{{ error }}
Run the CAgent delivery command on each Windows host you want to test - or review the manual installation guide. Alternatively, skip this step and use the simulation domain in the next section. This domain simulates the behavior of the CAgent so you don't need a Windows environment.
Click below to reveal the cagent installation script. Copy and paste this script into an Administrative PowerShell prompt to install the cagent service. Depending on whether CALDERA is deployed behind or proxy and the endpoint's SSL settings you may need to edit and uncomment some lines at the bottom of the script.
* This command requires Visual C++ Redistributable for Visual Studio to be installed before running
All hosts running the CAgent are shown in the table below. Click on rows to add them to a host group network. Then, name your network and save it to continue.
Hostname | ID | Domain | Last seen |
---|
* CALDERA includes a simulated domain called superhero. This domain can be treated as a real one. You can create networks from its hosts and execute full operations against it. All responses will simulate a real Windows domain. Only hosts from the same domain can be added to a network.
Create an adversary to emulate. Add the steps (behaviors) you want your adversary to know about. When you run your adversary, their steps will be fed into the CALDERA planner, which will determine the best way to move through a given network. Not all steps are likely to run every operation nor is their order deterministic. You can skip this section and use one of CALDERA's built-in adversaries.
Step | Score | Tactic | Technique | Add |
---|---|---|---|---|
{{ s.name }} | {{ s.score }} |
{% for m in s.mapping | map(attribute='tactic.name') | unique %}
{{ m }}
{% endfor %}
|
{% for m in s.mapping %}
{{ m.technique.name }} - [{{ m.technique.technique_id }}]
{% endfor %}
|
* Click on any step's Name column to view more details about it. A step's Score is it's relative importance.
This is where you attach an adversary to a network and start the operation. Once you select the network, you'll give the adversary an initial foothold. Depending on the network chosen, required fields will vary.
more stuff
Select an operation to view all executed steps. Click on each to view the unfiltered response from the given host.
![]() STARTED{{ active.start_time }} |
![]() STATUS{{ active.status }} |
![]() NETWORK{{ active.network }} |
![]() ADVERSARY{{ active.adversary }} |
![]() CREDENTIALS{{ active.known_credentials }} |
Execution Control |
* Green means the step was successful. Red means it failed. Grey is in-progress.