From c0de0a85afc0fe82242ce9486d877436874017f5 Mon Sep 17 00:00:00 2001 From: deacon-mp Date: Wed, 20 May 2026 09:53:30 -0400 Subject: [PATCH] Fix Installation section: document mitre/atomic plugin, not the AtomicCaldera fork MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The README's Installation/Dependencies steps described the third-party xenoscr/atomiccaldera project rather than this plugin. Every step was inaccurate for mitre/atomic: - Cloned xenoscr/atomiccaldera (and added `atomiccaldera` to plugins) instead of mitre/atomic / `atomic`. - `pip install -r requirements.txt` — no requirements file exists in this repo. - Manual `git clone redcanaryco/atomic-red-team` — the plugin clones this automatically on first enable (app/atomic_svc.py:clone_atomic_red_team_repo). - `git clone mitre/cti` + STIX2 dependency — never used; the technique/tactic mapping is read from enterprise-attack.json bundled inside the atomic-red-team repo (app/atomic_svc.py:111). - `edit conf/artconf.yml` — no conf/ directory or artconf reference exists in the code. Rewrites Installation to the standard CALDERA plugin flow (clone into plugins/, enable in local.yml, restart; data is auto-fetched) and trims Dependencies to what is actually required. Co-Authored-By: Claude Opus 4.7 (1M context) --- README.md | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 7e2a651..aa1e158 100644 --- a/README.md +++ b/README.md @@ -18,28 +18,29 @@ Atomic-level detection validation ## Installation: -1. Clone the repository to MITRE's Caldera "plugins" folder: -`cd ` -`git clone https://github.com/xenoscr/atomiccaldera.git` -2. Change directories: -`cd atomiccaldera` -3. Install required Python modules: -`pip install -r requirements.txt` -4. Clone the Red Canary Atomic Red Team repository: -`git clone https://github.com/redcanaryco/atomic-red-team.git` -5. Clone the MITRE CTI repository: -`git clone https://github.com/mitre/cti.git` -6. Edit the `conf/artconf.yml` file to update the paths to point to your Atomic Red Team and CTI repositories. -7. Edit Caldera's `local.yml` file and add `atomiccaldera` to the plugins section. +The Atomic plugin ships with CALDERA as a default plugin (a git submodule under +`plugins/atomic`). To add it manually: + +1. Clone this repository into CALDERA's `plugins` folder: +`cd /plugins` +`git clone https://github.com/mitre/atomic.git` +2. Enable the plugin by adding `- atomic` to the `plugins:` list in CALDERA's +`conf/local.yml` (or `conf/default.yml`). +3. Restart CALDERA. + +On first load the plugin automatically clones Red Canary's Atomic Red Team +repository into `plugins/atomic/data/atomic-red-team` and imports the tests as +abilities — no manual cloning, requirements file, or path configuration is +required. The ATT&CK technique-to-tactic mapping is read from the +`enterprise-attack.json` file bundled inside that same repository, so no separate +CTI repository is needed. (This first import takes a while; see "Getting Started" +below.) ## Dependencies/Requirements: -1. Python 3.8+ with the following libraries installed: -- PyYAML - https://pyyaml.org/wiki/PyYAML -- STIX2 - https://github.com/oasis-open/cti-python-stix2 -2. Atomic-Caldera requires the following repositories be stored locally somewhere: -- https://github.com/redcanaryco/atomic-red-team -- https://github.com/mitre/cti +- `git` available on the PATH (used to clone the Atomic Red Team repository). +- Python dependencies are provided by CALDERA core (e.g. PyYAML); the plugin has +no separate requirements file or install step. ## Getting Started: