MITRE Caldera™
MITRE Caldera™ is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response. It is built on the MITRE ATT&CK™ framework and is an active research project at MITRE. The framework consists of two components: 1. The core system. This is the framework code, consisting of what is available in this repository. Included is an asynchronous command-and-control (C2) server with a REST API and a web interface. 2. Plugins. These repositories expand the core framework capabilities and provide additional functionality. Examples include agents, reporting, collections of TTPs, and more.
FEATURES
ALTERNATIVES
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
Open-source Java application for creating proxies for traffic analysis & modification.
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A simple, fast web crawler for discovering endpoints and assets in a web application
A C2 profile generator for Cobalt Strike designed to enhance evasion.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.
Pwndrop is a self-deployable file hosting service for red teamers, allowing easy upload and sharing of payloads over HTTP and WebDAV.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.