CALDERA vs Infection Monkey
GitHub Stats
About CALDERA
CALDERA is MITRE's open-source adversary emulation platform that automates attack simulations based on the ATT&CK framework. It enables red teams and purple teams to run realistic, repeatable attack chains against their infrastructure without manually executing each technique. CALDERA uses an agent-based architecture where lightweight agents (called Sandcat) are deployed on target systems and execute adversary profiles โ curated sequences of ATT&CK techniques that mimic real-world threat actors. The platform includes dozens of pre-built abilities covering reconnaissance, credential access, lateral movement, persistence, and exfiltration. Blue teams can use CALDERA to validate detection coverage by running known attack sequences and checking whether their SIEM, EDR, and monitoring tools triggered appropriate alerts. The web-based UI provides real-time visibility into operation progress and a reporting engine for gap analysis.
About Infection Monkey
Infection Monkey is an open-source adversary emulation platform developed by Guardicore (now Akamai) that automatically tests network security controls by simulating real-world attack techniques. It propagates through the network using a variety of exploitation methods, credential theft, and lateral movement techniques mapped to the MITRE ATT&CK framework, then generates detailed reports on security gaps. Security teams and red team operators use Infection Monkey to validate segmentation policies, test detection capabilities, and identify attack paths that could be exploited by real adversaries without causing actual damage. The platform runs continuous or on-demand breach simulations and provides actionable remediation recommendations, making it particularly valuable for organizations that need to validate their security posture against realistic attack scenarios.
Platform Support
Tags
CALDERA only
Infection Monkey only