Infection Monkey v2.0 released: An automated pentest tool

Infection Monkey

The Infection Monkey is an open-source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Command and Control(C&C) server.

The Infection Monkey is comprised of two parts:

• Monkey – A tool which infects other machines and propagates to them
• Monkey Island – A C&C server with a dedicated UI to visualize the Chaos Monkey’s progress inside the data center

To read more about the Monkey, visit http://infectionmonkey.com

Main Features

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

• Multiple propagation techniques:
  • Predefined passwords
  • Common logical exploits
  • Password stealing using mimikatz
• Multiple exploit methods:
  • SSH
  • SMB
  • RDP
  • WMI
  • Shellshock
  • Conficker
  • SambaCry
  • Elastic Search (CVE-2015-1427)

Changelog v2.0

Added

• credentials.json file for storing Monkey Island user login information. #1206
• GET /api/propagation-credentials/<string:guid> endpoint for agents to retrieve updated credentials from the Island. #1538
• GET /api/island/ip-addresses endpoint to get IP addresses of the Island server network interfaces. #1996
• SSHCollector as a configurable System info Collector. #1606
• deployment_scrips/install-infection-monkey-service.sh to install an AppImage as a service. #1552
• The ability to download the Monkey Island logs from the Infection Map page. #1640
• POST /api/reset-agent-configuration endpoint. #2036
• POST /api/clear-simulation-data endpoint. #2036
• GET /api/registration-status endpoint. #2149
• Authentication to /api/island/version. #2109
• The ability to customize the file extension used by the ransomware payload when encrypting files. #1242
• {GET,POST} /api/agents endpoint. #2362
• GET /api/agent-signals endpoint. #2261
• GET /api/agent-logs/<uuid:agent_id> endpoint. #2274
• GET /api/machines endpoint. #2362
• {GET,POST} /api/agent-events endpoints. #2405
• GET /api/nodes endpoint. #2155, #2300, #2334
• Scrollbar to preview pane’s exploit timeline in the map page. #2455
• GET /api/agent-plugins/<string:os>/<string:type>/<string:name> endpoint. #2578, #2811
• GET /api/agent-configuration-schema endpoint. #2710
• GET /api/agent-plugins/<string:type>/<string:name>/manifest endpoint. #2786
• GET /api/agent-binaries/<string:os> endpoint. #1675, #1978
• More…

Download & Setup

Copyright (c) 2017 Guardicore Ltd

Source: https://github.com/guardicore/