---
id: caldera-test-001
name: Get System Info
description: Collect basic system information using whoami and systeminfo commands
tactic: discovery
technique:
  attack_id: T1082
  name: System Information Discovery
platforms:
  windows:
    psh:
      command: |
        whoami /all
        systeminfo
      cleanup: ""
    cmd:
      command: |
        whoami
        systeminfo
  linux:
    sh:
      command: |
        uname -a
        cat /etc/os-release
      cleanup: ""
---
id: caldera-test-002
name: List Network Connections
description: Enumerate active network connections and listening ports
tactic: discovery
technique:
  attack_id: T1049
  name: System Network Connections Discovery
platforms:
  windows:
    psh:
      command: |
        Get-NetTCPConnection | Select-Object LocalAddress, LocalPort, RemoteAddress, RemotePort, State
      cleanup: ""
  linux:
    sh:
      command: |
        netstat -tulnp 2>/dev/null || ss -tulnp
      cleanup: ""