Home

Awesome

Caldera for OT plugin: Modbus

A Caldera for OT plugin supplying Caldera with Modbus protocol TTPs. This is part of a series of plugins that provide added threat emulation capability for Operational Technology (OT) environments.

Full Modbus plugin documentation can be viewed as part of fieldmanual, once the Caldera server is running.

Installation

To run Caldera along with modbus plugin:

  1. Download Caldera as detailed in the Installation Guide
  2. Install the modbus plugin in Caldera's plugin directory: caldera/plugins
  3. Enable the modbus plugin by adding - modbus to the list of enabled plugins in conf/local.yml or conf/default.yml (if running Caldera in insecure mode)

Version

This plugin is compatible with Caldera version 4.2.0 and version 5.0.0. The latest version of Caldera can be checked out using the following method:

git clone --recursive https://github.com/mitre/caldera.git

Tested OS Versions for Plugin Payload(s)

Building of the Modbus plugin payloads has been tested as described here. See the corresponding plugin payload source code for further build information.

Testing of the binaries has occured on:

Plugin Payload Source Code

For additional information on the modbus plugin payload source code, please see this corresponding repository, which contains additional licensing and build guidance.

Plugin Usage

Sources contains a small example fact set and the fieldmanual documentation contains a reference section on modbus sources.