Full documentation, training and use-cases can be found here.
CALDERA™ is a cyber security framework designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.
It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE.
The framework consists of two components:
⭐️ Create your own plugin! Plugin generator: Skeleton ⭐️
These plugins are ready to use but are not included by default:
These requirements are for the computer running the core framework:
Start by cloning this repository recursively, passing the desired version/release in x.x.x format. This will pull in all available plugins. If you clone master - or any non-release branch - you may experience bugs.
git clone https://github.com/mitre/caldera.git --recursive --branch 3.0.0
Next, install the PIP requirements:
pip3 install -r requirements.txt
Super-power your CALDERA server installation! Install GoLang (1.13+)
Finally, start the server.
python3 server.py --insecure
Collectively this would be:
git clone https://github.com/mitre/caldera.git --recursive --branch 3.0.0 cd caldera pip3 install -r requirements.txt python3 server.py --insecure
Once started, you should log into http://localhost:8888 using the credentials red/admin. Then go into Plugins -> Training and complete the capture-the-flag style training course to learn how to use the framework.
Watch the following video for a brief run through of how to run your first operation.
Refer to our contributor documentation.
In addition to CALDERA™'s open source capabilities, MITRE maintains several in-house CALDERA™ plugins that offer more advanced functionality. For more information, or to discuss licensing opportunities, please reach out to [email protected] or directly to MITRE's Technology Transfer Office.