Infection Monkey - data center security testing tool

(1,255 views)

The Infection Monkey is an open-source breach and attack simulation tool for testing a data center’s resiliency to perimeter breaches and internal server infection. Infection Monkey will help you validate existing security solutions and will provide a view of the internal network from an attacker’s perspective.

Infection Monkey is free and can be downloaded from our homepage.

How it works

Architecturally, Infection Monkey is comprised of two components:

  • Monkey Agent (Monkey for short) - a safe, worm-like binary program that scans, propagates, and simulates attack techniques on the local network.
  • Monkey Island Server (Island for short) - a C&C web server that provides a GUI for users and interacts with the Monkey Agents.

The user can run the Monkey Agent on the Island server machine or distribute Monkey Agent binaries on the network manually. Monkey Agents scan, propagate and simulate an attacker’s behavior on the local network based on the configuration parameters. All information gathered about the network is aggregated in the Island Server and displayed once all Monkey Agents are finished.

Results

The results of running Monkey Agents are:

  • A map that displays how much of the network an attacker can see, what services are accessible, and potential propagation routes.
  • A security report, which displays security issues that Monkey Agents discovered and/or exploited.
  • A MITRE ATT&CK report displays the information about the ATT&CK techniques that Monkey Agents tried to use.
  • A Zero Trust report displays violations of Zero Trust principles that Monkey Agents found.

A more in-depth description of reports generated can be found in the reports documentation page.

Getting Started

If you haven’t downloaded Infection Monkey yet you can do so from our homepage. After downloading the Monkey, please install it using one of our setup guides, and read our getting started guide for a quick start on Monkey!

Support and community

If you need help or want to talk all things Monkey, you can join our public Slack workspace or contact us via Email.

Screenshots

Map

Security report

Zero trust report

ATT&CK report

Main Features

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

  • Multiple propagation techniques:
    • Predefined passwords
    • Common logical exploits
    • Password stealing using Mimikatz
  • Multiple exploit methods:
    • SSH
    • SMB
    • WMI
    • Shellshock
    • Conficker
    • SambaCry
    • Elastic Search (CVE-2015-1427)
    • Weblogic server
    • and more, see our Documentation hub for more information about our RCE exploiters.

Setup

Check out the Setup page in the Wiki or a quick getting started guide.

The Infection Monkey supports a variety of platforms, documented in our documentation hub.

Building the Monkey from source

To deploy development version of monkey you should refer to readme in the deployment scripts folder or follow documentation in documentation hub.

Build status

Branch Status
Develop Build Status
Master Build Status

Tests

Unit Tests

In order to run all of the Unit Tests, run the command python -m pytest in the monkey directory.

To get a coverage report, first make sure the coverage package is installed using pip install coverage. Run the command coverage run -m unittest in the monkey directory and then coverage html. The coverage report can be found in htmlcov.index.

Blackbox tests

In order to run the Blackbox tests, refer to envs/monkey_zoo/blackbox/README.md.

License

Copyright (c) Guardicore Ltd

See the LICENSE file for license rights and limitations (GPLv3).

August 8, 2022
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.