Difference between evals_caldera and attack-arsenal repository

[afcidk]

As title, if I'm not misunderstanding these two repositories, attack-arsenal currently contains APT29 and APT3 plugin for caldera, and an emulation plan to run APT29 step-by-step. On the other hand, evals_caldera contains APT3 plugin for caldera.

These two repositories seem to cover similar parts, may I ask the relationship between them?

Since the resources (including plugins) are released in previous rounds (APT29 for 2019 and APT3 for 2018), I'm also curious that if the resources for Carbanak would be released as well?

[jcwilliamsATmitre]

Hey @afcidk!

https://github.com/mitre-attack/evals_caldera is the plugin designed for the APT3 content, this repo currently just contains the APT29 content. The other notable difference will be the target CALDERA version (ex: APT29 only works with 2.6.6).

And yes, we will be releasing the Carbanak + FIN7 resources with the next round of results. Stay tuned!

[afcidk]

Thanks for your quick reply! Really appreciate your works!