View Issue Details

IDProjectCategoryView StatusLast Update
0006849Kali LinuxNew Tool Requestspublic2021-03-05 13:27
Reporterprivateducky Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionsuspended 
Summary0006849: Operator. An automated adversary emulation desktop app.
Description

Name: Operator
Version: 0.9.4 is current (https://github.com/preludeorg/operator-support/releases/tag/0.9.4)
Home page: https://prelude.org
Download: https://www.prelude.org/download/current
Author: Prelude Research Inc.
License: Pasted our license below.
Description: An autonomous, intelligent hacking desktop app. This app allows you to create adversary profiles, import open-source TTPs, deploy agents/RATs against target systems and execute automated red-team activities.
Dependencies: None (this is a packaged ElectronJS app)
Similar tools: CALDERA. I (@privateducky) was the author of the MITRE CALDERA framework, which I used as inspiration for this project. It could also be compared to Metasploit, although we're targeting a more autonomous space.
Activity: This tool gets weekly updates and new releases every 6-weeks. Development started in July 2020 and the first release was October 2020.
How to install: The app is a pre-compiled ElectronJS app, so you can download and run. It is cross-platform. For Linux you simply:

sudo dpkg -i prelude-operator-0.9.4.deb

How to use:

  • Take the built-in training (capture the flag style) to learn how to use the tool
  • Deploy one of our open-source agents on any computer. This beacons back to the app.
  • Build a custom adversary profile, using the open-source TTPs included in the app. Or import your own attacks and use them.
  • Deploy your adversary against your agents to autonomously execute.
  • View a red-team report of what just happened.
  • Video tutorial: https://www.youtube.com/watch?v=uF1hpNbPoUA&feature=youtu.be
    Packaged: Yes, this tool is already packaged for Debian.

End-User License Agreement (EULA) of Prelude Operator

This End-User License Agreement ("EULA") is a legal agreement between you and Prelude Research Inc.
This EULA agreement governs your download and use of the Prelude Operator software ("Software") directly from Prelude Research, Inc.

Please read this EULA agreement carefully before completing the installation process and using the Software. It provides a license to use the Software and contains warranty information and liability disclaimers.

If you register to use the Software, This EULA agreement governs the use of the Software for all registered users, whether on a free or paid license. By installing and/or using the Software, you are confirming your acceptance of the Software and agreeing to become bound by the terms of this EULA agreement.

If you are entering into this EULA agreement on behalf of a company or other legal entity, you represent that you have the authority to bind such entity and its affiliates to these terms and conditions. If you do not have such authority or if you do not agree with the terms and conditions of this EULA agreement, do not install or use the Software, and you must not accept this EULA agreement.

This EULA agreement shall apply only to the Software supplied by Prelude Research Inc. herewith regardless of whether other software is referred to or described herein. The terms also apply to any Prelude Research, Inc. updates, supplements, Internet-based services, and support services for the Software, unless other terms accompany those items on delivery. If so, those terms apply.

License Grant

Prelude Research Inc. hereby grants you a personal, non-transferable, non-exclusive licence to use the Software on your devices in accordance with the terms of this EULA agreement.

You are permitted to load the Software (for example a PC, laptop) under your control. You are responsible for ensuring your device meets the minimum requirements of the Software.

You are not permitted to:

  • Edit, alter, modify, adapt, translate or otherwise change the whole or any part of the Software nor permit the whole or any part of the Software to be combined with or become incorporated in any other software, nor decompile, disassemble or reverse engineer the Software or attempt to do any such things
  • Reproduce, copy, distribute, resell or otherwise use the Software for any commercial purpose
  • Allow any third party to use the Software on behalf of or for the benefit of any third party
  • Use the Software in any way which breaches any applicable local, national or international law
  • Use the Software for any purpose that Prelude Research, Inc. considers is a breach of this EULA agreement

Intellectual Property and Ownership

Prelude Research, Inc. shall at all times retain ownership of the Software as originally downloaded by you and all subsequent downloads of the Software by you. The Software (and the copyright, and other intellectual property rights of whatever nature in the Software, including any modifications made thereto) are and shall remain the property of Prelude Research, Inc.

Prelude Research, Inc. reserves the right to grant licences to use the Software to third parties.

Termination

This EULA agreement is effective from the date you first use the Software and shall continue in perpetuity.

Governing Law

This EULA agreement, and any dispute arising out of or in connection with this EULA agreement, shall be governed by and construed in accordance with the laws of the United States.

Activities

g0tmi1k

g0tmi1k

2021-01-29 13:40

administrator   ~0014164

Struggling to undertand what this tool does (and how it is different to the paid option)

privateducky

privateducky

2021-01-29 13:53

reporter   ~0014170

The Prelude Operator C2 is a free (and largely open-source) command and control center, which can be installed either from https://prelude.org or via "brew install operator" (if on a MacOS).

Users can upgrade within the app itself to the paid/commercial version (if they want), although the free/open version is great for individual users.

From a comparison perspective, Operator is similar to a tool like Metasploit or Caldera, which can be used for autonomous or manual security assessments.

g0tmi1k

g0tmi1k

2021-03-05 13:26

administrator   ~0014277

Still struggling to follow why this tool over others (esp)
At this time, I don't think its for Kali.

Issue History

Date Modified Username Field Change
2020-11-19 13:41 privateducky New Issue
2021-01-29 13:40 g0tmi1k Note Added: 0014164
2021-01-29 13:53 privateducky Note Added: 0014170
2021-03-05 13:26 g0tmi1k Note Added: 0014277
2021-03-05 13:27 g0tmi1k Status new => closed
2021-03-05 13:27 g0tmi1k Resolution open => suspended