Infection Monkey v1.6.3 released: An automated pentest tool
Welcome to the Infection Monkey!
The Infection Monkey is an open source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Command and Control(C&C) server.
The Infection Monkey is comprised of two parts:
- Monkey – A tool which infects other machines and propagates to them
- Monkey Island – A C&C server with a dedicated UI to visualize the Chaos Monkey’s progress inside the data center
To read more about the Monkey, visit http://infectionmonkey.com
The Infection Monkey uses the following techniques and exploits to propagate to other machines.
- Multiple propagation techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using mimikatz
- Multiple exploit methods:
- Elastic Search (CVE-2015-1427)
- The UI can now optionally be password protected. For more information check our wiki and #260
- The Monkey can now run actions after breaching the machine. For now, we’ve only implemented the option to create a disabled backdoor user. #242
- Export to AWS security hub. The monkey now knows to export security findings to the AWS security hub. #221
- We can now remotely run commands on AWS EC2 instances, giving you more methods to start a simulating breach. #259
- Attack according to host names rather than IPs #189
- We can now carry our own version of traceroute for linux machines #229
- Add option to sleep between scans #240
- The monkey now also pings machines to check if they’re alive, possibly bypassing some segmentation rules #243
- We have an experimental new attack. An MS-SQL exploiter that brute forces authentication and uses xp_cmdshell to attack. #147
Copyright (c) 2017 Guardicore Ltd