{"id":13454314,"url":"https://github.com/mitre/caldera","last_synced_at":"2025-05-12T15:30:29.625Z","repository":{"id":37431403,"uuid":"112409981","full_name":"mitre/caldera","owner":"mitre","description":"Automated Adversary Emulation Platform","archived":false,"fork":false,"pushed_at":"2025-04-21T20:19:43.000Z","size":26442,"stargazers_count":6072,"open_issues_count":68,"forks_count":1146,"subscribers_count":174,"default_branch":"master","last_synced_at":"2025-04-23T17:19:18.466Z","etag":null,"topics":["adversary-emulation","caldera","cybersecurity","hacking","mitre","mitre-attack","mitre-corporation","red-team","security-automation","security-testing"],"latest_commit_sha":null,"homepage":"https://caldera.mitre.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mitre.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-11-29T01:25:10.000Z","updated_at":"2025-04-23T16:43:16.000Z","dependencies_parsed_at":"2023-10-14T16:18:19.179Z","dependency_job_id":"d91459b6-b144-40df-9210-09e6063077dd","html_url":"https://github.com/mitre/caldera","commit_stats":null,"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fcaldera","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fcaldera/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fcaldera/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fcaldera/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mitre","download_url":"https://codeload.github.com/mitre/caldera/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253765718,"owners_count":21960776,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adversary-emulation","caldera","cybersecurity","hacking","mitre","mitre-attack","mitre-corporation","red-team","security-automation","security-testing"],"created_at":"2024-07-31T08:00:52.984Z","updated_at":"2025-05-12T15:30:29.592Z","avatar_url":"https://github.com/mitre.png","language":"Python","readme":"[![Release](https://img.shields.io/badge/dynamic/json?color=blue\u0026label=Release\u0026query=tag_name\u0026url=https%3A%2F%2Fapi.github.com%2Frepos%2Fmitre%2Fcaldera%2Freleases%2Flatest)](https://github.com/mitre/caldera/releases/latest)\n[![Testing Status](https://github.com/mitre/caldera/actions/workflows/quality.yml/badge.svg?branch=master)](https://github.com/mitre/caldera/actions/workflows/quality.yml?query=branch%3Amaster)\n[![Security Status](https://github.com/mitre/caldera/actions/workflows/security.yml/badge.svg?branch=master)](https://github.com/mitre/caldera/actions/workflows/security.yml?query=branch%3Amaster)\n[![codecov](https://codecov.io/gh/mitre/caldera/branch/master/graph/badge.svg)](https://codecov.io/gh/mitre/caldera)\n[![Documentation Status](https://readthedocs.org/projects/caldera/badge/?version=stable)](http://caldera.readthedocs.io/?badge=stable)\n\n# MITRE Caldera\u0026trade;\n\nMITRE Caldera\u0026trade; is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.\n\nIt is built on the [MITRE ATT\u0026CK™ framework](https://attack.mitre.org/) and is an active research project at MITRE.\n\nThe framework consists of two components:\n\n1) **The core system**. This is the framework code, consisting of what is available in this repository. Included is\nan asynchronous command-and-control (C2) server with a REST API and a web interface.\n2) **Plugins**. These repositories expand the core framework capabilities and providing additional functionality. Examples include agents, reporting, collections of TTPs and more.\n\n## Resources \u0026 Socials\n* 📜 [Documentation, training, and use-cases](https://caldera.readthedocs.io/en/latest/)\n* 🎬 [Tutorial Videos](https://www.youtube.com/playlist?list=PLF2bj1pw7-ZvLTjIwSaTXNLN2D2yx-wXH)\n* ✍️ [Caldera's blog](https://medium.com/@mitrecaldera/welcome-to-the-official-mitre-caldera-blog-page-f34c2cdfef09)\n* 🌐 [Homepage](https://caldera.mitre.org)\n\n### User Survey\n\nIt is always incredibly helpful for our team to hear from users about their Caldera use cases and the value that Caldera provides for their learning, research, or cyber security work. If you or your team uses Caldera significantly, we would greatly appreciate hearing from you.\n\n📋 **Survey** - https://forms.office.com/g/ByBWxYTf8e\n\n## Plugins\n\n:star: Create your own plugin! Plugin generator: **[Skeleton](https://github.com/mitre/skeleton)** :star:\n\n### Default\nThese plugins are supported and maintained by the Caldera team.\n- **[Access](https://github.com/mitre/access)** (red team initial access tools and techniques)\n- **[Atomic](https://github.com/mitre/atomic)** (Atomic Red Team project TTPs)\n- **[Builder](https://github.com/mitre/builder)** (dynamically compile payloads)\n- **[Caldera for OT](https://github.com/mitre/caldera-ot)** (ICS/OT capabilities for Caldera)\n- **[Compass](https://github.com/mitre/compass)** (ATT\u0026CK visualizations)\n- **[Debrief](https://github.com/mitre/debrief)** (operations insights)\n- **[Emu](https://github.com/mitre/emu)** (CTID emulation plans)\n- **[Fieldmanual](https://github.com/mitre/fieldmanual)** (documentation)\n- **[GameBoard](https://github.com/mitre/gameboard)** (visualize joint red and blue operations)\n- **[Human](https://github.com/mitre/human)** (create simulated noise on an endpoint)\n- **[Magma](https://github.com/mitre/magma)** (VueJS UI for Caldera v5)\n- **[Manx](https://github.com/mitre/manx)** (shell functionality and reverse shell payloads)\n- **[Response](https://github.com/mitre/response)** (incident response)\n- **[Sandcat](https://github.com/mitre/sandcat)** (default agent)\n- **[SSL](https://github.com/mitre/SSL)** (enable https for caldera)\n- **[Stockpile](https://github.com/mitre/stockpile)** (technique and profile storehouse)\n- **[Training](https://github.com/mitre/training)** (certification and training course)\n\n### More\nThese plugins are ready to use but are not included by default and are not maintained by the Caldera team.\n- **[Arsenal](https://github.com/mitre-atlas/arsenal)** (MITRE ATLAS techniques and profiles)\n- **[BountyHunter](https://github.com/fkie-cad/bountyhunter)** (The Bounty Hunter)\n- **[CalTack](https://github.com/mitre/caltack.git)** (embedded ATT\u0026CK website)\n- **[SAML](https://github.com/mitre/saml)** (SAML authentication)\n\n## Requirements\n\nThese requirements are for the computer running the core framework:\n\n* Any Linux or MacOS\n* Python 3.9+ (with Pip3)\n* Recommended hardware to run on is 8GB+ RAM and 2+ CPUs\n* Recommended: GoLang 1.17+ to dynamically compile GoLang-based agents.\n* NodeJS (v16+ recommended for v5 VueJS UI)\n\n## Installation\n\nConcise installation steps:\n```Bash\ngit clone https://github.com/mitre/caldera.git --recursive\ncd caldera\npip3 install -r requirements.txt\npython3 server.py --insecure --build\n```\n\nFull steps:\nStart by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins.\n```Bash\ngit clone https://github.com/mitre/caldera.git --recursive --tag x.x.x\n```\n\nNext, install the PIP requirements:\n```Bash\npip3 install -r requirements.txt\n```\n**Super-power your Caldera server installation! [Install GoLang (1.19+)](https://go.dev/doc/install)**\n\nFinally, start the server.\n```Bash\npython3 server.py --insecure --build\n```\n\nThe `--build` flag automatically installs any VueJS UI dependencies, bundles the UI into a dist directory and is served by the Caldera server. You will only have to use the `--build` flag again if you add any plugins or make any changes to the UI. Once started, log into http://localhost:8888 using the default credentials red/admin. Then go into Plugins -\u003e Training and complete the capture-the-flag style training course to learn how to use Caldera.\n\nIf you prefer to not use the new VueJS UI, revert to Caldera v4.2.0. Correspondingly, do not use the `--build` flag for earlier versions as not required.\n\n**Additionally, please note [security recommendations](#Security) for deploying Caldera.**\n\n## Docker Installation\n\nLocal build:\n```sh\ngit clone https://github.com/mitre/caldera.git --recursive\ncd caldera\ndocker build --build-arg VARIANT=full -t caldera .\ndocker run -it -p 8888:8888 caldera\n```\n\nAdjust the port forwarding (`-p`) and build args (`--build-arg`) as desired to make ports accessible or change the Caldera variant. The ports that you expose depend on which contacts you plan on using (see `Dockerfile` and `docker-compose.yml` for reference).\n\nPre-Built Image (from GitHub Container Registry):\n```sh\ndocker run -p 8888:8888 ghcr.io/mitre/caldera:latest\n```\nThis container may be slightly outdated, we recommend building the container yourself.\n\nTo gracefully terminate your docker container, do the following:\n```sh\n# Find the container ID for your docker container running Caldera\ndocker ps\n\n# Stop the container\ndocker stop \u003ccontainer ID\u003e\n```\n\nThere are two variants available, *full* and *slim*. The *slim* variant doesn't include files necessary for the `emu` and `atomic` plugins, which will be downloaded on-demand if the plugins are ever enabled. The *full* variant is suitable for operation in environments without an internet connection. Slim images on GHCR are prefixed with \"slim\".\n\n**Docker Container Notes**\n- The Caldera container will automatically generate keys/usernames/password on first start.\n- If you wish to override the default configuration or avoid automatically generated keys/passwords, consider bind-mounting your own configuration file with the `-v \u003cyour_path\u003e/conf.yml:/usr/src/app/conf/local.yml` flag.\n- Data stored by Caldera is ephemeral by default. If you wish to make it persistent, use docker volumes and/or bind mounts (`-v \u003cpath_to_your_data_or_volume_name\u003e:/usr/src/app/data/`). Ensure that the directory structure is the same as in the `data/` directory on GitHub, as Caldera will refuse to create these sub-directories if they are missing. Lastly, make sure that the configuration file is also made persistent to prevent issues with encryption keys.\n- The `builder` plugin will not work within Docker.\n- If you wish to modify data used by the `atomic` plugin, clone the `Atomic Red Team` repository outside the container, apply your modifications and bind-mount it (`-v`) to `/usr/src/app/plugins/atomic/data/atomic-red-team` within the container.\n- If you wish to modify data used by `emu`, clone the `adversary_emulation_library` repository locally and bind-mount it (`-v`) to `/usr/src/app/plugins/emu/data/adversary-emulation-plans`.\n\n**Additionally, please note [security recommendations](#Security) for deploying Caldera.**\n\n### User Interface Development\n\nIf you'll be developing the UI, there are a few more additional installation steps.\n\n**Requirements**  \n* NodeJS (v16+ recommended)\n\n**Setup**\n\n1. Add the Magma submodule if you haven't already: `git submodule add https://github.com/mitre/magma`\n1. Install NodeJS dependencies: `cd plugins/magma \u0026\u0026 npm install \u0026\u0026 cd ..`\n1. Start the Caldera server with an additional flag: `python3 server.py --uidev localhost`\n\nYour Caldera server is available at http://localhost:8888 as usual, but there will now be a hot-reloading development server for the VueJS front-end available at http://localhost:3000. Both logs from the server and the front-end will display in the terminal you launched the server from.\n\n## Security\n\nThe Caldera team highly reccommends standing up the Caldera server on a secure environment/network, and not exposing it to the internet. The Caldera server does not have a hardened and thoroughly pentested web application interface, but only basic authentication and security features. Both MITRE and MITRE's US Government sponsors nearly exclusively only use Caldera on secure environments and do not rely on Caldera's own security protocols for proper cyber security.\n\n### Vulnerability Disclosures\n\nRefer to our [Vulnerability Disclosure Documentation](SECURITY.md) for submitting bugs.\n\n#### Recent Vulnerability Disclosures\n\n`🚨Security Notice🚨`: (17 Feb 2025 10:00 EST) Please pull v5.1.0+ for a recent security patch for [CVE-2025-27364](https://www.cve.org/CVERecord?id=CVE-2025-27364). Please update your Caldera instance, especially if you host Caldera on a publicly accessible network. [Vulnerability walkthrough.](https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e)\n\n## Contributing\n\nRefer to our [contributor documentation](CONTRIBUTING.md).\n\n## Licensing\n\nTo discuss licensing opportunities, please reach out to caldera@mitre.org or directly to [MITRE's Technology Transfer Office](https://www.mitre.org/about/corporate-overview/contact-us#technologycontact).\n\n## Caldera Benefactor Program\n\nIf you are interested in partnering to support, sustain, and evolve MITRE Caldera\u0026trade;'s open source capabilities, please contact us at caldera@mitre.org.\n","funding_links":[],"categories":["Synopsis","IR Tools Collection","\u003ca id=\"249c9d207ed6743e412c8c8bcd8a2927\"\u003e\u003c/a\u003eMitreATT\u0026CK","Advesary Emulation Tools","Python","其他_安全与渗透","red-team","IR tools Collection","Threat Simulation","\u003ca id=\"a88c0c355b342b835fb42abee283bd71\"\u003e\u003c/a\u003e工具","hacktoberfest","Tools","Pentesting","Red and Purple Team"],"sub_categories":["Table of Contents","Adversary Emulation","\u003ca id=\"f2c76d99a0b1fda124d210bd1bbc8f3f\"\u003e\u003c/a\u003eWordlist生成","网络服务_其他","Tools","\u003ca id=\"6ab6835b55cf5c8462c4229a4a0ee94c\"\u003e\u003c/a\u003e未分类的","Open Source","Red Team"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre%2Fcaldera","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmitre%2Fcaldera","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre%2Fcaldera/lists"}