.52%)
Mutual labels:  hacking, security-automation, security-testing
Hack Tools
The all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (-12.03%)
Mutual labels:  hacking, cybersecurity, red-team
Shodan Dorks
Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Stars: ✭ 118 (-96.23%)
Mutual labels:  hacking, cybersecurity
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-96.13%)
Mutual labels:  hacking, cybersecurity
Hackercamp
Enine boyuna siber güvenlik
Stars: ✭ 149 (-95.23%)
Mutual labels:  hacking, cybersecurity
Attack Control Framework Mappings
Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Stars: ✭ 115 (-96.32%)
Mutual labels:  cybersecurity, mitre-attack
Virtualseccons
An ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-96.39%)
Mutual labels:  hacking, cybersecurity
Gitlab Watchman
Monitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-95.94%)
Mutual labels:  cybersecurity, red-team
Aura Botnet
A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.
Stars: ✭ 95 (-96.96%)
Mutual labels:  hacking, cybersecurity
Slack Watchman
Monitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-94.91%)
Mutual labels:  cybersecurity, red-team
Oscp Cheat Sheet
This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (-93.09%)
Mutual labels:  cybersecurity, security-testing
Wifipassword Stealer
Get All Registered Wifi Passwords from Target Computer.
Stars: ✭ 97 (-96.9%)
Mutual labels:  hacking, cybersecurity
Powershell Red Team
Collection of PowerShell functions a Red Teamer may use to collect data from a machine
Stars: ✭ 155 (-95.04%)
Mutual labels:  cybersecurity, red-team
View All Similar Projects ➔

Release Testing Status Security Status codecov Documentation Status

CALDERA™

Full documentation, training and use-cases can be found here.

CALDERA™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.

It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.

The framework consists of two components:

  1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface.
  2. Plugins. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.

Plugins

Create your own plugin! Plugin generator: Skeleton

Default

  • Access (red team initial access tools and techniques)
  • Atomic (Atomic Red Team project TTPs)
  • Builder (dynamically compile payloads)
  • CalTack (embedded ATT&CK website)
  • Compass (ATT&CK visualizations)
  • Debrief (operations insights)
  • Emu (CTID emulation plans)
  • Fieldmanual (documentation)
  • GameBoard (visualize joint red and blue operations)
  • Human (create simulated noise on an endpoint)
  • Manx (shell functionality and reverse shell payloads)
  • Mock (simulate agents in operations)
  • Response (incident response)
  • Sandcat (default agent)
  • SSL (enable https for caldera)
  • Stockpile (technique and profile storehouse)
  • Training (certification and training course)

More

These plugins are ready to use but are not included by default:

Requirements

These requirements are for the computer running the core framework:

  • Any Linux or MacOS
  • Python 3.7+ (with Pip3)
  • Recommended hardware to run on is 8GB+ RAM and 2+ CPUs

Installation

Concise installation steps:

git clone https://github.com/mitre/caldera.git --recursive
cd caldera
pip3 install -r requirements.txt
python3 server.py --insecure

Full steps: Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins.

git clone https://github.com/mitre/caldera.git --recursive --branch x.x.x

Next, install the PIP requirements:

pip3 install -r requirements.txt

Super-power your CALDERA server installation! Install GoLang (1.13+)

Finally, start the server.

python3 server.py --insecure

Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use CALDERA.

Contributing

Refer to our contributor documentation.

Licensing

In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to [email protected] or directly to MITRE's Technology Transfer Office.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].