Tools

UPDATE: MITRE CALDERA 2.3.0

A month ago, MITRE Caldera 2.2.0 was released and a couple of days back now MITRE CALDERA 2.3.0 was released as well. If you remember, I wrote briefly about this automated adversary emulation system in my post titled – List of Adversary Emulation Tools.  A lot of changes have been made to create this updated version and as always, this post discusses the different updates made to this awesome tool!


MITRE CALDERA 2.3.0

What is MITRE CALDERA?

CALDERA is an automated adversary emulation system, built on the ATT&CK framework, that performs post-compromise adversarial behavior inside computer networks. It is intended for both red and blue teams.

What’s New In CALDERA?

Some key updates in this release are:

  1. The abilities format has changed, most notably around the addition of executors.
  2. All mutable files (abilities, adversaries, facts and planners) are now stored in the Stockpile plugin’s data/directory.
  3. The app uses an in-memory SQL database instead of a file-based DB (still SQLite, however).
  4. A new plugin, Terminal, adds shell capabilities.
  5. Many new UI features have been added to Chain mode.
  6. Two new executors, pwsh (PowerShell core) and cmd (command prompt) have been added.

Most notably for me, as the changelog above mentions, a new plugin – the Terminal has been added. It provides shell access into CALDERA, along with reverse-shell payloads for entering/exiting agents manually. This plugin is bundled with a custom shell (Zero) which can be used once a session with a client has been established. This bumps up the total number of plugins to 8 (including the GUI)!

The GUI updates to show command delivery, functionality to move between dark or light modes, addition of a PsExec ability and the work with custom the Mimkatz parser are awesome as well.

Download MITRE CALDERA 2.3.0:

Clone the MITRE CALDERA 2.3.0 directory recursively from it’s GitHub page here or download archives – (caldera-2.3.0.zip/caldera-2.3.0.tar.gz) from here. All you need is a system that supports Python 3.6+ and is designed on top of the asyncio library.

Kali Linux 2019.3, the latest and the greatest Kali Linux release is now officially available! This is the third 2019 release, which comes after Kali Linux 2019.2. This release includes the normal bugs fixes, updates the kernel to version 5.2.9, and includes various new features across the board with NetHunter, ARM and packages. This is the first

You Might Also Like

Leave a Reply