Big features
- A new plugin - Response - was added, which allows a user to run automated incident response in the same way we run adversary emulation exercises.
- A new plugin - Atomic - was added, which imports all the open-source Red Canary tests into CALDERA as abilities
- A new plugin - Access - was added, which lays the foundation for doing initial access inside CALDERA. Included in this plugin out of the gate are a website cloner and the ability to load a rubber ducky (USB) with a Sandcat agent delivery command.
- We built out the user authentication, allowing you to log in as either a red or blue user. See the default.yml file for the default credentials for either group. Red users are intended to be red-team operators and blue users blue-team operators. Plugins can now be designated as either red or blue - and they'll be visible only to the given authentication group.
- The entire front-end was rebuilt to be modular. Each component (modal window) is now loaded dynamically on request and refreshes itself automatically.
- The terminal plugin now includes a full, realistic terminal emulator for reverse shells - which will work on any Linux, MacOS or Windows computer. This is coupled with our new Manx agent, which will spin up a reverse-shell on a host and provide the operator with the terminal emulator within the browser.
- We now automatically create reports for operations and every instruction sent to an agent - and store them in the /tmp directory when the server shuts down.
- We include bootstrap instructions - which are instructions sent to an agent on its first beacon. These are described in the conf/agents.yml.
Smaller items
- All documentation has been updated