Infection Monkey v2.0 released: An automated pentest tool
Infection Monkey
The Infection Monkey is an open-source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Command and Control(C&C) server.
The Infection Monkey is comprised of two parts:
- Monkey – A tool which infects other machines and propagates to them
- Monkey Island – A C&C server with a dedicated UI to visualize the Chaos Monkey’s progress inside the data center
To read more about the Monkey, visit http://infectionmonkey.com
Main Features
The Infection Monkey uses the following techniques and exploits to propagate to other machines.
- Multiple propagation techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using mimikatz
- Multiple exploit methods:
- SSH
- SMB
- RDP
- WMI
- Shellshock
- Conficker
- SambaCry
- Elastic Search (CVE-2015-1427)
Changelog v2.0
Added
credentials.json
file for storing Monkey Island user login information. #1206GET /api/propagation-credentials/<string:guid>
endpoint for agents to retrieve updated credentials from the Island. #1538GET /api/island/ip-addresses
endpoint to get IP addresses of the Island server network interfaces. #1996- SSHCollector as a configurable System info Collector. #1606
- deployment_scrips/install-infection-monkey-service.sh to install an AppImage as a service. #1552
- The ability to download the Monkey Island logs from the Infection Map page. #1640
POST /api/reset-agent-configuration
endpoint. #2036POST /api/clear-simulation-data
endpoint. #2036GET /api/registration-status
endpoint. #2149- Authentication to
/api/island/version
. #2109 - The ability to customize the file extension used by the ransomware payload when encrypting files. #1242
{GET,POST} /api/agents
endpoint. #2362GET /api/agent-signals
endpoint. #2261GET /api/agent-logs/<uuid:agent_id>
endpoint. #2274GET /api/machines
endpoint. #2362{GET,POST} /api/agent-events
endpoints. #2405GET /api/nodes
endpoint. #2155, #2300, #2334- Scrollbar to preview pane’s exploit timeline in the map page. #2455
GET /api/agent-plugins/<string:os>/<string:type>/<string:name>
endpoint. #2578, #2811GET /api/agent-configuration-schema
endpoint. #2710GET /api/agent-plugins/<string:type>/<string:name>/manifest
endpoint. #2786GET /api/agent-binaries/<string:os>
endpoint. #1675, #1978- More…
Download & Setup
Copyright (c) 2017 Guardicore Ltd
Source: https://github.com/guardicore/