Giter Site home page Giter Site logo

dancy-bear / arsenal Goto Github PK

View Code? Open in Web Editor NEW

This project forked from mitre-atlas/arsenal

0.0 0.0 0.0 17 MB

CALDERA plugin for adversary emulation of AI-enabled systems

Home Page: https://mitre-atlas.github.io/arsenal/

License: Apache License 2.0

Shell 13.80% Python 79.10% HTML 7.10%

arsenal's Introduction

CALDERA plugin: Arsenal

Arsenal is a plugin developed for adversary emulation of AI-enabled systems. This plugin will provide TTPs defined in MITRE ATLAS to interface with CALDERA.

Read the full documentation

For ml-attack-staging and ml-model-access abilities (see list below), additional information and examples on using these abilities are detailed in the arsenal/docs/ folder.

JUNE 2023 included abilities:

  • Discover remote services
  • Discover local services
  • Discover available network services
  • Search and stage Tensorflow model files/checkpoints
  • Discover ML specific services - Torchserve
  • Discover GPUs on a system
  • Stage a local image for classification
  • Install ML-related tools (on C2-server or victim system): Python, Microsoft Counterfit, Tensorflow-CPU, Tesorflow-GPU
  • Gain API access to a served model (Torchserve)
  • Build a custom Microsoft Counterfit target and stage an attack

JUNE 2023 included Adversaries:

  • "Tensormancer" - Discover a Tensorflow model or checkpoint and stage an image for classification
  • Exfiltrate a model or checkpoint file
  • Stage an adversarial ML attack on a discovered ML model or service using Microsoft Counterfit library

Usage

System requirements:

  • Ubuntu 18.04 or 20.04

  • Python version 3.7+

    Plugin Dependencies:

    • Caldera Stockpile: Some Arsenal abilities and adversaries require addition TTPs and requirements include in the Caldera Stockpile. A version more recent than this commit is required for these capabilities: Stockpile.
    • Microsoft Counterfit: a required dependency to create and run adversarial machine learning attacks. This dependency is used by the Build and Attack a Custom CFTarget ability and its payload.
      • If following the Installation with Caldera, this dependency is installed automatically on the C2 server (host).
      • It can also be installed locally using the requirements.txt located in this repository or installed on remote machines using the Install Counterfit ability.

Installation with CALDERA*:

  1. Navigate to caldera-atlas repository and follow steps for installation and setup.

  2. Navigate to the UI: localhost:8888

    *arsenal is not yet a default CALDERA plugin, therefore there are additional steps to include this plugin into the app.

Contact us [email protected]

overview

arsenal's People

Contributors

privateducky avatar mdotter-mitre avatar wbooth avatar afennelly-mitre avatar khyberspache avatar brianedmonds90 avatar artificialermine avatar uruwhy avatar scottctaylor12 avatar mchan143 avatar djlawren avatar nopfor avatar unkempthenry avatar garunagiri avatar ddavila54 avatar clenk avatar mrengstrom avatar dumprop avatar elegantmoose avatar christophert avatar kaylakraines avatar cbushomitre avatar argaudreau avatar bluesentinelsec avatar littlehack3r avatar rdminter avatar crud3 avatar jstroud-mitre avatar tsmith60 avatar rfrank27 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.