search

mitre / caldera

Automated Adversary Emulation Platform
https://caldera.mitre.org
Apache License 2.0
5.38k stars 1.04k forks source link

How to use JSON file with Caldera ?? #2598

Closed iPlayC closed 2 years ago

iPlayC commented 2 years ago

Hi everybody,

I have been using Caldera software for a short time, I want to use the full power of this software! I can launch operations and create adversaries, but I don't know how to put malware and see how it reacts on my test PC.

Thank you for your answer.

Sincerely

IPlayC

github-actions[bot] commented 2 years ago

Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/

CDJellen commented 2 years ago

Hello @iPlayC ,

CALDERA supports this testing primarily through custom payloads, copied to the target machine and executed using a deployed agent.

If you have a malicious executable you'd like to execute on your test PC, you can add this executable to the /plugins/stockpile/payloads/ directory. Once you launch the CALDERA server, you can add this new payload to a custom ability and add an executor command to this ability, such as start my_malicious_executable.exe. This should allow you to:

  1. Autonomously transfer the malicious executable to your test PC using a CALDERA agent, and
  2. Autonomously execute this executable. By default, the stdout and stderr will be captured and sent back to the C2 server / CALDERA UI.

Please let me know if you need any help in creating a custom ability with your payload!