Port details |
- caldera Automated Adversary Emulation Platform
- 5.0.0_11 security =2 5.0.0_11Version of this port present on the latest quarterly branch.
- Maintainer: acm@FreeBSD.org
- Port Added: 2023-04-29 06:12:06
- Last Update: 2024-08-09 06:24:08
- Commit Hash: aa8c011
- People watching this port, also watch:: jdictionary, py311-Automat, py311-python-gdsii, py39-PyOpenGL, p5-Sane
- Also Listed In: python
- License: APACHE20
- WWW:
- https://github.com/mitre/caldera
- Description:
- CALDERA a cyber security platform designed to easily automate adversary
emulation, assist manual red-teams, and automate incident response.
It is built on the MITRE ATT&CK framework and is an active research project
at MITRE.
The framework consists of two components:
- The core system. This is the framework code, consisting of what is available
in this repository. Included is an asynchronous command-and-control (C2)
server with a REST API and a web interface.
- Plugins. These repositories expand the core framework capabilities and
providing additional functionality. Examples include agents, reporting,
collections of TTPs and more.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- caldera>0:security/caldera
- Conflicts:
- CONFLICTS:
- To install the port:
- cd /usr/ports/security/caldera/ && make install clean
- To add the package, run one of these commands:
- pkg install security/caldera
- pkg install caldera
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: caldera
- Flavors: there is no flavor information for this port.
- distinfo:
- TIMESTAMP = 1708127632
SHA256 (caldera-cache-5.0.0.tar.gz) = c0f160ec5431b0096a9ce8e2adde062de97be96e66e9e8756b4646e4d8c2a9a9
SIZE (caldera-cache-5.0.0.tar.gz) = 41756498
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- npm-node18>0 : www/npm-node18
- go121 : lang/go121
- node : www/node18
- python3.11 : lang/python311
- Test dependencies:
-
- python3.11 : lang/python311
- Runtime dependencies:
-
- py311-aiohttp>0 : www/py-aiohttp@py311
- py311-aiohttp-jinja2>0 : www/py-aiohttp-jinja2@py311
- py311-aiohttp-session>0 : www/py-aiohttp-session@py311
- py311-aiohttp-security>0 : security/py-aiohttp-security@py311
- py311-aiohttp-apispec>0 : devel/py-aiohttp-apispec@py311
- py311-Jinja2>0 : devel/py-Jinja2@py311
- py311-pyyaml>=0 : devel/py-pyyaml@py311
- py311-websockets>0 : devel/py-websockets@py311
- py311-sphinx>0 : textproc/py-sphinx@py311
- py311-docutils>0 : textproc/py-docutils@py311
- py311-sphinx_rtd_theme>0 : textproc/py-sphinx_rtd_theme@py311
- py311-myst-parser>0 : textproc/py-myst-parser@py311
- py311-marshmallow>0 : devel/py-marshmallow@py311
- py311-dirhash>0 : security/py-dirhash@py311
- py311-docker>0 : sysutils/py-docker@py311
- py311-donut-shellcode>0 : devel/py-donut-shellcode@py311
- py311-marshmallow-enum>0 : devel/py-marshmallow-enum@py311
- py311-ldap3>0 : net/py-ldap3@py311
- py311-lxml>0 : devel/py-lxml@py311
- py311-reportlab>0 : print/py-reportlab@py311
- py311-svglib>0 : converters/py-svglib@py311
- py311-markdown>0 : textproc/py-markdown@py311
- py311-dnspython>0 : dns/py-dnspython@py311
- py311-asyncssh>0 : security/py-asyncssh@py311
- py311-aioftp>0 : ftp/py-aioftp@py311
- py311-packaging>0 : devel/py-packaging@py311
- py311-pyautogui>0 : x11/py-pyautogui@py311
- py311-selenium>0 : www/py-selenium@py311
- py311-webdriver_manager>0 : www/py-webdriver_manager@py311
- py311-beautifulsoup>0 : www/py-beautifulsoup@py311
- py311-networkx>0 : math/py-networkx@py311
- py311-numpy>0 : math/py-numpy@py311
- upx>0 : archivers/upx
- base64>0 : converters/base64
- git>0 : devel/git
- bash>0 : shells/bash
- haproxy24>0 : net/haproxy24
- go121 : lang/go121
- py311-cryptography>=42.0.8,1 : security/py-cryptography@py311
- python3.11 : lang/python311
- This port is required by:
- for Run
-
- security/caldera-ot
Configuration Options:
- ===> The following configuration options are available for caldera-5.0.0_11:
HAPROXY=on: Support for HTTPS
===> Use 'make config' to modify these settings
- Options name:
- security_caldera
- USES:
- dos2unix go:run nodejs:18,build python
- pkg-message:
- For install:
- Caldera 5 port was installed
1) Take on mind it is a modifying version of Caldera for include FreeBSD as
supported OS and you could found some issues. Problem reports are welcome.
2) Add the following lines to /etc/rc.conf
# sysrc caldera_enable="YES"
or enable it from service command
# service caldera enable
3) Before of start Caldera you must run some scripts for generate/update payload
files
# su -m caldera -c 'cd /usr/local/www/caldera/plugins/manx && \
setenv GOCACHE /tmp/caldera/.cache; setenv GOMODCACHE /tmp/caldera/.vendor; \
sh update-shells.sh'
# su -m caldera -c 'cd /usr/local/www/caldera/plugins/sandcat && \
setenv GOCACHE /tmp/caldera/.cache; setenv GOMODCACHE /tmp/caldera/.vendor; \
sh update-agents.sh'
4) Do not forget modify configuration files before of run Caldera. For default
it runs in insecure mode (http). Caldera configuration files are located at
/usr/local/www/caldera/conf
5) You can change default user passwords modifying default.yml file into
/usr/local/www/caldera/conf folder. By default Caldera uses admin/admin,
blue/admin or red/admin like user/password.
# sed -i "" -e "s|admin: admin|admin: `openssl rand -base64 32`|g" default.yml
# sed -i "" -e "s|blue: admin|blue: `openssl rand -base64 32`|g" default.yml
# sed -i "" -e "s|red: admin|red: `openssl rand -base64 32`|g" default.yml
6) If you want run it in secure mode (https) take a look in ssl plugin section:
https://caldera.readthedocs.io/en/latest/Plugin-library.html#ssl
You will need add an empty caldera_flags to /etc/rc.conf for enable it
# sysrc caldera_flags=
7) Start Caldera service
# service caldera start
8) When Caldera is starting, atomic plugin will use git to download files from
the following link:
https://github.com/redcanaryco/atomic-red-team
Currently, the project does not include FreeBSD like a supported platform.
For this reason, Atomic plugin was patched for download atomic-red-team
files from the following repository until my pull request will be merge into
redcanaryco/atomic-red-team:
https://github.com/alonsobsd/atomic-red-team
Those files are necessary for generate yml files used by Caldera abilities
9) Caldera web listens on port localhost:8888 by default
http://localhost:8888
If you want to MITRE Caldera works wth non-localhost settings, you can do the
following:
# sed -i "" -e 's|http://localhost|http://ip_or_hostname_here|g' /usr/local/www/caldera/plugins/magma/dist/index*.js
If you are using ssl plugin:
# sed -i "" -e 's|http://localhost:8888|https://ip_or_hostname_here:8443|g' /usr/local/www/caldera/plugins/magma/dist/assets/index*.js
Take on mind port number must be changed depending of your settings
I prefer change the ip/hostname:port of this way because it is more quick
instead of re-build plugins/magma each time we define/change VITE_CALDERA_URL
into .env file. Also it drop dependency of node_modules files and nodejs app.
10) Log file is located at /var/log/caldera.log
11) For more configure information you can look at the following link:
https://caldera.readthedocs.io/en/latest/
12) Enjoy it
- Master Sites:
|
Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
Commit | Credits | Log message |
5.0.0_11 09 Aug 2024 06:24:08 |
Ashish SHUKLA (ashish) |
all: Bump after lang/go121 update |
5.0.0_10 07 Jul 2024 08:05:33 |
Po-Chuan Hsieh (sunpoet) |
devel/py-pyyaml: Move devel/py-yaml to devel/py-pyyaml
- Bump PORTREVISION of dependent ports for dependency change |
5.0.0_9 03 Jul 2024 08:29:54 |
Ashish SHUKLA (ashish) |
all: Bump after lang/go121 update |
5.0.0_8 15 Jun 2024 09:52:17 |
Ashish SHUKLA (ashish) |
all: Bump after lang/go121 update
MFH: 2024Q2 |
5.0.0_7 20 May 2024 10:33:03 |
Vsevolod Stakhov (vsevolod) |
security/libsodium: update to 1.0.19, bump dependent ports
PR: 278259
Reported by: Andrey Korobkov <alster-vinterdalen.se> |
5.0.0_6 13 May 2024 17:56:04 |
Ashish SHUKLA (ashish) |
all: Bump after lang/go121 update
MFH: 2024Q2 |
5.0.0_5 15 Apr 2024 08:20:04 |
Ashish SHUKLA (ashish) |
all: Bump after lang/go121 update
MFH: 2024Q2 |
5.0.0_4 29 Mar 2024 03:53:24 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: missing distinfo entry
Reported by: pkg-fallout |
5.0.0_4 26 Mar 2024 05:57:33 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Improve port
- Improve rc script. Now it kills some child processes
- Use my new atomic-red-team repository. It include a new entry run_as into yaml
files for identify FreeBSD tests easily because oficial
redcanaryco/atomic-red-team project included new changes and these remove
freebsd entries from yaml files because it was merged into linux tests. Now
identify what are FreeBSD tests is almost imposible.
- Some other minor modifications
- Bump PORTREVISION |
5.0.0_3 24 Mar 2024 14:29:00 |
Muhammad Moinur Rahman (bofh) |
lang/go: Change DEFAULT to 1.21
PR: 277776
Approved by: portmgr (exp-run) |
5.0.0_2 22 Feb 2024 21:36:17 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Fix typo
- Bump PORTREVISION |
5.0.0_1 20 Feb 2024 04:21:36 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Add missing dependency (www/npm-node18)
- Bump PORTREVISION
Reported by: pkg-fallout |
5.0.0 17 Feb 2024 21:29:08 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Update to 5.0.0
ChangeLog at: https://github.com/mitre/caldera/releases/tag/5.0.0 |
4.2.0_4 11 Feb 2024 10:39:17 |
Ashish SHUKLA (ashish) |
all: Bump PORTREVISION after lang/go* update
PR: 276530 |
4.2.0_3 07 Dec 2023 02:22:10 |
Ashish SHUKLA (ashish) |
all: Bump PORTREVISION after lang/go* update
PR: 274405 |
4.2.0_2 29 Sep 2023 14:19:56 |
Po-Chuan Hsieh (sunpoet) |
*: Replace USES=pycryptography* with USE_PYTHON=cryptography{,_build,_test}
- Introduce USE_PYTHON=cryptography{,_build,_test}
- Switch all 96 ports from USES=pycryptography to with
USE_PYTHON=cryptography{,_build,_test}
- Remove Mk/Uses/pycryptography.mk
PR: 273727
Approved by: tcberner (portmgr)
Exp-run by: antoine |
4.2.0_2 08 Sep 2023 14:34:56 |
Dmitri Goutnik (dmgk) |
all: Bump PORTREVISION after lang/go* update |
4.2.0_1 04 Aug 2023 14:24:50 |
Dmitri Goutnik (dmgk) |
all: Bump PORTREVISION after lang/go{119,120} update |
4.2.0 22 Jul 2023 07:46:38 |
Tobias C. Berner (tcberner) |
framework: convert tree to use USES=pycryptography
A future commit will update to security/py-cryptography will introduce a
rust dependency.
PR: 254853 |
4.2.0 27 Jun 2023 19:34:34 |
Rene Ladan (rene) |
all: remove explicit versions in USES=python for "3.x+"
The logic in USES=python will automatically convert this to 3.8+ by
itself.
Adjust two ports that only had Python 3.7 mentioned but build fine
on Python 3.8 too.
finance/quickfix: mark BROKEN with PYTHON
libtool: compile: c++ -DHAVE_CONFIG_H -I. -I../.. -I -I. -I.. -I../.. -I../C++
-DLIBICONV_PLUG -DPYTHON_MAJOR_VERSION=3 -Wno-unused-variable
-Wno-maybe-uninitialized -O2 -pipe -DLIBICONV_PLUG -fstack-protector-strong
-fno-strict-aliasing -DLIBICONV_PLUG -Wall -ansi
-Wno-unused-command-line-argument -Wpointer-arith -Wwrite-strings
-Wno-overloaded-virtual -Wno-deprecated-declarations -Wno-deprecated -std=c++0x
-MT _quickfix_la-QuickfixPython.lo -MD -MP -MF
.deps/_quickfix_la-QuickfixPython.Tpo -c QuickfixPython.cpp -fPIC -DPIC -o
.libs/_quickfix_la-QuickfixPython.o
warning: unknown warning option '-Wno-maybe-uninitialized'; did you mean
'-Wno-uninitialized'? [-Wunknown-warning-option]
QuickfixPython.cpp:175:11: fatal error: 'Python.h' file not found
^~~~~~~~~~
1 warning and 1 error generated.
Reviewed by: portmgr, vishwin, yuri
Differential Revision: <https://reviews.freebsd.org/D40568> |
4.2.0 21 Jun 2023 16:48:22 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Update to 4.2.0
ChangeLog at: https://github.com/mitre/caldera/releases/tag/4.2.0 |
4.1.0_2 02 Jun 2023 21:07:58 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Fix permission issues with some payload directories
- Fix a problem in ragdoll payload
- Add GOCACHE and GOMODCACHE to caldera_env into caldera rc script. It is
useful for avoid issues when some payloads are compiled
- Some other modifications
- Bump PORTREVISION |
4.1.0_1 11 May 2023 04:33:09 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: Use caldera user and group into port files
- Update caldera rc file
- Update pkg-plist file
- Atomic plugin was patched for download yaml from alonsobsd/atomic-red-team
instead of redcanaryco/atomic-red-team github repository until my pull
request will be approved
- Add/modify entries into pkg-message file
- Bump PORTREVISION |
4.1.0 29 Apr 2023 06:08:03 |
Jose Alonso Cardenas Marquez (acm) |
security/caldera: New port: Automated Adversary Emulation Platform
CALDERA a cyber security platform designed to easily automate adversary
emulation, assist manual red-teams, and automate incident response.
It is built on the MITRE ATT&CK framework and is an active research project
at MITRE.
The framework consists of two components:
- The core system. This is the framework code, consisting of what is available
in this repository. Included is an asynchronous command-and-control (C2)
server with a REST API and a web interface.
- Plugins. These repositories expand the core framework capabilities and
providing additional functionality. Examples include agents, reporting,
collections of TTPs and more. |