Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Adversay Emulation using Caldera

Pralhad Chaskar
February 23, 2018
Technology
1
130

Adversay Emulation using Caldera

Presented at null Dubai Meet 23 February 2018 Monthly Meet

Pralhad Chaskar

February 23, 2018
Tweet

More Decks by Pralhad Chaskar

See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
280
RDP Hijacking
c0d3xpl0it
0
360
AWS IAM Privilege Escalation Methods
c0d3xpl0it
0
220
Pwning O365 Infrastructure
c0d3xpl0it
0
520
AWS Security Assessment
c0d3xpl0it
0
1.3k
Bloodhound 2.0
c0d3xpl0it
0
150
Auditing ACLs on Active Directory
c0d3xpl0it
0
140
GPO Vs Applocker Restrictions
c0d3xpl0it
0
550
Introduction Atomic Red Team Framework
c0d3xpl0it
0
310

Other Decks in Technology

See All in Technology
Documentação de Produtos: Artefatos essenciais na prática
rigolon
1
230
「知的単純作業」を自動化する、地に足の着いた大規模言語モデル (LLM) の活用
nrryuya
8
6.6k
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
470
自らを知り外と繋がる、日経のエンジニア採用とDevRel活動/devreljp92
nishiuma
2
190
Secrets of a PowerShell "Guru"
guyrleech
1
110
20分で完全に理解するGrafanaダッシュボード
hamadakoji
5
1k
しくじり先生、PharmaXのLLMアプリケーション開発の失敗を語る
pharma_x_tech
0
140
Max out Local LLM in Challenging Environments
sashimimochi
2
210
今さら聞けないDocker入門 〜 Dockerfileのベストプラクティス編
devops_vtj
22
6.7k
Babylon.jsと色々なものを組み合わせる:ブラウザのAPIやガジェットや2D描画ライブラリなど / Babylon.js 勉強会 vol.3
you
PRO
0
190
DevRelによる信頼構築とデータ駆動で変わるエンジニア採用 / DevRel Trust Building to Data Driven Engineering Hiring
bobtani
1
100
類似ロジック実装をiOS/Android間で合わせる道標No.1
fumiyasac0921
1
180

Featured

See All Featured
Faster Mobile Websites
deanohume
300
30k
For a Future-Friendly Web
brad_frost
172
9k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
21
1.6k
Debugging Ruby Performance
tmm1
70
11k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
14
8.4k
Adopting Sorbet at Scale
ufuk
69
8.6k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
323
20k
What's in a price? How to price your products and services
michaelherold
238
11k
YesSQL, Process and Tooling at Scale
rocio
165
13k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
501
140k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
0
50
Side Projects
sachag
451
41k

Transcript

  1. Adversary Emulation using CALDERA Pralhad Chaskar (@c0d3xpl0it)

  2. Terms to know • MITRE • Adversarial Tactics, Techniques &

    Common Knowledge (ATT&CK ) • CALDERA
  3. None
  4. None
  5. None

  6. CALDERA • CALDERA is an automated adversary emulation system that

    performs post-compromise adversarial behavior within Windows Enterprise networks. It generates plans during operation using a planning system and a pre-configured adversary model based on the Adversarial Tactics, Techniques & Common Knowledge (ATT&CK™) project. • These features allow CALDERA to dynamically operate over a set of systems using variable behavior, which better represents how human adversaries perform operations than systems that follow prescribed sequences of actions.

  7. Who needs CALDERA ? • For Defenders who want to

    generate real data that represents how an adversary would typically behave within their networks. • Defenders can get a glimpse into how the intrinsic security dependencies of their network allow an adversary to be successful

  8. Architecture

  9. None
  10. None

  11. Reference • https://github.com/mitre/caldera • https://www.mitre.org/research/technology-transfer/open-source- software/caldera • https://www.sprocketsecurity.com/blog/getting-started-with-mitre- caldera •

    https://holdmybeersecurity.com/2018/01/13/install-setup-mitre- caldera-the-automated-cyber-adversary-emulation-system/
  12. None