Skip to content

Releases: mitre/caldera

v5.3.0

24 Apr 17:51
@elegantmoose elegantmoose
5.3.0
b24f6e7
Compare
Choose a tag to compare
v5.3.0 Latest
Latest

What's Changed

New Contributors

Full Changelog: 5.2.0...5.3.0

Contributors

daw1012345, endiz, and 3 other contributors
Assets 2
Loading

v5.2.0

03 Mar 19:09
@elegantmoose elegantmoose
5.2.0
06e4ded
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.2.0

What's Changed

New Contributors

Full Changelog: 5.1.0...5.2.0

Contributors

daw1012345
Loading

v5.1.0

25 Feb 22:56
@elegantmoose elegantmoose
5.1.0
cc4b9cd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.1.0

What's Changed

New Contributors

Full Changelog: 5.0.0...5.1.0

Contributors

rfulwell, elegantmoose, and 13 other contributors
Loading

v5.0.0 "Magma"

14 Feb 14:55
@elegantmoose elegantmoose
5.0.0
9ceb72d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0 "Magma"

What's Changed

Backwards-Breaking Changes

  • Completely refactored UI/UX VueJS front end. #2874
  • Installation/run commands changed! The first time you run Caldera, you must add the --build flag in order to build the VueJS UI. If you restart the server afterwards, the --build flag is not needed.
  • Dropped support for Python 3.7. #2795

UI

  • Summary dashboard landing page with tiles for agents, operations, adversaries, abilities, and server address. #2874
  • New network and table Operation view. #2874
  • Agent hosts displayed on network view with OS platform icon. #2874
  • Agents are denoted by colored rings around hosts they are beaconing from, with multiple agents marked by multiple rings, and the colors denoting the status of agent. #2874
  • Agents with elevated user execution privileges on their host are denoted by red tinted host OS platform icon. #2874
  • Agent side panel (in network view) that shows key agent/host information. Activated when Agent/host node clicked. #2874
  • Agent actions shortcut on agent side panel. #2874
  • Operation action table. #2874
  • Ability commands now have code syntax highlighting. #2776
  • Fact sources can now be downloaded from Fact Sources view. #2874
  • Added option to rename facts #2811

Plugins

Bug Fixes

  • Fixed encryption key mismatch for backups when booting Caldera locally and then with Docker. #2780
  • Removed operation visibility slider as had no effect on underlying operation. #2806
  • HMAC digest comparison in authorization service is now more resistant to timing attacks. #2823
  • Added manually skipped Abilities to Operation report. #2822
  • Fixed bug selecting the wrong executor for potential links. #2843
  • Moved donut-shellcode python package dependency to Stockpile plugin. Dependency was moved as donut-shellcode package cannot (at this time) be installed on MacOS ARM chip architectures and caused install issues for Caldera core. #2874
  • Fixed Ragdoll agent's timestamp format (thanks to @LwsChlds). mitre/stockpile#571

Other

  • Improved checking of reasons why abilities are skipped in operations. #2623

New Contributors

Full Changelog: 4.2.0...5.0.0

Contributors

d3vco, Avlyssna, and 2 other contributors
Loading

4.2.0

19 Jun 21:28
@clenk clenk
4.2.0
bcaac29
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.2.0

What's Changed

Backwards-Breaking Changes

  • Link results now return stdout and stderr separately, as a dictionary. Any non-CALDERA users of APIs/reports or any custom plugins may be effected. #2662
  • Moved Atomic planner into Caldera main repo from stockpile. #2768

Plugins

  • The mock plugin will no longer be officially supported.

Bug Fixes

  • Fixed bug with the /operations API endpoint. #2691
  • Fixed bug where newline was missing at the end of operation logs. #2693
  • Fixed bug causing LDAP integration to fail. #2718
  • Fixed bug with fact sources not being removed correctly. #2732
  • Fixed bug causing Metasploit integration to fail.

UI

  • Fixed bug where plaintext command was not displayed correctly in the UI. #2668
  • Fixed bug freezing UI when deleting an operation. #2671
  • Adversary profile page now displays the Adversary ID for the selected adversary. #2672
  • Tabs are now pinned to the top of the page. #2695
  • Fixed bug preventing manually approving links in UI. #2729
  • Updated moving abilities on adversary page to be more clear. #2770

Planners

  • (New!) Naive Bayes planner: selects next action based on highest probability of success, as determined from historical operation report data.
  • (New!) Universal and Existential requirements: can check facts against the entire knowledge base instead of only using facts used by the command.

Other

  • Link commands are now unencoded by default, but are still sent encoded if any obfuscation is used for an operation. #2698
  • Added several event types to the eventing system: agent/added, fact/added, fact/updated, system/ready. #2692
  • Sandcat agents now include return the "exit_code" field in results. #2713
  • Sandcat agents now close out their sessions properly, preventing large sessions potentially showing up in logs.

New Contributors

Full Changelog: 4.1.0...4.2.0

Contributors

JamieScottC, pirxthepilot, and 3 other contributors
Loading

4.1.0

19 Sep 20:20
@argaudreau argaudreau
4.1.0
a1f6a91
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.1.0

What's Changed

Bug Patches

  • Fixed "Save + Add" button on "Add Ability" modal in adversaries page so it doesn't result in an error. #2637
  • Fixed a first-time startup error in the Atomic plugin resulting from a loop when parsing atomic abilities. #2657
  • Fixed a bug in the Training plugin preventing the first manx flag from completing. #2638
  • Fixed "(unexpected keyword argument 'loop')" error from the start_server call. #2625

Security Fixes

  • Patched a XSS bug found in the Operations tab and Debrief plugin that took advantage of unsanitized input in an operation's name field. #2644
    • Disclosure reports coming soon, stay tuned
    • Credit to Jayson Grace from Meta's Purple Team for discovering this vulnerability

Operations Page

  • Added "Operations Detail" modal on operation page that shows how the operation was configured at its start. #2558
  • Tidied up row of buttons so they align better. #2615

Adversaries

(New!) "Everything Bagel" adversary: A collection of all CALDERA abilities ordered by ATT&CK tactic. Particularly useful when using the new advanced planners (see below) and want all abilities at the disposal of the planner.

(In progress) Added a missing ability to the "Worm" Adversary in the Stockpile plugin.

Planners

(New!) Look-Ahead Planner: A CALDERA planner that decides which abilities to execute based on expected future reward.
(New!) Guided Planner: A CALDERA planner which makes use of "distance to goals" in a dependency graph to select the optimal next action.

New Contributors

Full Changelog: 4.0.0...4.1.0

Contributors

pierregi, jt0dd, and 3 other contributors
Loading

4.0.0

14 Jun 15:14
@wbooth wbooth
4.0.0
4fe71ac
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.0.0

What's Changed

All New User Interface

  • Brand new look and feel across the entire platform.
  • AlpineJS has replaced JQuery as our front-end framework.
  • Bulma is our CSS framework of choice, which makes styling our templates a breeze.
  • Core pages like operations, adversaries, and agents have been completely revamped to make them more powerful, insightful, and robust.

Operations Page

  • Made more use of screen real estate.
  • Adding a potential link now gives you the ability to edit the command before it's added.
  • You can select fact values for all fact templates in a potential link, either ones from a fact source or ones collected from the operation.

Training Plugin

  • UI has been refreshed to match the new UI in core CALDERA.
  • Gameboard badge has been removed.
  • Solution guides have been updated to reflect the changes in the new interface.

Sandcat

  • Can update executors mid-operation
  • New "proc" executor that directly spawns desired processes
  • New "native" executor that performs various TTPs through pure Golang.
  • Now provides command output for timed-out links
  • New C2 channels and capabilities: SSH tunneling, FTP, Slack

Other

  • REST API v2 with associated API Swagger Docs
  • New open-source abilities and adversary profiles, including new collection and exfiltration capabilities.
  • Timestamps in sandcat are now UTC instead of local time
  • Automatic deletion of payloads is now optional
  • Better storage of exfiltrated files to prevent overwriting
  • More back end tests have been added
  • General bug squashing and improvements

v5.0

We've begun working on v5 and are excited to bring capabilities not currently seen by automated cyber operation platforms

New Contributors

Full Changelog: 3.1.0...4.0.0

Contributors

cyber-arsenull, cmagone, and 16 other contributors
Loading
0 Join discussion

4.0.0 Beta

31 Jan 23:17
@argaudreau argaudreau
4.0.0-beta
261cb55
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.0.0 Beta

What's Changed

Operations Page

  • Made more use of screen space at top of page
  • Adding a potential link now gives you the ability to edit the command before it's added
  • You can select fact values for all fact templates in a potential link, either ones from a fact source or ones collected from the operation.

Training Plugin

  • UI has been refreshed to match the new UI in core CALDERA
  • Gameboard badge has been removed
  • New users should be able to complete User certificate in its entirety without issue

Other

  • API Docs are better documented
  • Timestamps in sandcat are now UTC instead of local time
  • More back end tests have been added
  • General bug squashing and improvements

Full Changelog: 3.1.0...4.0.0-beta

Contributors (since last release)

@ArtificialErmine, @clenk, @argaudreau, @iguannalin, @heatonk, @bleepbop, @mchan143, @christophert, @yee-jonathan, @blackwidow0616, @djlawren, @ddavila54, @CDJellen, @wbooth, @bernsteinj, @emmanvg, @cyber-arsenull, @uruwhy, @elegantmoose, @damionmounts, @zacharylc-mitre, @cmagone, @alexanderkent, ... and more!

New Contributors

Thank you to all of the MANY builders of CALDERA, both in and out of GitHub! 🚀

Contributors

christophert, clenk, and 24 other contributors
Loading
2 Join discussion

4.0.0 Alpha2

02 Dec 18:16
@wbooth wbooth
4.0.0-alpha.2
b8b033d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.0.0 Alpha2 Pre-release
Pre-release

Bugfixes and enhancements to the 4.0.0-alpha release

What's Changed

New Contributors

Thank you to the MANY builders of CALDERA on and off Github!

Full Changelog: 3.1.0...4.0.0-alpha2

Contributors

clenk, cyber-arsenull, and 13 other contributors
Loading

4.0.0 Alpha

06 Oct 17:21
@wbooth wbooth
4.0.0-alpha
d742b2b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
4.0.0 Alpha Pre-release
Pre-release

** Plugin UIs are still being updated so this will remain a pre-release until then

New UI

We are re-imagining the way end users interact with CALDERA. This includes large updates to the UI.
Included is a new abilities screen to easily manage your extensive library.

API v2

Calling all builders! For all those who build on the CALDERA platform we have a whole new API with full documentation. Currently docs are available once you start up the server. Look for a link at the bottom of the navigation menu "api docs"

C2 Channels

We've introduced some new C2 channels, including:

  • Slack
  • SSH tunneling
  • FTP

Agent Updates

  • Sandcat agent support for new C2 channels (Slack, FTP, SSH tunneling)
  • New “proc” executor for Sandcat that will directly spawn processes using a provided executable path and arguments, rather than calling via PowerShell, sh, or cmd.
  • Sandcat agents can remove executors or update executor binary paths
  • Manx agents can properly run commands of longer durations.

Knowledge Service

New service created to better manage facts and information during an operation or when performing analysis

File upload/download encoding

Supports basic file encoding (plaintext and base64) for payload downloads and file uploads. To encode a downloaded payload or uploaded file, set the “x-file-encoding" HTTP header accordingly when making the download/upload request. Available data encoders are defined as Python modules in app/data_encoders. Currently supported encoders are “plain-text” and “base64”

Auth service

Add support for custom login handlers, as well as a new SAML authentication plugin.

Other Changes

  • Dropped python 3.6 support and now testing for 3.7, 3.8, and 3.9
  • We now support all browsers, Google Chrome is no longer the only supported browser

New CALDERA Contributors

Thank you to the MANY builders of CALDERA on and off Github!

Full Changelog: 3.1.0...4.0.0-alpha

Contributors

argaudreau, emmanvg, and 4 other contributors
Loading
3 Join discussion
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy