![](\"https://i.imgur.com/a5VSkL5.gif\")
",
+ "summary": "- The PBA details in this file are reflected on the Monkey Island in the PBA configuration.\n- PBAs are also linked to the relevant MITRE techniques in this file, whose results can then be seen in the MITRE ATT&CK report on the Monkey Island.",
+ "hunksOrder": [
+ "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py_0"
+ ],
+ "tests": [],
+ "hints": [
+ "Have a look at the details of the other techniques."
+ ],
+ "play_mode": "all",
+ "swimmPatch": {
+ "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py": {
+ "diffType": "MODIFIED",
+ "fileDiffHeader": "diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py\nindex f1fe0f6f..b231f96c 100644\n--- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py\n+++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py",
+ "hunks": [
+ {
+ "swimmHunkMetadata": {
+ "hunkComments": []
+ },
+ "hunkDiffLines": [
+ "@@ -68,16 +68,7 @@",
+ " \"Removes the file afterwards.\",",
+ " \"attack_techniques\": [\"T1166\"]",
+ " },",
+ "- {",
+ "+ # Swimmer: ADD DETAILS HERE!",
+ "- \"type\": \"string\",",
+ "- \"enum\": [",
+ "- \"ScheduleJobs\"",
+ "- ],",
+ "- \"title\": \"Job scheduling\",",
+ "- \"safe\": True,",
+ "- \"info\": \"Attempts to create a scheduled job on the system and remove it.\",",
+ "- \"attack_techniques\": [\"T1168\", \"T1053\"]",
+ "- },",
+ " {",
+ " \"type\": \"string\",",
+ " \"enum\": ["
+ ]
+ }
+ ]
+ }
+ },
+ "app_version": "0.3.5-1",
+ "file_version": "1.0.4",
+ "hunksOrder": [
+ "monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py_0"
+ ],
+ "last_commit_sha_for_swimm_patch": "9d9e8168fb2c23367b9947273aa1a041687b3e2e"
+}
\ No newline at end of file
diff --git a/.swm/OwcKMnALpn7tuBaJY1US.swm b/.swm/OwcKMnALpn7tuBaJY1US.swm
new file mode 100644
index 000000000..0640f1c37
--- /dev/null
+++ b/.swm/OwcKMnALpn7tuBaJY1US.swm
@@ -0,0 +1,200 @@
+{
+ "id": "OwcKMnALpn7tuBaJY1US",
+ "name": "Add a new System Info Collector",
+ "task": {
+ "dod": "Add a system info collector that collects the machine hostname.",
+ "tests": [],
+ "hints": [
+ "First thing you should do is take a look at a different collector (like EnvironmentCollector) and 100% understand how it runs, how results are relayed back to the server, and how the server processes the data.",
+ "Try to run \"socket.getfqdn()\".",
+ "Take a look at SystemInfoCollector - that's the base class you'll need to implement.",
+ "Make sure you add the new collector to the configuration in all relevant places, including making it ON by default!"
+ ]
+ },
+ "content": [
+ {
+ "type": "text",
+ "text": "# What are system info collectors?\n\nWell, the name pretty much explains it. They are Monkey classes which collect various information regarding the victim system, such as Environment, SSH Info, Process List, Netstat and more. \n\n## What should I add? \n\nA system info collector which collects the hostname of the system.\n\n## Test manually\n\nOnce you're done, make sure that your collector:\n* Appears in the Island configuration, and is enabled by default\n* The collector actually runs when executing a Monkey.\n* Results show up in the relevant places:\n * The infection map.\n * The security report.\n * The relevant MITRE techniques.\n\n**There are a lot of hints for this unit - don't be afraid to use them!**"
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/common/common_consts/system_info_collectors_names.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " AWS_COLLECTOR = \"AwsCollector\"",
+ "*HOSTNAME_COLLECTOR = \"HostnameCollector\"",
+ "+# SWIMMER: Collector name goes here.",
+ " ENVIRONMENT_COLLECTOR = \"EnvironmentCollector\"",
+ " PROCESS_LIST_COLLECTOR = \"ProcessListCollector\"",
+ " MIMIKATZ_COLLECTOR = \"MimikatzCollector\""
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/infection_monkey/system_info/collectors/hostname_collector.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " import logging",
+ "*import socket",
+ "*",
+ "*from common.common_consts.system_info_collectors_names import HOSTNAME_COLLECTOR",
+ "*from infection_monkey.system_info.system_info_collector import SystemInfoCollector",
+ " ",
+ " logger = logging.getLogger(__name__)",
+ " ",
+ "*",
+ "+# SWIMMER: The collector class goes here.",
+ "*class HostnameCollector(SystemInfoCollector):",
+ "* def __init__(self):",
+ "* super().__init__(name=HOSTNAME_COLLECTOR)",
+ "*",
+ "* def collect(self) -> dict:",
+ "* return {\"hostname\": socket.getfqdn()}"
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, AZURE_CRED_COLLECTOR,\r",
+ "* ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,\r",
+ " MIMIKATZ_COLLECTOR, PROCESS_LIST_COLLECTOR)\r",
+ " \r",
+ " SYSTEM_INFO_COLLECTOR_CLASSES = {\r"
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/config_schema/definitions/system_info_collector_classes.py",
+ "comments": [],
+ "firstLineNumber": 37,
+ "lines": [
+ " \"info\": \"If on AWS, collects more information about the AWS instance currently running on.\",",
+ " \"attack_techniques\": [\"T1082\"]",
+ " },",
+ "* {",
+ "+ # SWIMMER: Collector config goes here. Tip: Hostname collection relates to the T1082 and T1016 techniques.",
+ "* \"type\": \"string\",",
+ "* \"enum\": [",
+ "* HOSTNAME_COLLECTOR",
+ "* ],",
+ "* \"title\": \"Hostname collector\",",
+ "* \"safe\": True,",
+ "* \"info\": \"Collects machine's hostname.\",",
+ "* \"attack_techniques\": [\"T1082\", \"T1016\"]",
+ "* },",
+ " {",
+ " \"type\": \"string\",",
+ " \"enum\": ["
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/config_schema/monkey.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, AZURE_CRED_COLLECTOR,",
+ " ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,",
+ " MIMIKATZ_COLLECTOR, PROCESS_LIST_COLLECTOR)",
+ "* HOSTNAME_COLLECTOR,",
+ " MONKEY = {",
+ " \"title\": \"Monkey\",",
+ " \"type\": \"object\","
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/config_schema/monkey.py",
+ "comments": [],
+ "firstLineNumber": 85,
+ "lines": [
+ " \"default\": [",
+ " ENVIRONMENT_COLLECTOR,",
+ " AWS_COLLECTOR,",
+ "* HOSTNAME_COLLECTOR,",
+ " PROCESS_LIST_COLLECTOR,",
+ " MIMIKATZ_COLLECTOR,",
+ " AZURE_CRED_COLLECTOR"
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/hostname.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " import logging",
+ " ",
+ "*from monkey_island.cc.models.monkey import Monkey",
+ "+# SWIMMER: This will be useful :) monkey_island.cc.models.monkey.Monkey has the useful",
+ "+# \"get_single_monkey_by_guid\" and \"set_hostname\" methods.",
+ " ",
+ " logger = logging.getLogger(__name__)",
+ " ",
+ " ",
+ "*def process_hostname_telemetry(collector_results, monkey_guid):",
+ "+# SWIMMER: Processing function goes here.",
+ "* Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results[\"hostname\"])"
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
+ "comments": [],
+ "firstLineNumber": 1,
+ "lines": [
+ " import logging\r",
+ " import typing\r",
+ " \r",
+ "*from common.common_consts.system_info_collectors_names import (AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR,\r",
+ " PROCESS_LIST_COLLECTOR)\r",
+ " from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry\r",
+ " from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import \\\r"
+ ]
+ },
+ {
+ "type": "snippet",
+ "path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
+ "comments": [],
+ "firstLineNumber": 14,
+ "lines": [
+ " SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {",
+ " AWS_COLLECTOR: [process_aws_telemetry],",
+ " ENVIRONMENT_COLLECTOR: [process_environment_telemetry],",
+ "* HOSTNAME_COLLECTOR: [process_hostname_telemetry],",
+ " PROCESS_LIST_COLLECTOR: [check_antivirus_existence]",
+ " }",
+ " "
+ ]
+ },
+ {
+ "type": "snippet",
+ "lines": [
+ " from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry\r",
+ " from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import \\\r",
+ " process_environment_telemetry\r",
+ "*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry\r",
+ " from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import check_antivirus_existence\r",
+ " \r",
+ " logger = logging.getLogger(__name__)\r"
+ ],
+ "firstLineNumber": 6,
+ "path": "monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py",
+ "comments": []
+ },
+ {
+ "type": "text",
+ "text": "System info collectors are useful to get more data for various things, such as ZT tests or MITRE techniques. Take a look at some other techniques!"
+ }
+ ],
+ "file_version": "2.0.0",
+ "meta": {
+ "app_version": "0.3.7-0",
+ "file_blobs": {}
+ }
+}
\ No newline at end of file
diff --git a/.swm/VW4rf3AxRslfT7lwaug7.swm b/.swm/VW4rf3AxRslfT7lwaug7.swm
new file mode 100644
index 000000000..7af1a816c
--- /dev/null
+++ b/.swm/VW4rf3AxRslfT7lwaug7.swm
@@ -0,0 +1,51 @@
+{
+ "id": "VW4rf3AxRslfT7lwaug7",
+ "name": "Implement a new PBA — `ScheduleJobs`",
+ "dod": "You should implement a new PBA in Monkey which schedules jobs on the machine.",
+ "description": "You need to implement the `ScheduleJobs` PBA which creates scheduled jobs on the machine. ![](\"https://media.giphy.com/media/l0K4mVE5b5WZ1sctW/giphy.gif\")
![](\"https://firebasestorage.googleapis.com/v0/b/swimmio-content/o/repositories%2F6Nlb99NtY5Fc3bSd8suH%2Fimg%2Ff0e53e6c-9dbe-41d8-9454-2b5761c3f53a.png?alt=media&token=21aa4bb8-7ebe-4dab-a739-c77e059144dd\")
\n![](\"https://firebasestorage.googleapis.com/v0/b/swimmio-content/o/repositories%2F6Nlb99NtY5Fc3bSd8suH%2Fimg%2F528389a0-35c8-4380-b6e2-353068ed01e4.png?alt=media&token=08767f55-86e2-4f51-8ecf-13fd6cc25ad5\")
",
+ "summary": "Many other PBAs are as simple as this one, using shell commands or scripts — see `Timestomping` and `AccountDiscovery`. "
+ },
+ {
+ "firstLineNumber": 5,
+ "path": "monkey/common/common_consts/post_breach_consts.py",
+ "type": "snippet",
+ "lines": [
+ " POST_BREACH_HIDDEN_FILES = \"Hide files and directories\"",
+ " POST_BREACH_TRAP_COMMAND = \"Execute command when a particular signal is received\"",
+ " POST_BREACH_SETUID_SETGID = \"Setuid and Setgid\"",
+ "*POST_BREACH_JOB_SCHEDULING = \"Schedule jobs\"",
+ "+# Swimmer: PUT THE NEW CONST HERE!",
+ " POST_BREACH_TIMESTOMPING = \"Modify files' timestamps\"",
+ " POST_BREACH_SIGNED_SCRIPT_PROXY_EXEC = \"Signed script proxy execution\"",
+ " POST_BREACH_ACCOUNT_DISCOVERY = \"Account discovery\""
+ ],
+ "comments": []
+ },
+ {
+ "type": "text",
+ "text": "- The name defined here for your PBA can be seen on the Monkey Island in the PBA section in the Security report.\n- The results of each PBA stored in the telemetry are also identified by the string defined here for that PBA."
+ }
+ ],
+ "file_version": "2.0.0",
+ "meta": {
+ "app_version": "0.3.7-0",
+ "file_blobs": {
+ "monkey/common/common_consts/post_breach_consts.py": "25e6679cb1623aae1a732deb05cc011a452743e3"
+ }
+ }
+}
\ No newline at end of file
diff --git a/.travis.yml b/.travis.yml
index d1178458b..8ac8db204 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -16,11 +16,15 @@ python:
os: linux
+before_install:
+# Init server_config.json to default
+- cp monkey/monkey_island/cc/server_config.json.default monkey/monkey_island/cc/server_config.json
+
install:
# Python
- pip freeze
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
-- pip install flake8 pytest dlint isort # for next stages
+- pip install flake8 pytest pytest-cov dlint isort # for next stages
- pip install coverage # for code coverage
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests
- pip install pipdeptree
@@ -48,42 +52,33 @@ install:
# print hugo version (useful for debugging documentation build errors)
- hugo version
-before_script:
-# Set the server config to `testing`. This is required for for the UTs to pass.
-- python monkey/monkey_island/cc/set_server_config.py testing
-
script:
# Check Python code
## Check syntax errors and fail the build if any are found.
-- flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics
+- flake8 ./monkey --config=./ci_scripts/flake8_syntax_check.ini
## Warn about linter issues.
### --exit-zero forces Flake8 to use the exit status code 0 even if there are errors, which means this will NOT fail the build.
-### --count will print the total number of errors.
-### --statistics Count the number of occurrences of each error/warning code and print a report.
### The output is redirected to a file.
-- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics > flake8_warnings.txt
+- flake8 ./monkey --exit-zero --config=./ci_scripts/flake8_linter_check.ini > ./ci_scripts/flake8_warnings.txt
## Display the linter issues
-- cat flake8_warnings.txt
+- cat ./ci_scripts/flake8_warnings.txt
## Make sure that we haven't increased the amount of warnings.
-- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120
-- if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
+- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=80
+- if [ $(tail -n 1 ./ci_scripts/flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi
## Check import order
-- python -m isort . -c -p common -p infection_monkey -p monkey_island
+- python -m isort ./monkey --settings-file ./ci_scripts/isort.cfg
-## Run unit tests
+## Run unit tests and generate coverage data
- cd monkey # This is our source dir
-- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
-
-## Calculate Code Coverage
-- coverage run -m pytest
+- python -m pytest --cov=. # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
# Check JS code. The npm install must happen AFTER the flake8 because the node_modules folder will cause a lot of errors.
- cd monkey_island/cc/ui
- npm ci # See https://docs.npmjs.com/cli/ci.html
- eslint ./src --quiet # Test for errors
-- JS_WARNINGS_AMOUNT_UPPER_LIMIT=28
+- JS_WARNINGS_AMOUNT_UPPER_LIMIT=7
- eslint ./src --max-warnings $JS_WARNINGS_AMOUNT_UPPER_LIMIT # Test for max warnings
# Build documentation
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 08a78a815..0f1131b65 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -8,7 +8,7 @@ Please try to be as specific as you can about your problem; try to include steps
to reproduce. While we'll try to help anyway, focusing us will help us help you faster.
If you want to contribute new code or fix bugs, please read the following sections. You can also contact us (the
-maintainers of this project) at our [Slack channel](https://join.slack.com/t/infectionmonkey/shared_invite/enQtNDU5MjAxMjg1MjU1LTM2ZTg0ZDlmNWNlZjQ5NDI5NTM1NWJlYTRlMGIwY2VmZGMxZDlhMTE2OTYwYmZhZjM1MGZhZjA2ZjI4MzA1NDk).
+maintainers of this project) at our [Slack channel](https://infectionmonkey.slack.com/join/shared_invite/enQtNDU5MjAxMjg1MjU1LWM0NjVmNWE2ZTMzYzAxOWJiYmMxMzU0NWU3NmUxYjcyNjk0YWY2MDkwODk4NGMyNDU4NzA4MDljOWNmZWViNDU).
## Submitting Issues
* **Do** write a detailed description of your bug and use a descriptive title.
diff --git a/LICENSE b/LICENSE
index 94a9ed024..52c6a0280 100644
--- a/LICENSE
+++ b/LICENSE
@@ -5,6 +5,9 @@
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
+ This product includes software developed by SecureAuth Corporation
+ (https://www.secureauth.com/).
+
Preamble
The GNU General Public License is a free, copyleft license for
diff --git a/ci_scripts/.gitignore b/ci_scripts/.gitignore
new file mode 100644
index 000000000..67f93fcdc
--- /dev/null
+++ b/ci_scripts/.gitignore
@@ -0,0 +1,2 @@
+./validation-env
+./flake8_warnings.txt
diff --git a/ci_scripts/README.md b/ci_scripts/README.md
new file mode 100644
index 000000000..09330d298
--- /dev/null
+++ b/ci_scripts/README.md
@@ -0,0 +1,8 @@
+# About
+
+Run this script to validate your code locally and auto fix/format the problems before pushing.
+
+# Usage
+
+You've got to manually download swimm for swimm validation.
+run from `infection_monkey` directory: `powershell .\ci_scripts\validate.ps1`
diff --git a/ci_scripts/flake8_linter_check.ini b/ci_scripts/flake8_linter_check.ini
new file mode 100644
index 000000000..b8daeaf70
--- /dev/null
+++ b/ci_scripts/flake8_linter_check.ini
@@ -0,0 +1,15 @@
+[flake8]
+## Warn about linter issues.
+
+exclude = ../monkey/monkey_island/cc/ui,
+ ../monkey/common/cloud
+show-source = True
+max-complexity = 10
+max-line-length = 127
+
+### --statistics Count the number of occurrences of each error/warning code and print a report.
+statistics = True
+
+### --count will print the total number of errors.
+count = True
+
diff --git a/ci_scripts/flake8_syntax_check.ini b/ci_scripts/flake8_syntax_check.ini
new file mode 100644
index 000000000..969379326
--- /dev/null
+++ b/ci_scripts/flake8_syntax_check.ini
@@ -0,0 +1,15 @@
+[flake8]
+
+## Check syntax errors and fail the build if any are found.
+exclude =
+ ../monkey/monkey_island/cc/ui,
+ ../monkey/common/cloud
+select =
+ E901,
+ E999,
+ F821,
+ F822,
+ F823
+count = True
+show-source = True
+statistics = True
diff --git a/ci_scripts/install_requirements.ps1 b/ci_scripts/install_requirements.ps1
new file mode 100644
index 000000000..de42d8599
--- /dev/null
+++ b/ci_scripts/install_requirements.ps1
@@ -0,0 +1,5 @@
+python -m venv validation-env
+.\validation-env\Scripts\activate.ps1
+python -m pip install -r .\requirements.txt
+npm i -g eslint
+deactivate
diff --git a/ci_scripts/isort.cfg b/ci_scripts/isort.cfg
new file mode 100644
index 000000000..d8651febd
--- /dev/null
+++ b/ci_scripts/isort.cfg
@@ -0,0 +1,6 @@
+[isort]
+
+# Possible options: https://pycqa.github.io/isort/docs/configuration/options/
+
+known_first_party=common,infection_monkey,monkey_island
+skip=monkey/common/cloud/scoutsuite,monkey/monkey_island/cc/services/zero_trust/scoutsuite/data_parsing/rule_path_building/rule_path_creators_list.py,monkey/monkey_island/cc/ui,monkey/common/cloud/scoutsuite
diff --git a/ci_scripts/requirements.txt b/ci_scripts/requirements.txt
new file mode 100644
index 000000000..2b7db1909
--- /dev/null
+++ b/ci_scripts/requirements.txt
@@ -0,0 +1,6 @@
+flake8
+pytest
+dlint
+isort
+coverage
+black
diff --git a/ci_scripts/validate.ps1 b/ci_scripts/validate.ps1
new file mode 100644
index 000000000..d85da6a2a
--- /dev/null
+++ b/ci_scripts/validate.ps1
@@ -0,0 +1,39 @@
+.\ci_scripts\validation-env\Scripts\activate.ps1
+$ErrorActionPreference = "Stop"
+python -m pip install -r monkey/monkey_island/requirements.txt
+python -m pip install -r monkey/infection_monkey/requirements.txt
+flake8 ./monkey --config ./ci_scripts/flake8_syntax_check.cfg
+flake8 ./monkey --exit-zero --config ./ci_scripts/flake8_linter_check.cfg | Out-File -FilePath .\ci_scripts\flake8_warnings.txt
+Get-Content -Path .\ci_scripts\flake8_warnings.txt
+$PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT = 80
+if ((Get-Item -Path .\ci_scripts\flake8_warnings.txt | Get-Content -Tail 1) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT){
+ "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. "
+ exit
+}
+python -m isort ./monkey -c --settings-file ./ci_scripts/isort.cfg
+if (!$?) {
+ $confirmation = Read-Host "Isort found errors. Do you want to attmpt to fix them automatically? (y/n)"
+ if ($confirmation -eq 'y') {
+ python -m isort ./monkey --settings-file ./ci_scripts/isort.cfg
+ }
+}
+Push-Location -Path ./monkey
+python ./monkey_island/cc/environment/set_server_config.py testing
+python -m pytest
+$lastCommandSucceeded = $?
+python ./monkey_island/cc/environment/set_server_config.py restore
+Pop-Location
+
+if (!$lastCommandSucceeded) {
+ exit
+}
+
+Push-Location -Path .\monkey\monkey_island\cc\ui
+eslint ./src -c ./.eslintrc
+Pop-Location
+
+swimm verify
+
+Write-Host "Script finished. Press any key to continue"
+$null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown');
+deactivate
diff --git a/codecov.yml b/codecov.yml
new file mode 100644
index 000000000..190044367
--- /dev/null
+++ b/codecov.yml
@@ -0,0 +1,2 @@
+fixes:
+ - "::monkey/"
diff --git a/deployment_scripts/README.md b/deployment_scripts/README.md
index 16b150852..4ee91b5b4 100644
--- a/deployment_scripts/README.md
+++ b/deployment_scripts/README.md
@@ -39,6 +39,7 @@ Your user must have root permissions; however, don't run the script as root!
```sh
wget https://raw.githubusercontent.com/guardicore/monkey/develop/deployment_scripts/deploy_linux.sh
+chmod u+x ./deploy_linux.sh
```
This will download our deploy script. It's a good idea to read it quickly before executing it!
@@ -52,4 +53,13 @@ After downloading that script, execute it in a shell. The first argument should
- `./deploy_linux.sh "" "master"` (deploys master branch in script directory)
- `./deploy_linux.sh "/home/user/new" "master"` (if directory "new" is not found creates it and clones master branch into it)
-You may also pass in an optional third `false` parameter to disable downloading the latest agent binaries.
\ No newline at end of file
+You may also pass in an optional third `false` parameter to disable downloading the latest agent binaries.
+
+### Run on Linux
+
+After the `deploy_linux.sh` script completes, you can start the monkey island.
+
+```sh
+cd infection_monkey/monkey
+./monkey_island/linux/run.sh
+```
diff --git a/deployment_scripts/config b/deployment_scripts/config
index bda54e390..cad04a01c 100644
--- a/deployment_scripts/config
+++ b/deployment_scripts/config
@@ -4,41 +4,42 @@ export MONKEY_FOLDER_NAME="infection_monkey"
# Url of public git repository that contains monkey's source code
export MONKEY_GIT_URL="https://github.com/guardicore/monkey"
-get_latest_release() {
- curl --silent "https://api.github.com/repos/$1/releases/latest" | # Get latest release from GitHub API
- grep '"tag_name":' | # Get tag line
- sed -E 's/.*"([^"]+)".*/\1/' # Pluck JSON value
+exists() {
+ command -v "$1" >/dev/null 2>&1
}
-MONKEY_LATEST_RELEASE=$(get_latest_release "monkey/guardicore")
+get_latest_release() {
+ RELEASE_URL="https://api.github.com/repos/$1/releases/latest"
+
+ if exists wget; then
+ RELEASE_INFO=$(wget --quiet -O - "$RELEASE_URL") # Get latest release from GitHub API
+ else
+ RELEASE_INFO=$(curl --silent "$RELEASE_URL") # Get latest release from GitHub API
+ fi
+
+ echo "$RELEASE_INFO" |
+ grep '"tag_name":' | # Get tag line
+ sed -E 's/.*"([^"]+)".*/\1/' # Pluck JSON value
+}
+
+MONKEY_LATEST_RELEASE=$(get_latest_release "guardicore/monkey")
# Monkey binaries
-LINUX_32_BINARY_NAME="monkey-linux-32"
-LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-linux-32"
-export LINUX_32_BINARY_URL
-export LINUX_32_BINARY_NAME
+export LINUX_32_BINARY_NAME="monkey-linux-32"
+export LINUX_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-linux-32"
-LINUX_64_BINARY_NAME="monkey-linux-64"
-LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-linux-64"
-export LINUX_64_BINARY_URL
-export LINUX_64_BINARY_NAME
+export LINUX_64_BINARY_NAME="monkey-linux-64"
+export LINUX_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-linux-64"
-WINDOWS_32_BINARY_NAME="monkey-windows-32.exe"
-WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-windows-32.exe"
-export WINDOWS_32_BINARY_URL
-export WINDOWS_32_BINARY_NAME
+export WINDOWS_32_BINARY_NAME="monkey-windows-32.exe"
+export WINDOWS_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-windows-32.exe"
-WINDOWS_64_BINARY_NAME="monkey-windows-64.exe"
-WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/monkey-windows-64.exe"
-export WINDOWS_64_BINARY_URL
-export WINDOWS_64_BINARY_NAME
+export WINDOWS_64_BINARY_NAME="monkey-windows-64.exe"
+export WINDOWS_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/monkey-windows-64.exe"
# Other binaries for monkey
-TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/traceroute64"
-export TRACEROUTE_64_BINARY_URL
-TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/traceroute32"
-export TRACEROUTE_32_BINARY_URL
-SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/sc_monkey_runner64.so"
-export SAMBACRY_64_BINARY_URL
-SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$($MONKEY_LATEST_RELEASE)/sc_monkey_runner32.so"
-export SAMBACRY_32_BINARY_URL
+export TRACEROUTE_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/traceroute64"
+export TRACEROUTE_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/traceroute32"
+
+export SAMBACRY_64_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/sc_monkey_runner64.so"
+export SAMBACRY_32_BINARY_URL="https://github.com/guardicore/monkey/releases/download/$MONKEY_LATEST_RELEASE/sc_monkey_runner32.so"
diff --git a/deployment_scripts/config.ps1 b/deployment_scripts/config.ps1
index 21b9beca6..d140eb711 100644
--- a/deployment_scripts/config.ps1
+++ b/deployment_scripts/config.ps1
@@ -30,6 +30,7 @@ $TRACEROUTE_32_BINARY_URL = $MONKEY_DOWNLOAD_URL + "traceroute32"
# Other directories and paths ( most likely you dont need to configure)
$MONKEY_ISLAND_DIR = Join-Path "\monkey" -ChildPath "monkey_island"
$MONKEY_DIR = Join-Path "\monkey" -ChildPath "infection_monkey"
+$SCOUTSUITE_DIR = Join-Path "\monkey" "common" "cloud" "scoutsuite"
$SAMBA_BINARIES_DIR = Join-Path -Path $MONKEY_DIR -ChildPath "\bin"
$TEMP_PYTHON_INSTALLER = ".\python.exe"
$TEMP_MONGODB_ZIP = ".\mongodb.zip"
diff --git a/deployment_scripts/deploy_linux.sh b/deployment_scripts/deploy_linux.sh
index d13478018..408aa3148 100755
--- a/deployment_scripts/deploy_linux.sh
+++ b/deployment_scripts/deploy_linux.sh
@@ -10,7 +10,7 @@ is_root() {
has_sudo() {
# 0 true, 1 false
- timeout 1 sudo id && return 0 || return 1
+ return $(sudo -nv > /dev/null 2>&1)
}
handle_error() {
@@ -23,6 +23,11 @@ log_message() {
echo -e "DEPLOYMENT SCRIPT: $1"
}
+if is_root; then
+ log_message "Please don't run this script as root"
+ exit 1
+fi
+
config_branch=${2:-"develop"}
config_url="https://raw.githubusercontent.com/guardicore/monkey/${config_branch}/deployment_scripts/config"
@@ -62,14 +67,9 @@ ISLAND_BINARIES_PATH="$ISLAND_PATH/cc/binaries"
INFECTION_MONKEY_DIR="$monkey_home/monkey/infection_monkey"
MONKEY_BIN_DIR="$INFECTION_MONKEY_DIR/bin"
-if is_root; then
- log_message "Please don't run this script as root"
- exit 1
-fi
-
-HAS_SUDO=$(has_sudo)
-if [[ ! $HAS_SUDO ]]; then
- log_message "You need root permissions for some of this script operations. Quiting."
+if ! has_sudo; then
+ log_message "You need root permissions for some of this script operations. \
+Run \`sudo -v\`, enter your password, and then re-run this script."
exit 1
fi
@@ -110,13 +110,16 @@ if [[ ${python_cmd} == "" ]]; then
log_message "Python 3.7 command not found. Installing python 3.7."
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
- sudo apt install python3.7 python3.7-dev
+ sudo apt-get install -y python3.7 python3.7-dev
log_message "Python 3.7 is now available with command 'python3.7'."
python_cmd="python3.7"
fi
log_message "Installing build-essential"
-sudo apt install build-essential
+sudo apt-get install -y build-essential
+
+log_message "Installing python3-distutils"
+sudo apt-get install -y python3-distutils
log_message "Installing or updating pip"
# shellcheck disable=SC2086
@@ -134,11 +137,10 @@ requirements_island="$ISLAND_PATH/requirements.txt"
${python_cmd} -m pip install -r "${requirements_island}" --user --upgrade || handle_error
log_message "Installing monkey requirements"
-sudo apt-get install libffi-dev upx libssl-dev libc++1
+sudo apt-get install -y libffi-dev upx libssl-dev libc++1
requirements_monkey="$INFECTION_MONKEY_DIR/requirements.txt"
${python_cmd} -m pip install -r "${requirements_monkey}" --user --upgrade || handle_error
-
agents=${3:-true}
# Download binaries
if [ "$agents" = true ] ; then
@@ -162,15 +164,19 @@ chmod a+x "$ISLAND_BINARIES_PATH/$LINUX_64_BINARY_NAME"
# If a user haven't installed mongo manually check if we can install it with our script
if ! exists mongod; then
+ log_message "Installing libcurl4"
+ sudo apt-get install -y libcurl4
+
log_message "Installing MongoDB"
"${ISLAND_PATH}"/linux/install_mongo.sh ${MONGO_PATH} || handle_error
fi
log_message "Installing openssl"
-sudo apt-get install openssl
+sudo apt-get install -y openssl
# Generate SSL certificate
log_message "Generating certificate"
+chmod u+x "${ISLAND_PATH}"/linux/create_certificate.sh
"${ISLAND_PATH}"/linux/create_certificate.sh ${ISLAND_PATH}/cc
# Update node
diff --git a/deployment_scripts/deploy_windows.ps1 b/deployment_scripts/deploy_windows.ps1
index 3a57e9dcb..85a3f0698 100644
--- a/deployment_scripts/deploy_windows.ps1
+++ b/deployment_scripts/deploy_windows.ps1
@@ -115,6 +115,9 @@ function Deploy-Windows([String] $monkey_home = (Get-Item -Path ".\").FullName,
"Installing python packages for monkey"
$monkeyRequirements = Join-Path -Path $monkey_home -ChildPath $MONKEY_DIR | Join-Path -ChildPath "\requirements.txt"
& python -m pip install --user -r $monkeyRequirements
+ "Installing python packages for ScoutSuite"
+ $scoutsuiteRequirements = Join-Path -Path $monkey_home -ChildPath $SCOUTSUITE_DIR | Join-Path -ChildPath "\requirements.txt"
+ & python -m pip install --user -r $scoutsuiteRequirements
$user_python_dir = cmd.exe /c 'py -m site --user-site'
$user_python_dir = Join-Path (Split-Path $user_python_dir) -ChildPath "\Scripts"
diff --git a/docs/content/FAQ/_index.md b/docs/content/FAQ/_index.md
index 5e0ef505e..2d46310cd 100644
--- a/docs/content/FAQ/_index.md
+++ b/docs/content/FAQ/_index.md
@@ -5,10 +5,11 @@ draft: false
pre: " "
---
-Here are some of the most common questions we receive about the Infection Monkey. If the answer you’re looking for isn’t here, talk with us [on our Slack channel](https://infectionmonkey.slack.com/), email us at [support@infectionmonkey.com](mailto:support@infectionmonkey.com) or [open an issue on GitHub](https://github.com/guardicore/monkey).
+Here are some of the most common questions we receive about the Infection Monkey. If the answer you're looking for isn't here, talk with us [on our Slack channel](https://infectionmonkey.slack.com/join/shared_invite/enQtNDU5MjAxMjg1MjU1LWM0NjVmNWE2ZTMzYzAxOWJiYmMxMzU0NWU3NmUxYjcyNjk0YWY2MDkwODk4NGMyNDU4NzA4MDljOWNmZWViNDU), email us at [support@infectionmonkey.com](mailto:support@infectionmonkey.com) or [open an issue on GitHub](https://github.com/guardicore/monkey).
-- [Where can I get the latest Monkey version? 📰](#where-can-i-get-the-latest-monkey-version)
+- [Where can I get the latest Monkey version?](#where-can-i-get-the-latest-monkey-version)
- [How long does a single Monkey run for? Is there a time limit?](#how-long-does-a-single-monkey-run-for-is-there-a-time-limit)
+- [How to reset the password?](#how-to-reset-the-password)
- [Should I run the Monkey continuously?](#should-i-run-the-monkey-continuously)
- [Which queries does Monkey perform to the Internet exactly?](#which-queries-does-monkey-perform-to-the-internet-exactly)
- [Where can I find the log files of the Monkey and the Monkey Island, and how can I read them?](#where-can-i-find-the-log-files-of-the-monkey-and-the-monkey-island-and-how-can-i-read-them)
@@ -16,16 +17,16 @@ Here are some of the most common questions we receive about the Infection Monkey
- [Monkey agent](#monkey-agent)
- [Running the Monkey in a production environment](#running-the-monkey-in-a-production-environment)
- [How much of a footprint does the Monkey leave?](#how-much-of-a-footprint-does-the-monkey-leave)
- - [What’s the Monkey’s impact on system resources usage?](#whats-the-monkeys-impact-on-system-resources-usage)
- - [Is it safe to use real passwords and usernames in the Monkey’s configuration?](#is-it-safe-to-use-real-passwords-and-usernames-in-the-monkeys-configuration)
+ - [What's the Monkey's impact on system resources usage?](#whats-the-monkeys-impact-on-system-resources-usage)
+ - [Is it safe to use real passwords and usernames in the Monkey's configuration?](#is-it-safe-to-use-real-passwords-and-usernames-in-the-monkeys-configuration)
- [How do you store sensitive information on Monkey Island?](#how-do-you-store-sensitive-information-on-monkey-island)
- [How stable are the exploitations used by the Monkey? Will the Monkey crash my systems with its exploits?](#how-stable-are-the-exploitations-used-by-the-monkey-will-the-monkey-crash-my-systems-with-its-exploits)
-- [After I’ve set up Monkey Island, how can I execute the Monkey?](#after-ive-set-up-monkey-island-how-can-i-execute-the-monkey)
+- [After I've set up Monkey Island, how can I execute the Monkey?](#after-ive-set-up-monkey-island-how-can-i-execute-the-monkey)
- [How can I make the monkey propagate “deeper” into the network?](#how-can-i-make-the-monkey-propagate-deeper-into-the-network)
- [The report returns a blank screen](#the-report-returns-a-blank-screen)
-- [How can I get involved with the project? 👩💻👨💻](#how-can-i-get-involved-with-the-project)
+- [How can I get involved with the project?](#how-can-i-get-involved-with-the-project)
-## Where can I get the latest Monkey version? 📰
+## Where can I get the latest Monkey version?
For the latest **stable** release for users, visit [our downloads page](https://www.guardicore.com/infectionmonkey/#download). **This is the recommended and supported version**!
@@ -35,6 +36,23 @@ If you want to see what has changed between versions, refer to the [releases pag
The Monkey shuts off either when it can't find new victims, or when it has exceeded the quota of victims as defined in the configuration.
+## How to reset the password?
+
+On your first access of Monkey Island server, you'll be prompted to create an account. If you forgot the credentials you
+ entered or just want to change them, you need to manually alter the `server_config.json` file. On Linux, this file is
+ located on `/var/monkey/monkey_island/cc/server_config.json`. On windows, it's based on your install directory (typically
+ `C:\Program Files\Guardicore\Monkey Island\monkey_island\cc\server_config.json`). Reset the contents of this file
+ leaving the **deployment option unchanged** (it might be "vmware" or "linux" in your case):
+
+```json
+{
+ "server_config": "password",
+ "deployment": "windows"
+}
+```
+ Then reset the Island process (`sudo systemctl restart monkey-island.service` for linux, restart program for windows).
+ Finally, go to the Island's URL and create a new account.
+
## Should I run the Monkey continuously?
Yes! This will allow you to verify that no new security issues were identified by the Monkey since the last time you ran it.
@@ -59,7 +77,7 @@ The Monkey performs queries out to the Internet on two separate occasions:
### Monkey Island
-The Monkey Island’s log file can be downloaded directly from the UI. Click the “log” section and choose “Download Monkey Island internal logfile”, like so:
+The Monkey Island's log file can be downloaded directly from the UI. Click the “log” section and choose “Download Monkey Island internal logfile”, like so:
@@ -80,7 +98,7 @@ The Monkey log file can be found in the following paths on machines where it was
- Path on Linux: `/tmp/user-1563`
- Path on Windows: `%temp%\\~df1563.tmp`
-The logs contain information about the internals of the Monkey’s execution. The log will contain entries like these ones for example:
+The logs contain information about the internals of the Monkey's execution. The log will contain entries like these ones for example:
```log
2019-07-22 19:16:44,228 [77598:140654230214464:INFO] main.main.116: >>>>>>>>>> Initializing monkey (InfectionMonkey): PID 77598 <<<<<<<<<<
@@ -106,13 +124,13 @@ The Monkey leaves hardly any trace on the target system. It will leave:
- Path on Linux: `/tmp/user-1563`
- Path on Windows: `%temp%\\~df1563.tmp`
-### What’s the Monkey’s impact on system resources usage?
+### What's the Monkey's impact on system resources usage?
The Infection Monkey uses less than single-digit percent of CPU time and very low RAM usage. For example, on a single-core Windows Server machine, the Monkey consistently uses 0.06% CPU, less than 80MB of RAM and a small amount of I/O periodically.
If you do experience any performance issues please let us know on [our Slack channel](https://infectionmonkey.slack.com/) or via [opening an issue on GitHub](https://github.com/guardicore/monkey).
-### Is it safe to use real passwords and usernames in the Monkey’s configuration?
+### Is it safe to use real passwords and usernames in the Monkey's configuration?
Absolutely! User credentials are stored encrypted in the Monkey Island server. This information is then accessible only to users that have access to the Island.
@@ -120,7 +138,7 @@ We advise to limit access to the Monkey Island server by following our [password
### How do you store sensitive information on Monkey Island?
-Sensitive data such as passwords, SSH keys and hashes are stored on the Monkey Island’s database in an encrypted fashion. This data is transmitted to the Infection Monkeys in an encrypted fashion (HTTPS) and is not stored locally on the victim machines.
+Sensitive data such as passwords, SSH keys and hashes are stored on the Monkey Island's database in an encrypted fashion. This data is transmitted to the Infection Monkeys in an encrypted fashion (HTTPS) and is not stored locally on the victim machines.
When you reset the Monkey Island configuration, the Monkey Island wipes the information.
@@ -128,9 +146,9 @@ When you reset the Monkey Island configuration, the Monkey Island wipes the info
The Monkey does not use any exploits or attacks that may impact the victim system.
-This means we avoid using some very strong (and famous) exploits such as [EternalBlue](https://www.guardicore.com/2017/05/detecting-mitigating-wannacry-copycat-attacks-using-guardicore-centra-platform/). This exploit was used in WannaCry and NotPetya with huge impact. But because it may crash a production system, we aren’t using it.
+This means we avoid using some very strong (and famous) exploits such as [EternalBlue](https://www.guardicore.com/2017/05/detecting-mitigating-wannacry-copycat-attacks-using-guardicore-centra-platform/). This exploit was used in WannaCry and NotPetya with huge impact. But because it may crash a production system, we aren't using it.
-## After I’ve set up Monkey Island, how can I execute the Monkey?
+## After I've set up Monkey Island, how can I execute the Monkey?
See our detailed [getting started](../content/usage/getting-started) guide.
@@ -149,6 +167,14 @@ This is sometimes caused when Monkey Island is installed with an old version of
- **Linux**: First, uninstall the current version with `sudo apt uninstall mongodb` and then install the latest version using the [official mongodb manual](https://docs.mongodb.com/manual/administration/install-community/).
- **Windows**: First, remove the MongoDB binaries from the `monkey\monkey_island\bin\mongodb` folder. Download and install the latest version of mongodb using the [official mongodb manual](https://docs.mongodb.com/manual/administration/install-community/). After installation is complete, copy the files from the `C:\Program Files\MongoDB\Server\4.2\bin` folder to the `monkey\monkey_island\bin\mongodb folder`. Try to run the Island again and everything should work.
-## How can I get involved with the project? 👩💻👨💻
+## How can I get involved with the project?
The Monkey is an open-source project, and we weclome contributions and contributors. Check out the [contribution documentation](../development) for more information.
+
+## About the project 🐵
+
+### How did you come up with the Infection Monkey?
+
+Oddly enough, the idea of proactively breaking the network to test its survival wasn't born in the security industry. In 2011, the streaming giant Netflix released Chaos Monkey, a tool that was designed to randomly disable the company's production servers to verify they could survive network failures without any customer impact. Netflix's Chaos Monkey became a popular network resilience tool, breaking the network in a variety of failure modes, including connectivity issues, invalid SSL certificates and randomly deleting VMs.
+
+Inspired by this concept, Guardicore Labs developed its own attack simulator - Infection Monkey - to run non-intrusively within existing production environments. The idea was to test the resiliency of modern data centers against attack and give security teams the insights they need to make informed decisions and enforce tighter security policies. Since its launch in 2017 (?) the Infection Monkey has been used by hundreds of information technology teams from across the world to find weaknesses in their on-premises and cloud-based data centers.
diff --git a/docs/content/development/_index.md b/docs/content/development/_index.md
index deab32e6c..236c7c3cd 100644
--- a/docs/content/development/_index.md
+++ b/docs/content/development/_index.md
@@ -13,31 +13,31 @@ Want to help secure networks? That's great!
## How should I start?
-Here's a few short links to help you get started.
+Here are a few short links to help you get started:
-* [Getting up and running](../setup-development-environment) - To help you get a working development setup.
-* [Contributing guidelines](https://github.com/guardicore/monkey/blob/master/CONTRIBUTING.md) - Some guidelines to help you submit.
+* [Getting up and running](./setup-development-environment) - These instructions will help you get a working development setup.
+* [Contributing guidelines](https://github.com/guardicore/monkey/blob/master/CONTRIBUTING.md) - These guidelines will help you submit.
## What are we looking for?
-You can take a look at [our roadmap](https://github.com/guardicore/monkey/projects/5) to see what issues we're thinking about doing soon. We are looking for:
+You can take a look at [our roadmap](https://github.com/guardicore/monkey/projects/5) to see what issues we're thinking about tackling soon. We are always looking for:
### More exploits! 💥
-The best way to find weak spots in the network is by attacking it. The [Exploit template](https://github.com/guardicore/monkey/wiki/Exploit-templates) page will help you add exploits.
+The best way to find weak spots in a network is by attacking it. The [exploit template](https://github.com/guardicore/monkey/wiki/Exploit-templates) page will help you add exploits.
-It's important to note that the Infection Monkey must be perfectly reliable otherwise no one will use it, so avoid memory corruption exploits _unless they're rock solid_ and focus on the logical vulns such as Shellshock.
+It's important to note that the Infection Monkey must be absolutely reliable. Otherwise, no one will use it, so avoid memory corruption exploits unless they're rock solid and focus on the logical vulns such as Shellshock.
### Analysis plugins 🔬
-Successfully attacking every server in the network is no good unless the Monkey can explain how to prevent the attack. Whether it's detecting when the Monkey is using stolen credentials or when the Monkey can escape locked down networks, this is the part that actually helps secure different parts.
+Successfully attacking every server in the network has little value if the Infection Monkey can't provide recommendations for reducing future risk. Whether it's explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey's activities into actionable next steps for improving security.
### Better code 💪
-We always want to improve the core Monkey code, to make it smaller, faster and more reliable. If you have an idea of how to do it, or just want to modularise/improve test coverage for the code, do share!
+We always want to improve the core Infection Monkey code to make it smaller, faster and more reliable. Please share if you have an idea that will help us meet these goals or modularize/improve test coverage.
### Documentation 📚
-Every project requires better documentation. The Monkey is no different, so feel free to open PRs with suggestions, improvements or issues asking us to document different parts of the Monkey.
+Every project requires excellent documentation. The Infection Monkey is no different. Please feel free to open pull requests with suggestions, improvements or issues and asking us to document various parts of the Monkey.
-The Monkey's documentation is stored in the `/docs/content` directory.
+The Infection Monkey's documentation is stored in the `/docs/content` directory.
diff --git a/docs/content/development/add-zero-trust-test.md b/docs/content/development/add-zero-trust-test.md
index d43dcacef..61b3a427c 100644
--- a/docs/content/development/add-zero-trust-test.md
+++ b/docs/content/development/add-zero-trust-test.md
@@ -5,22 +5,22 @@ draft: false
weight: 100
---
-## How to add a new Zero Trust test to the Monkey?
+## How do I add a new Zero Trust test to the Monkey?
-Assuming the Monkey agent is already sending the relevant telemetry, you'll need to add the test in two places.
+Assuming the Infection Monkey agent is already sending the relevant telemetry, you'll need to add the test in two places.
### `zero_trust_consts.py`
-In the file `/monkey/common/data/zero_trust_consts.py`,
+In the file `/monkey/common/data/zero_trust_consts.py`:
1. Add the test name to the TESTS set
-2. Add a relevant recommendation if exists
-3. Add the test to the TESTS_MAP dict. Make sure that all statuses (except `STATUS_UNEXECUTED`) have finding explanations.
+2. Add a relevant recommendation if it exists
+3. Add the test to the TESTS_MAP dict. Ensure that all statuses (except `STATUS_UNEXECUTED`) have finding explanations.
### `telemetry/processing.py`
-Find the relevant telemetry type you wish to test the finding in. This can be found in `/monkey/monkey_island/cc/services/telemetry/processing.py`. In the relevant `process_*_telemetry` function, add your Zero Trust testing code. Please put the zero trust tests under the `/monkey/monkey_island/cc/services/telemetry/zero_trust_tests` directory. There you can find examples of existing tests as well, so you'll know pretty much what you need to write.
+Find the relevant telemetry type you wish to test the finding in next. These can be found in `/monkey/monkey_island/cc/services/telemetry/processing.py`. In the relevant `process_*_telemetry` function, add your Zero Trust testing code. Please put the Zero Trust tests under the `/monkey/monkey_island/cc/services/telemetry/zero_trust_tests` directory. There you can also find examples of existing tests as well, so you'll have a reference for what you need to write.
-## How to test the new Zero Trust test I've implemented?
+## How do I test the new Zero Trust test I've implemented?
-Test ALL possible finding statuses you've defined in a fake network. Observe the events as well and see they were formatted correctly. If there's an algorithmic part to your Zero Trust test, please cover it using a Unit Test.
+Test ALL possible finding statuses you've defined in a fake network. Ensure the events were formatted correctly by observing them. If there's an algorithmic part to your Zero Trust test, please cover it using a Unit Test.
diff --git a/docs/content/development/adding-post-breach-actions.md b/docs/content/development/adding-post-breach-actions.md
index a5445bfc9..033a6118c 100644
--- a/docs/content/development/adding-post-breach-actions.md
+++ b/docs/content/development/adding-post-breach-actions.md
@@ -6,17 +6,17 @@ tags: ["contribute"]
weight: 90
---
-## What's this?
+## What does this guide cover?
-This guide will show you how to create a new _Post Breach action_ for the Infection Monkey. _Post Breach actions_ are "extra" actions that the Monkey can perform on the victim machines after it propagated to them.
+This guide will show you how to create a new _post-breach action_ (PBA) for the Infection Monkey. PBA are "extra" actions that the Infection Monkey can perform on victim machines after propagating to them.
## Do I need a new PBA?
-If all you want is to execute shell commands, then there's no need to add a new PBA - just configure the required commands in the Monkey Island configuration! If you think that those specific commands have reuse value in all deployments and not just your own, you can add a new PBA. If you need to run actual Python code, you must add a new PBA.
+If all you want to do is execute shell commands, then there's no need to add a new PBA - just configure the required commands in the Monkey Island configuration! If you think that those specific commands have reuse value in other deployments besides your own, you can add a new PBA. Additionally, if you need to run actual Python code, you must add a new PBA.
## How to add a new PBA
-### Monkey side
+### From the Infection Monkey Side
#### Framework
@@ -43,7 +43,7 @@ If your PBA consists only of simple shell commands, you can reuse the generic PB
Otherwise, you'll need to override the `run` method with your own implementation. See the `communicate_as_new_user.py` PBA for reference. Make sure to send the relevant PostBreachTelem upon success/failure. You can log during the PBA as well.
-### Island side
+### From the Monkey Island Side
#### Configuration
@@ -67,10 +67,10 @@ You'll need to add your PBA to the `config_schema.py` file, under `post_breach_a
},
```
-Now you can choose your PBA when configuring the Monkey on the Monkey island:
+Now you can choose your PBA when configuring the Infection Monkey on the Monkey island:
#### Telemetry processing
-If you wish to process your Post Breach action telemetry (for example, to analyze it for report data), add a processing function to the `POST_BREACH_TELEMETRY_PROCESSING_FUNCS` which can be found at `monkey/monkey_island/cc/services/telemetry/processing/post_breach.py`. You can look at the `process_communicate_as_new_user_telemetry` method as an example.
+If you wish to process your PBA telemetry (for example, to analyze it for report data), add a processing function to the `POST_BREACH_TELEMETRY_PROCESSING_FUNCS`, which can be found at `monkey/monkey_island/cc/services/telemetry/processing/post_breach.py`. You can reference the `process_communicate_as_new_user_telemetry` method as an example.
diff --git a/docs/content/development/adding-system-info-collectors.md b/docs/content/development/adding-system-info-collectors.md
index c9916e34b..5a7aadd94 100644
--- a/docs/content/development/adding-system-info-collectors.md
+++ b/docs/content/development/adding-system-info-collectors.md
@@ -6,21 +6,21 @@ tags: ["contribute"]
weight: 80
---
-## What's this?
+## What does this guide cover?
-This guide will show you how to create a new _System Info Collector_ for the Infection Monkey. _System Info Collectors_ are modules which each Monkey runs, that collect specific information and sends it back to the Island as part of the System Info Telemetry.
+This guide will show you how to create a new _System Info Collector_ for the Infection Monkey. System Info Collectors are modules that each of the Infection Monkey agents runs that collect specific information and send it back to the Monkey Island as part of the System Info Telemetry.
-### Do I need a new System Info Controller?
+### Do I need a new System Info Collector?
-If all you want is to execute a shell command, then there's no need to add a new collector - just configure the required commands in the Monkey Island configuration in the PBA section! Also, if there is a relevant collector and you only need to add more information to it, expand the existing one. Otherwise, you must add a new Collector.
+If all you want to do is execute a shell command, then there's no need to add a new System Info Collector - just configure the required commands in the Monkey Island's post-breach action (PBA) section! Also, if there is a relevant System Info Collector and you only need to add more information to it, simply expand the existing one. Otherwise, you must add a new System Info Collector.
-## How to add a new System Info Collector
+## How to add a new System Info Collector
-### Monkey side
+### From the Monkey Island Side
#### Framework
-1. Create your new collector in the following directory: `monkey/infection_monkey/system_info/collectors` by first creating a new file with the name of your collector.
+1. Create your new System Info Collector in the following directory: `monkey/infection_monkey/system_info/collectors` by first creating a new file with the name of your System Info Collector.
2. In that file, create a class that inherits from the `SystemInfoCollector` class:
```py
@@ -29,7 +29,7 @@ from infection_monkey.system_info.system_info_collector import SystemInfoCollect
class MyNewCollector(SystemInfoCollector):
```
-3. Set the Collector name in the constructor, like so:
+3. Set the System Info Collector name in the constructor, like so:
```py
class MyNewCollector(SystemInfoCollector):
@@ -39,15 +39,15 @@ class MyNewCollector(SystemInfoCollector):
#### Implementation
-Override the `collect` method with your own implementation. See the `EnvironmentCollector.py` Collector for reference. You can log during collection as well.
+Override the `collect` method with your own implementation. See the `EnvironmentCollector.py` System Info Collector for reference. You can log during collection as well.
-### Island side
+### From the Monkey Island Side
-#### Island Configuration
+#### Configuration
##### Definitions
-You'll need to add your Collector to the `monkey_island/cc/services/config_schema.py` file, under `definitions/system_info_collectors_classes/anyOf`, like so:
+You'll need to add your Sytem Info Collector to the `monkey_island/cc/services/config_schema.py` file, under `definitions/system_info_collectors_classes/anyOf`, like so:
```json
"system_info_collectors_classes": {
@@ -76,7 +76,7 @@ You'll need to add your Collector to the `monkey_island/cc/services/config_schem
##### properties
-Also, you can add the Collector to be used by default by adding it to the `default` key under `properties/monkey/system_info/system_info_collectors_classes`:
+Also, you can add the System Info Collector to be used by default by adding it to the `default` key under `properties/monkey/system_info/system_info_collectors_classes`:
```json
"system_info_collectors_classes": {
@@ -96,6 +96,6 @@ Also, you can add the Collector to be used by default by adding it to the `defau
#### Telemetry processing
-1. Add a process function under `monkey_island/cc/telemetry/processing/system_info_collectors/{DATA_NAME_HERE}.py`. The function should parse the collector's result. See `processing/system_info_collectors/environment.py` for example.
+1. Add a process function under `monkey_island/cc/telemetry/processing/system_info_collectors/{DATA_NAME_HERE}.py`. The function should parse the System Info Collector's result. See `processing/system_info_collectors/environment.py` for example.
2. Add that function to `SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS` under `monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py`.
diff --git a/docs/content/development/contribute-documentation.md b/docs/content/development/contribute-documentation.md
index 5d6913edb..ce4dbef4b 100644
--- a/docs/content/development/contribute-documentation.md
+++ b/docs/content/development/contribute-documentation.md
@@ -6,11 +6,11 @@ weight: 1
tags: ["contribute"]
---
-The `/docs` folder contains the Monkey Documentation site.
+The `/docs` folder contains the Infection Monkey Documentation site.
The site is based on [Hugo](https://gohugo.io/) and the [learn](https://themes.gohugo.io/theme/hugo-theme-learn/en) theme.
-- [Directory Structure](#directory-structure)
+- [Directory structure](#directory-structure)
- [content](#content)
- [static](#static)
- [config](#config)
@@ -30,35 +30,35 @@ The site is based on [Hugo](https://gohugo.io/) and the [learn](https://themes.g
- [`failed to extract shortcode: template for shortcode "children" not found` or theme doesn't seem right?](#failed-to-extract-shortcode-template-for-shortcode-children-not-found-or-theme-doesnt-seem-right)
- [CSS is missing](#css-is-missing)
-## Directory Structure
+## Directory structure
By order of importance:
-### content
+### Content
-The most important directory is `/content`: This is the directory which contains the content files. [Read this to understand how pages are organized in that folder](https://themes.gohugo.io//theme/hugo-theme-learn/en/cont/pages/).
+The most important directory is `/content`. This is the directory which contains the content files. [Read this to understand how pages are organized in that folder](https://themes.gohugo.io//theme/hugo-theme-learn/en/cont/pages/).
-### static
+### Static
-In this directory you should place images, `css` files, `js` files, and other static content the site should serve. To access that static content in a page, use something similar to this:
+In this directory you should place images, `css` files, `js` files and other static content the site should serve. To access that static content in a page, use something similar to this:
```markdown
```
-### config
+### Config
-This folder controls a lot of parameters regarding the site generation.
+This folder controls many of the parameters regarding the site generation.
-### themes
+### Themes
-This is the theme we're using. It's a submodule (so to get it you need to run `git submodule update`). It's our own fork of the [learn](https://themes.gohugo.io/hugo-theme-learn/) theme. If we want to make changes to the theme itself or pull updates from the upstream you'll do it here.
+This is the theme we're using. It's a submodule (to get it you need to run `git submodule update`). It's our own fork of the [learn](https://themes.gohugo.io/hugo-theme-learn/) theme. If you want to make changes to the theme itself, or pull updates from the upstream, you'll do it here.
-### layouts and archtypes
+### Layouts and archtypes
-This directory includes custom [HTML partials](https://gohugo.io/templates/partials/), custom [shortcodes](https://gohugo.io/content-management/shortcodes/), and content templates. Best to not mess with the existing stuff here too much, but rather add new things.
+This directory includes custom [HTML partials](https://gohugo.io/templates/partials/), custom [shortcodes](https://gohugo.io/content-management/shortcodes/) and content templates. It's best not to mess with the existing stuff here too much, but rather add new things.
-### public and resources
+### Public and resources
These are the build output of `hugo` and should never be `commit`-ed to git.
@@ -66,13 +66,13 @@ These are the build output of `hugo` and should never be `commit`-ed to git.
### Requirements
-You have to [install `hugo`](https://gohugo.io/getting-started/installing/), a text editor that's good for markdown (`vscode` and `vim` are good options), and `git`.
+You'll have to [install `hugo`](https://gohugo.io/getting-started/installing/), a text editor that's good for markdown (`vscode` and `vim` are good options) and `git`.
### Adding and editing content
#### Add a new page
-Run `hugo new folder/page.md`. Optionally add `--kind chapter` if this is a new chapter page. For example, `hugo new usage/getting-started.md` created the Getting Started page.
+Run `hugo new folder/page.md`. Optionally add `--kind chapter` if creating a new chapter page. For example, `hugo new usage/getting-started.md` created the Getting Started page.
#### Editing an existing page
@@ -92,11 +92,11 @@ Run `hugo --environment staging` or `hugo --environment production`. This will c
##### `Error: Unable to locate config file or config directory. Perhaps you need to create a new site.`
-What is your working directory? It should be `monkey/docs`.
+Did you confirm your working directory? It should be `monkey/docs`.
##### `failed to extract shortcode: template for shortcode "children" not found` or theme doesn't seem right?
-Have you ran `git submodule update`?
+Have you run `git submodule update`?
##### CSS is missing
diff --git a/docs/content/development/setup-development-environment.md b/docs/content/development/setup-development-environment.md
index b2d0b7f1e..d558b11ce 100644
--- a/docs/content/development/setup-development-environment.md
+++ b/docs/content/development/setup-development-environment.md
@@ -8,17 +8,17 @@ tags: ["contribute"]
## Deployment scripts
-To setup development environment using scripts look at the readme under [`/deployment_scripts`](https://github.com/guardicore/monkey/blob/develop/deployment_scripts). If you want to setup it manually or if run into some problems, read further below.
+To set up a development environment using scripts, look at the readme under [`/deployment_scripts`](https://github.com/guardicore/monkey/blob/develop/deployment_scripts). If you want to set it up manually or run into problems, keep reading.
## Agent
-The Agent, (what we refer as the Monkey), is a single Python project under the [`infection_monkey`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey) folder. Built for Python 3.7, you can get it up and running by setting up a [virtual environment](https://docs.python-guide.org/dev/virtualenvs/) and inside it installing the requirements listed under [`requirements.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/requirements.txt).
+The agent (which we sometimes refer to as the Infection Monkey) is a single Python project under the [`infection_monkey`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey) folder. The Infection Monkey agent was built for Python 3.7. You can get it up and running by setting up a [virtual environment](https://docs.python-guide.org/dev/virtualenvs/) and installing the requirements listed in the [`requirements.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/requirements.txt) inside it.
-In order to compile the Monkey for distribution by the Monkey Island, you need to run the instructions listed in [`readme.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/readme.txt) on each supported environment.
+In order to compile the Infection Monkey for distribution by the Monkey Island, you'll need to run the instructions listed in the [`readme.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/readme.txt) on each supported environment.
-This means setting up an environment with Linux 32/64-bit with Python installed and a Windows 64-bit machine with developer tools + 32/64-bit Python versions.
+This means setting up an environment with Linux 32/64-bit with Python installed and a Windows 64-bit machine with developer tools, along with 32/64-bit Python versions.
-## Monkey Island
+## The Monkey Island
The Monkey Island is a Python backend React frontend project. Similar to the agent, the backend's requirements are listed in the matching [`requirements.txt`](https://github.com/guardicore/monkey/blob/master/monkey/monkey_island/requirements.txt).
diff --git a/docs/content/development/swimm.md b/docs/content/development/swimm.md
new file mode 100644
index 000000000..9dd1be6c1
--- /dev/null
+++ b/docs/content/development/swimm.md
@@ -0,0 +1,29 @@
+---
+title: "Swimm tutorials"
+date: 2020-09-02T22:14:58+03:00
+draft: false
+weight: 3
+tags: ["contribute"]
+---
+
+The Infection Monkey has development tutorials that use [`swimm.io`](https://swimm.io/) to help teach new developers how to perform common code tasks in the Infection Monkey codebase and accelerate the ramp-up process. The tutorials include adding new configuration values, new system info collectors and more.
+
+ 
+
+# How to start learning
+
+First, [sign up for swimm's beta](https://swimm.io/sign-beta). `swimm` is free for open-source projects, but as they're still in beta you'll need to sign up in order to download it.
+
+After you've downloaded and installed `swimm`, open a shell in the Infeciton Monkey repo folder and run:
+
+```shell script
+swimm start
+```
+
+A local web server with the currently available tutorials should show up, and will look something like this:
+
+
+
+Choose which playlist you'd like to learn, click on it and follow the instructions.
+
+🏊♀️🏊♂️
diff --git a/docs/content/reference/exploiters/Drupal.md b/docs/content/reference/exploiters/Drupal.md
new file mode 100644
index 000000000..df600b2cb
--- /dev/null
+++ b/docs/content/reference/exploiters/Drupal.md
@@ -0,0 +1,35 @@
+---
+title: "Drupal"
+date: 2020-09-01T08:42:46+03:00
+draft: false
+tags: ["exploit", "linux", "windows"]
+---
+
+The Drupal exploiter exploits [CVE-2019-6340](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340)
+on a vulnerable Drupal server.
+
+### Description
+
+Some field types do not properly sanitize data from non-form sources in certain versions
+of Drupal server.
+
+This can lead to arbitrary PHP code execution in some cases.
+
+
+### Affected Versions
+
+* Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10.
+
+One of the following conditions must hold:
+* The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH
+or POST requests; OR
+* The site has another web services module enabled, like JSON:API in
+Drupal 8, or Services or RESTful Web Services in Drupal 7.
+
+
+### Notes
+
+* The Infection Monkey exploiter implementation is based on an open-source
+[Python implementation](https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88/f9f6a5bb6605745e292bee3a4079f261d891738a)
+of the exploit by @leonjza.
+* For the full attack to work, more than one vulnerable URL is required.
\ No newline at end of file
diff --git a/docs/content/reference/exploiters/Zerologon.md b/docs/content/reference/exploiters/Zerologon.md
new file mode 100644
index 000000000..76a524c03
--- /dev/null
+++ b/docs/content/reference/exploiters/Zerologon.md
@@ -0,0 +1,74 @@
+---
+title: "Zerologon"
+date: 2021-01-31T19:46:12+05:30
+draft: false
+tags: ["exploit", "windows"]
+---
+
+The Zerologon exploiter exploits [CVE-2020-1472](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472).
+
+
+### Description
+
+An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC).
+
+To download the relevant security update and read more, click [here](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472).
+
+### A note on safety
+
+This exploiter is not safe for production or other sensitive environments. It
+is, therefore, **not** enabled by default.
+
+During successful exploitation, the Zerologon exploiter:
+
+* will temporarily change the target domain controller's password.
+* may break the target domain controller's communication with other systems in the network, affecting functionality.
+* may change the administrator's password.
+* will *attempt* to revert all changes.
+
+While the Zerologon exploiter is usually successful in reverting its changes
+and restoring the original passwords, it sometimes fails. Restoring passwords
+manually after the Zerologon exploiter has run is nontrivial. For information
+on restoring the original passwords, see the section on manually restoring your
+passwords.
+
+To minimize the risk posed by this exploiter, it is recommended that this
+exploiter be run _only_ against VMs with a recent snapshot and _only_ in
+testing or staging environments.
+
+
+### Manually restoring your password
+
+This exploiter attempts to restore the original passwords after exploitation.
+It is usually successful, but it sometimes fails. If this exploiter has changed
+a password but was unable to restore the original, you can try the following
+methods to restore the original password.
+
+#### Restore the VM from a recent snapshot
+
+If the affected system is a virtual machine, the simplest way to restore it to
+a working state is to revert to a recent snapshot.
+
+#### Restore the administrator's password
+
+If you are unable to log in as the administrator, you can follow the
+instructions
+[here](https://www.top-password.com/knowledge/reset-windows-server-2019-password.html)
+to regain access to the system.
+
+#### Use Reset-ComputerMachinePassword
+
+If you are able to login as the administrator, you can use the
+[Reset-ComputerMachinePassword](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/reset-computermachinepassword?view=powershell-5.1)
+powershell command to restore the domain controller's password.
+
+
+#### Try a zerologon password restoration tool
+If all other approaches fail, you can try the tools and steps found
+[here](https://github.com/risksense/zerologon).
+
+
+
+### Notes
+
+* The Infection Monkey exploiter implementation is based on implementations by [@dirkjanm](https://github.com/dirkjanm/CVE-2020-1472/) and [@risksense](https://github.com/risksense/zerologon).
diff --git a/docs/content/reference/mitre_techniques.md b/docs/content/reference/mitre_techniques.md
new file mode 100644
index 000000000..9e528449e
--- /dev/null
+++ b/docs/content/reference/mitre_techniques.md
@@ -0,0 +1,58 @@
+---
+title: "MITRE ATT&CK"
+date: 2020-09-24T08:18:37+03:00
+draft: false
+pre: ' & '
+weight: 10
+---
+
+{{% notice info %}}
+Check out [the documentation for the MITRE ATT&CK report as well](../../usage/reports/mitre).
+{{% /notice %}}
+
+The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base and based on this,
+ provides a report detailing the techniques it used and recommended mitigations.
+ The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
+
+ In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about,
+ categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic.
+
+
+| TACTIC | TECHNIQUES |
+|--- |--- |
+| [Execution](https://attack.mitre.org/tactics/TA0002/) | [Command-line Interface](https://attack.mitre.org/techniques/T1059/) |
+| | [Execution Through Module Load](https://attack.mitre.org/techniques/T1129/) |
+| | [Execution Through API](https://attack.mitre.org/techniques/T1106/) |
+| | [Powershell](https://attack.mitre.org/techniques/T1086/) |
+| | [Scripting](https://attack.mitre.org/techniques/T1064/) |
+| | [Service Execution](https://attack.mitre.org/techniques/T1035/) |
+| | [Trap](https://attack.mitre.org/techniques/T1154/) |
+| [Persistence](https://attack.mitre.org/tactics/TA0003/) | [.bash_profile & .bashrc](https://attack.mitre.org/techniques/T1156/) |
+| | [Create Account](https://attack.mitre.org/techniques/T1136/) |
+| | [Hidden Files & Directories](https://attack.mitre.org/techniques/T1158/) |
+| | [Local Job Scheduling](https://attack.mitre.org/techniques/T1168/) |
+| | [Powershell Profile](https://attack.mitre.org/techniques/T1504/) |
+| | [Scheduled Task](https://attack.mitre.org/techniques/T1053/) |
+| | [Setuid & Setgid](https://attack.mitre.org/techniques/T1166/) |
+| [Defence Evasion](https://attack.mitre.org/tactics/TA0005/) | [BITS Job](https://attack.mitre.org/techniques/T1197/) |
+| | [Clear Command History](https://attack.mitre.org/techniques/T1146/) |
+| | [File Deletion](https://attack.mitre.org/techniques/T1107/) |
+| | [File Permissions Modification](https://attack.mitre.org/techniques/T1222/) |
+| | [Timestomping](https://attack.mitre.org/techniques/T1099/) |
+| | [Signed Script Proxy Execution](https://attack.mitre.org/techniques/T1216/) |
+| [Credential Access](https://attack.mitre.org/tactics/TA0006/) | [Brute Force](https://attack.mitre.org/techniques/T1110/) |
+| | [Credential Dumping](https://attack.mitre.org/techniques/T1003/) |
+| | [Private Keys](https://attack.mitre.org/techniques/T1145/) |
+| [Discovery](https://attack.mitre.org/tactics/TA0007/) | [Account Discovery](https://attack.mitre.org/techniques/T1087/) |
+| | [Remote System Discovery](https://attack.mitre.org/techniques/T1018/) |
+| | [System Information Discovery](https://attack.mitre.org/techniques/T1082/) |
+| | [System Network Configuration Discovery](https://attack.mitre.org/techniques/T1016/) |
+| [Lateral Movement](https://attack.mitre.org/tactics/TA0008/) | [Exploitation Of Remote Services](https://attack.mitre.org/techniques/T1210/) |
+| | [Pass The Hash](https://attack.mitre.org/techniques/T1075/) |
+| | [Remote File Copy](https://attack.mitre.org/techniques/T1105/) |
+| | [Remote Services](https://attack.mitre.org/techniques/T1021/) |
+| [Collection](https://attack.mitre.org/tactics/TA0009/) | [Data From Local System](https://attack.mitre.org/techniques/T1005) |
+| [Command And Control](https://attack.mitre.org/tactics/TA0011/) | [Connection Proxy](https://attack.mitre.org/techniques/T1090/) |
+| | [Uncommonly Used Port](https://attack.mitre.org/techniques/T1065/) |
+| | [Multi-hop Proxy](https://attack.mitre.org/techniques/T1188/) |
+| [Exfiltration](https://attack.mitre.org/tactics/TA0010/) | [Exfiltration Over Command And Control Channel](https://attack.mitre.org/techniques/T1041/)|
diff --git a/docs/content/usage/reports/_index.md b/docs/content/reports/_index.md
similarity index 59%
rename from docs/content/usage/reports/_index.md
rename to docs/content/reports/_index.md
index 8d1da79b9..50af928b9 100644
--- a/docs/content/usage/reports/_index.md
+++ b/docs/content/reports/_index.md
@@ -1,13 +1,13 @@
+++
title = "Reports"
date = 2020-06-24T21:16:03+03:00
-weight = 5
+weight = 40
chapter = true
pre = " "
+++
# Infection Monkey's Reports
-The Monkey offers three reports:
+The Infection Monkey offers three reports:
-{{% children %}}
+{{% children description=true style="p"%}}
diff --git a/docs/content/reports/mitre.md b/docs/content/reports/mitre.md
new file mode 100644
index 000000000..d1ab3f20c
--- /dev/null
+++ b/docs/content/reports/mitre.md
@@ -0,0 +1,37 @@
+---
+title: "MITRE ATT&CK report"
+description: "Maps the Monkey's actions to the MITRE ATT&CK knowledge base"
+date: 2020-06-24T21:17:18+03:00
+draft: false
+---
+
+{{% notice info %}}
+Check out [the documentation for other reports available in the Infection Monkey](../) and [the documentation for supported ATT&CK techniques](../../../reference/mitre_techniques).
+{{% /notice %}}
+
+The Infection Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base. After simulating an advanced persistent threat (APT) attack, it generates a report summarizing the success of the techniques utilized along with recommended mitigation steps, helping you identify and mitigate attack paths in your environment.
+
+Watch the overview video:
+
+{{% youtube 3tNrlutqazQ %}}
+
+## How to use the report
+
+The MITRE ATT&CK report is centred around the ATT&CK matrix:
+
+
+
+The Infection Monkey rates your network on the attack techniques it attempted, assigning one of the corresponding labels to each:
+
+- {{< label danger Red >}}: The Infection Monkey **successfully used** this technique in the simulation. This means your network is vulnerable to the technique.
+- {{< label warning Yellow >}}: The Infection Monkey **tried to use** the technique, but wasn’t successful. This means your network isn't vulnerable to the way Infection Monkey employed this technique.
+- {{< label unused "Dark Gray" >}}: The Monkey **didn't try** the technique. Perhaps it wasn't relevant to this network.
+- {{< label disabled "Light Gray" >}}: The Monkey **didn't try** the technique since it wasn't configured.
+
+By clicking on each of the listed techniques, you can see exactly how the Infection Monkey used it and any recommended mitigation steps. For example, let's look at the [**Brute Force**](https://attack.mitre.org/techniques/T1110/) technique that's a part of employing the [**Credentials Access**](https://attack.mitre.org/tactics/TA0006/) tactic:
+
+
+
+In this example, you can see how the Infection Monkey was able to use an old `root` password to access all machines in the network. When scrolling to the bottom of this list, you can also see the mitigation steps recommended, including reconfiguring your **Account Use Policies** and implementing **Multi-factor Authentication**.
+
+
diff --git a/docs/content/usage/reports/security.files/infection_monkey_security_report_example.pdf b/docs/content/reports/security.files/infection_monkey_security_report_example.pdf
similarity index 100%
rename from docs/content/usage/reports/security.files/infection_monkey_security_report_example.pdf
rename to docs/content/reports/security.files/infection_monkey_security_report_example.pdf
diff --git a/docs/content/reports/security.md b/docs/content/reports/security.md
new file mode 100644
index 000000000..e70f8539c
--- /dev/null
+++ b/docs/content/reports/security.md
@@ -0,0 +1,98 @@
+---
+title: "Security report"
+date: 2020-06-24T21:16:10+03:00
+draft: false
+description: "Provides actionable recommendations and insight into an attacker's view of your network"
+---
+
+{{% notice info %}}
+Check out [the documentation for other reports available in the Infection Monkey](../).
+{{% /notice %}}
+
+The Infection Monkey's **Security Report** provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:
+
+{{%attachments title="Download the PDF" pattern=".*(pdf)"/%}}
+
+The report is split into three main categories:
+
+- [Overview](#overview)
+ - [High-level information](#high-level-information)
+ - [Used credentials](#used-credentials)
+ - [Exploits and targets](#exploits-and-targets)
+ - [Security findings](#security-findings)
+- [Recommendations](#recommendations)
+ - [Machine-related recommendations relating to specific CVEs](#machine-related-recommendations-relating-to-specific-cves)
+ - [Machine-related recommendations relating to network security and segmentation](#machine-related-recommendations-relating-to-network-security-and-segmentation)
+- [The network from the Monkey's eyes](#the-network-from-the-monkeys-eyes)
+ - [Network infection map](#network-infection-map)
+ - [Scanned servers](#scanned-servers)
+ - [Exploits and post-breach actions](#exploits-and-post-breach-actions)
+ - [Stolen credentials](#stolen-credentials)
+
+## Overview
+
+The overview section of the report provides high-level information about the Infection Monkey's execution and main security findings.
+
+### High-level information
+
+This section shows general information about the Infection Monkey's execution, including which machine the infection originated from and how long the breach simulation took.
+
+
+
+### Used credentials
+
+This section shows which credentials were used for brute-forcing.
+
+
+
+### Exploits and targets
+
+This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.
+
+
+
+### Security findings
+
+This section highlights the most important security threats and issues discovered during the attack.
+
+
+
+## Recommendations
+
+This section contains recommendations for improving your security, including actionable mitigation steps.
+
+### Machine-related recommendations relating to specific CVEs
+
+
+
+### Machine-related recommendations relating to network security and segmentation
+
+
+
+## The network from the Monkey's eyes
+
+This section contains the infection map and summary tables on servers the Infection Monkey found.
+
+### Network infection map
+
+This section shows the network map and a breakdown of how many machines the Infection Monkey breached.
+
+
+
+### Scanned servers
+
+This section shows the attack surface the Infection Monkey discovered.
+
+
+
+### Exploits and post-breach actions
+
+This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.
+
+
+
+### Stolen credentials
+
+This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.
+
+
diff --git a/docs/content/reports/zero-trust.md b/docs/content/reports/zero-trust.md
new file mode 100644
index 000000000..0e41d8ff7
--- /dev/null
+++ b/docs/content/reports/zero-trust.md
@@ -0,0 +1,45 @@
+---
+title: "Zero Trust report"
+date: 2020-06-24T21:16:18+03:00
+draft: false
+description: "Generates a status report with detailed explanations of Zero Trust security gaps and prescriptive instructions on how to rectify them"
+---
+
+{{% notice info %}}
+Check out [the documentation for other reports available in the Infection Monkey](../).
+{{% /notice %}}
+
+The Guardicore Infection Monkey runs different tests to evaluate your network's adherence to the Zero Trust framework's key components established by Forrester, such as whether you have applied segmentation, verified user identities, enabled encryption and more. Then, the Infection Monkey generates a status report with detailed explanations of security gaps and prescriptive instructions for rectifying them.
+
+Watch the overview video here:
+
+{{% youtube z4FNu3WCd9o %}}
+
+## Summary
+
+This diagram provides you with a quick glance at how your organization scores on each pillar of the Forrester Zero Trust model with **Failed**, **Verify**, **Passed** and **Unexecuted** verdicts.
+
+- {{< label danger Failed >}} At least one of the tests related to this component failed. This means that the Infection Monkey detected an unmet Zero Trust requirement.
+- {{< label warning Verify >}} At least one of the tests' results related to this component requires further manual verification.
+- {{< label success Passed >}} All Tests related to this pillar passed. No violation of a Zero Trust guiding principle was detected.
+- {{< label unused Unexecuted >}} This status means no tests were executed for this pillar.
+
+
+
+## Test Results
+
+This section shows how your network fared against each of the tests the Infection Monkey ran. The tests are ordered by Zero Trust pillar, so you can quickly navigate to the category you want to prioritize.
+
+
+
+## Findings
+
+This section shows each test's details, including the explicit events and exact timestamps for the activities that took place in your network. This enables you to compare results with your SOC logs and alerts to gain more in-depth insights.
+
+
+
+## Events
+
+Your results are exportable. Click **Export** after clicking on **Events** to view them in a machine-readable format.
+
+
diff --git a/docs/content/setup/_index.md b/docs/content/setup/_index.md
index e6493bbac..0e5d38690 100644
--- a/docs/content/setup/_index.md
+++ b/docs/content/setup/_index.md
@@ -9,14 +9,18 @@ tags = ["setup"]
# Setting up Infection Monkey
-Setting up Infection Monkey is really easy! First, you need to {{% button href="https://infectionmonkey.com/" icon="fas fa-download" %}}download the Infection Monkey from our site{{% /button %}}.
+Setting up the Infection Monkey is easy! First, you need to {{% button href="https://infectionmonkey.com/" icon="fas fa-download" %}}Download the Infection Monkey{{% /button %}}.
-Once you've downloaded an installer, you can follow the relevant guide for your environment:
+Once you've downloaded an installer, follow the relevant guide for your environment:
{{% children %}}
-Once you're done setting the Monkey up, check out our [Getting Started](../usage/getting-started) guide!
+After setting the Monkey up, check out our [Getting Started](../usage/getting-started) guide!
{{% notice tip %}}
You can find information about [operating system compatibility and support here](../reference/operating_systems_support).
{{% /notice %}}
+
+{{% notice tip %}}
+You can find the binary checksums of our installers to verify their integrity [on this page](../usage/file-checksums).
+{{% /notice %}}
diff --git a/docs/content/setup/accounts-and-security.md b/docs/content/setup/accounts-and-security.md
index 574b07c3c..da8dbbbb3 100644
--- a/docs/content/setup/accounts-and-security.md
+++ b/docs/content/setup/accounts-and-security.md
@@ -7,15 +7,17 @@ pre: " "
tags: ["usage", "password"]
---
-## Security in Infection Monkey
+## Security in the Infection Monkey
-The first time you launch Monkey Island (Infection Monkey CC server), you'll be prompted to create an account and secure your island. After your account is created, the server will only be accessible via the credentials you chose.
+The first time you launch Monkey Island (the Infection Monkey C&C server), you'll be prompted to create an account and secure your island. After account creation, the server will only be accessible via the credentials you entered.
-If you want island to be accessible without credentials press *I want anyone to access the island*. Please note that this option is insecure: you should only pick this for use in development environments.
+If you want an island to be accessible without credentials, press *I want anyone to access the island*. Please note that this option is insecure, and you should only use it in development environments.
-## Resetting account credentials
+## Resetting your account credentials
-To reset credentials edit `monkey_island\cc\server_config.json` by deleting `user` and `password_hash` variables. Then restart the Monkey Island server and you should be prompted with registration form again.
+To reset your credentials, edit `monkey_island\cc\server_config.json` by deleting the `user` and `password_hash` variables.
+
+When you restart the Monkey Island server, you will again be prompted with the registration form.
Example `server_config.json` for account reset:
diff --git a/docs/content/setup/aws.md b/docs/content/setup/aws.md
index bcbfaeb75..916889ba6 100644
--- a/docs/content/setup/aws.md
+++ b/docs/content/setup/aws.md
@@ -4,36 +4,46 @@ date: 2020-05-26T20:57:36+03:00
draft: false
pre: ' '
weight: 5
-tags: ["setup", "aws"]
+tags: ["setup", "aws"]
---
## Deployment
-On the [Infection Monkey’s AWS Marketplace page](https://aws.amazon.com/marketplace/pp/GuardiCore-Infection-Monkey/B07B3J7K6D), click **Continue to Subscribe**.
+On the [Infection Monkey's AWS Marketplace page](https://aws.amazon.com/marketplace/pp/GuardiCore-Infection-Monkey/B07B3J7K6D), click **Continue to Subscribe**.
1. Choose the desired region.
-1. Choose an EC2 instance type with at least 1GB of RAM for optimal performance or stick with the recommended.
-1. Select the VPC and subnet you want the instance to be in.
+1. Choose an EC2 instance type with at least 1GB of RAM for optimal performance or stick with the default recommendation.
+1. Select the VPC and subnet you want to use for the new instance.
1. In the Security Group section, make sure ports 5000 and 5001 on the machine are accessible for inbound TCP traffic.
-1. Choose an existing EC2 key pair for authenticating with your new instance.
+1. Choose an existing EC2 key pair for authenticating with the new instance.
1. Click **Launch with 1-click.**
-At this point, AWS will instance and deploy your new machine.
+At this point, AWS will instance and deploy the new machine.
-When ready, you can browse to the Infection Monkey running on your fresh deployment at:
+When ready, you can browse to the Infection Monkey running on the fresh deployment at:
`https://{public-ip}:5000`
-You will be presented a login page. Use the username **monkey**, and the new EC2 instace’s instance ID for password. You can find the instance id by going to the EC2 console and selecting your instance. It should appear in the details pane below.
+You will be presented with a login page. Enter the username **monkey**, and the
+new EC2 instance's **instance ID** for your password. To find your instance ID,
+go to the EC2 console and select your instance. It should appear in the details
+pane below.
## Integration with AWS services
-The Monkey has built-in integrations with AWS services for better execution and reporting. See [Usage -> Integrations](../../usage/integrations) for more details.
+The Infection Monkey has built-in integrations with AWS services for better
+execution and reporting. See [Usage -> Integrations](../../usage/integrations)
+for more details.
## Upgrading
-Currently there's no "upgrade-in-place" option when a new version comes out. To get the new version, you can deploy a new machine from the marketplace. If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new Monkey Island.
+
+Currently, there's no "upgrade-in-place" option when a new version is released.
+To get an updated version, you can deploy a new machine from the marketplace.
+
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
diff --git a/docs/content/setup/azure.md b/docs/content/setup/azure.md
index a4a2eda84..dcb50e7fd 100644
--- a/docs/content/setup/azure.md
+++ b/docs/content/setup/azure.md
@@ -4,31 +4,36 @@ date: 2020-05-26T20:57:39+03:00
draft: false
pre: ' '
weight: 6
-tags: ["setup", "azure"]
+tags: ["setup", "azure"]
---
## Deployment
-Select [Infection Monkey from the Azure Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/guardicore.infection_monkey) and click **GET IT NOW**.
+Select the [Infection Monkey from the Azure Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/guardicore.infection_monkey) and click **GET IT NOW**.
1. Under **Basics**:
- 1. Choose a name for your Infection Monkey instance, such as InfectionMonkey.
- 1. Choose a username and password or provide a SSH public key for authentication.
- 1. Choose a resource group and the location your instance will be deployed in.
+ 1. Choose a name for the new Infection Monkey instance, such as InfectionMonkey.
+ 1. Choose a username and password, or provide an SSH public key for authentication.
+ 1. Choose a resource group and the location for the Infection Monkey instance.
1. Under **Size**
1. Choose a machine size with at least 1GB of RAM for optimal performance.
1. Under **Settings**
- 1. Choose the network the new instance will be a member of.
+ 1. Choose the network for the new instance.
1. In the **Network Security Group** field, make sure ports 5000 and 5001 on the machine are accessible for inbound TCP traffic.
1. Under **Summary**
1. Review the details of the offer and click **Create**.
-At this point, Azure will instance and deploy your new machine. When ready, you can browse to the Infection Monkey running on your fresh deployment at:
+At this point, Azure will provision and deploy your new machine. When ready,
+you can browse to the Infection Monkey running on your fresh deployment at:
`https://{public-ip-address}:5000`
## Upgrading
-Currently there's no "upgrade-in-place" option when a new version comes out. To get the new version, you can deploy a new machine from the marketplace. If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new Monkey Island.
+Currently, there's no "upgrade-in-place" option when a new version is released.
+To get the updated version, you can deploy a new machine from the marketplace.
+
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
diff --git a/docs/content/setup/debian.md b/docs/content/setup/debian.md
index a1d751411..b76d27ec0 100644
--- a/docs/content/setup/debian.md
+++ b/docs/content/setup/debian.md
@@ -8,37 +8,57 @@ disableToc: false
tags: ["setup", "debian", "linux"]
---
+
+## Supported Distros
+
+This Debian package has been tested on Ubuntu Bionic 18.04 LTS and Ubuntu Focal 20.04 LTS.
+
## Deployment
-To extract the `tar.gz` file, run `tar -xvzf monkey-island-debian.tar.gz`.
+1. Update your package list by running:
+ ```sh
+ sudo apt update
+ ```
+1. If you are using Ubuntu Focal 20.04, run the following commands to install
+ Python 3.7:
+ ```sh
+ sudo apt install software-properties-common
+ sudo add-apt-repository ppa:deadsnakes/ppa
+ sudo apt install python3.7 python3.7-dev
+ ```
+1. Extract the tarball by running:
+ ```sh
+ tar -xvzf monkey-island-debian.tgz
+ ```
+1. Install the Monkey Island Debian package:
+ ```sh
+ sudo dpkg -i monkey_island.deb # this might print errors
+ ```
+1. If, at this point, you receive dpkg errors that look like this:
-To deploy the package, once you’ve extracted it, run the following commands:
+ ```sh
+ dpkg: error processing package gc-monkey-island (--install):
+ dependency problems - leaving unconfigured
+ Errors were encountered while processing:
+ gc-monkey-island
+ ```
-```sh
-sudo apt update
-sudo dpkg -i monkey_island.deb # this might print errors
-```
+ It just means that not all dependencies were pre-installed on your system.
+ That's no problem! Just run the following command, which will install all
+ dependencies, and then install the Monkey Island:
-If at this point, dpkg printed errors that look like this:
-
-```sh
-dpkg: error processing package gc-monkey-island (--install):
- dependency problems - leaving unconfigured
-Errors were encountered while processing:
- gc-monkey-island
-```
-
-That just means that not all dependencies were pre-installed on your system. That’s no problem! Just run the following command, which will install all dependencies and then install the Monkey Island:
-
-```sh
-sudo apt install -f
-```
+ ```sh
+ sudo apt install -f
+ ```
## Troubleshooting
### Trying to install on Ubuntu <16.04
-If you’re trying to install the Monkey Island on Ubuntu 16.04 or older, you need to install the dependencies yourself, since Python 3.7 is only installable from the `deadsnakes` PPA. To install the Monkey Island on Ubuntu 16.04, follow the following steps:
+If you're trying to install the Monkey Island on Ubuntu 16.04 or older, you
+need to install the dependencies yourself, since Python 3.7 is only installable
+from the `deadsnakes` PPA. To install the Monkey Island on Ubuntu 16.04, follow
+these steps:
```sh
sudo apt update
@@ -57,8 +77,13 @@ To check the status of the Monkey Island after the installation, run the followi
## Upgrading
-To upgrade when a new version comes out, download the new Monkey `.deb` file and install it. You should see a message like `Unpacking monkey-island (1.8.2) over (1.8.0)`. After which, the installation should complete successfully.
+Currently, there's no "upgrade-in-place" option when a new version is released.
+To get the updated version, download the new `.deb` file and install it. You
+should see a message like `Unpacking monkey-island (1.8.2) over (1.8.0)`. After
+which, the installation should complete successfully.
-If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new server.
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
+
diff --git a/docs/content/setup/docker.md b/docs/content/setup/docker.md
index 4a07293b8..14454bdc6 100644
--- a/docs/content/setup/docker.md
+++ b/docs/content/setup/docker.md
@@ -4,27 +4,30 @@ date: 2020-05-26T20:57:28+03:00
draft: false
pre: ' '
weight: 4
-tags: ["setup", "docker", "linux", "windows"]
+tags: ["setup", "docker", "linux", "windows"]
---
## Deployment
To extract the `tar.gz` file, run `tar -xvzf monkey-island-docker.tar.gz`.
-Once you’ve extracted the container from the tar.gz file, run the following commands:
+Once you've extracted the container from the tar.gz file, run the following commands:
```sh
-sudo docker load -i dk.monkeyisland.1.9.0.tar
-sudo docker pull mongo
+sudo docker load -i dk.monkeyisland.1.10.0.tar
+sudo docker pull mongo:4.2
sudo mkdir -p /var/monkey-mongo/data/db
-sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo
-sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.9.0
+sudo docker run --name monkey-mongo --network=host -v /var/monkey-mongo/data/db:/data/db -d mongo:4.2
+sudo docker run --name monkey-island --network=host -d guardicore/monkey-island:1.10.0
```
## Upgrading
-There's no "upgrade-in-place" option for Docker. To get the new version, download it, stop the current container, and run the installation commands again with the new file.
+Currently, there's no "upgrade-in-place" option when a new version is released.
+To get an updated version, download it, stop the current container and run the
+installation commands again with the new file.
-If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new server.
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
diff --git a/docs/content/setup/vmware.md b/docs/content/setup/vmware.md
index 5ee958188..c6519672b 100644
--- a/docs/content/setup/vmware.md
+++ b/docs/content/setup/vmware.md
@@ -4,59 +4,72 @@ date: 2020-05-26T20:57:14+03:00
draft: false
pre: ' '
weight: 3
-tags: ["setup", "vmware"]
+tags: ["setup", "vmware"]
---
## Deployment
-1. Deploy the Infection Monkey OVA by choosing Deploy OVF Template and follow the wizard instructions. *Note: make sure port 5000 and 5001 on the machine are accessible for inbound TCP traffic.*
-2. Turn on the Infection Monkey VM.
-3. Log in to the machine with the following credentials:
+1. Deploy the Infection Monkey OVA by choosing **Deploy OVF Template** and
+ following the wizard instructions. *Note: make sure ports 5000 and 5001 on
+ the machine are accessible for inbound TCP traffic.*
+1. Turn on the Infection Monkey VM.
+1. Log in to the machine with the following credentials:
1. Username: **monkeyuser**
- 2. Password: **Noon.Earth.Always**
-4. It's recommended to change the machine passwords by running the following commands: `sudo passwd monkeyuser`, `sudo passwd root`.
+ 1. Password: **Noon.Earth.Always**
+1. For security purposes, it's recommended that you change the machine
+ passwords by running the following commands: `sudo passwd monkeyuser`, `sudo
+ passwd root`.
## OVA network modes
-The OVA can be used in one of two modes:
+You can use the OVA in one of two modes:
-1. In a network with DHCP configured. In this case, the Monkey Island will automatically query and receive an IP address from the network.
-1. With a static IP address.
-
- In this case, you should login to the VM console with
-username `root` and password `G3aJ9szrvkxTmfAG`. After logging in, edit the interfaces file. You can do that by writing the following command in the prompt:
+1. In a network with the DHCP configured — In this case, the Monkey Island will
+ automatically query and receive an IP address from the network.
+1. With a static IP address — In this case, you should log in to the VM console
+ with the username `monkeyuser` and the password `Noon.Earth.Always`. After logging
+ in, edit the Netplan configuration by entering the following command in the
+ prompt:
```sh
- sudo nano /etc/network/interfaces
+ sudo nano /etc/netplan/00-installer-config.yaml
```
- And change the lines:
+ Make the following changes:
+
+ ```diff
+ # This is the network config written by 'subiquity'
+ network:
+ ethernets:
+ ens160:
+ - dhcp4: true
+ + dhcp4: false
+ + addresses: [XXX.XXX.XXX.XXX/24]
+ + gateway4: YYY.YYY.YYY.YYY
+ + nameservers:
+ + addresses: [1.1.1.1]
+ version: 2
+ ```
+
+ Replace `XXX.XXX.XXX.XXX` with the desired IP addess of the VM. Replace
+ `YYY.YYY.YYY.YYY` with the default gateway.
+
+ Save the changes then run the command:
```sh
- auto ens160
- iface ens160 inet dhcp
+ sudo netplan apply
```
- to the following:
-
- ```sh
- auto ens160
- iface ens160 inet static
- address AAA.BBB.CCC.DDD
- netmask XXX.XXX.XXX.XXX
- gateway YYY.YYY.YYY.YYY
- ```
-
- Save the changes then run the command
-
- ```sh
- sudo ifdown ens160 && ifup ens160
- ```
+ If this configuration does not suit your needs, see
+ https://netplan.io/examples/ for more information about how to configure
+ Netplan.
## Upgrading
-There's no "upgrade-in-place" option for Docker. To get the new version, download it, stop the current container, and run the installation commands again with the new file.
+Currently, there's no "upgrade-in-place" option when a new version is released.
+To get an updated version, download the updated OVA file.
-If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new server.
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
diff --git a/docs/content/setup/windows.md b/docs/content/setup/windows.md
index d8a6c84e9..d1ce0d43c 100644
--- a/docs/content/setup/windows.md
+++ b/docs/content/setup/windows.md
@@ -4,32 +4,39 @@ date: 2020-05-26T20:57:10+03:00
draft: false
pre: ' '
weight: 2
-tags: ["setup", "windows"]
+tags: ["setup", "windows"]
---
## Deployment
-Run the installer, and you should be met with the following screen:
+After running the installer, the following prompt should appear on the screen:
-1. Follow the steps of the installation.
+1. Follow the steps to complete the installation.
1. Run the Monkey Island by clicking on the desktop shortcut.
## Troubleshooting
-### Missing windows update
+### Missing Windows update
-The installer requires [Windows update #2999226](https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows) to be installed. If you’re having trouble running the installer, please make sure to install that update via Windows Update or manually from the link.
+The installer requires [Windows update #2999226](https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows).
+If you're having trouble running the installer, please make sure to install the
+update via Windows Update or manually from the link above.
### Supported browsers
-The Monkey Island supports Chrome (and Chrome-based) browsers. Some Windows Servers only have Internet Explorer installed. Make sure to use Chrome or a similar modern browser. [You can download Google Chrome from here](https://www.google.com/chrome/).
+The Monkey Island supports Chrome (and Chrome-based) browsers. If your Windows
+server only has Internet Explorer installed, please install Chrome or a similar
+modern browser. [You can download Google Chrome
+here](https://www.google.com/chrome/).
## Upgrading
-To upgrade, download the new installer and run it. The new Monkey version should be installed over the old one.
+To upgrade the Infection Monkey on Windows, download the new installer and run
+it. The new Monkey version will be installed over the old version.
-If you'd like to keep your existing configuration, you can export it to a file by using the Export button and then import it to the new server.
+If you'd like to keep your existing configuration, you can export it to a file
+using the *Export config* button and then import it to the new Monkey Island.
diff --git a/docs/content/usage/_index.md b/docs/content/usage/_index.md
index c5faecd05..8bbbab800 100644
--- a/docs/content/usage/_index.md
+++ b/docs/content/usage/_index.md
@@ -8,6 +8,6 @@ pre = ' '
# Usage
-If you're just starting with Infection Monkey, check out our [Getting Started](getting-started) page.
+If you're new to the Infection Monkey, check out our [Getting Started](getting-started) page.
-If you haven't downloaded Monkey yet, {{% button href="https://www.guardicore.com/infectionmonkey/#download" icon="fas fa-download" %}}Get Infection Monkey here{{% /button %}}!
+If you haven't downloaded the Infection Monkey yet, {{% button href="https://www.guardicore.com/infectionmonkey/#download" icon="fas fa-download" %}}Get Infection Monkey here{{% /button %}}!
diff --git a/docs/content/usage/configuration/_index.md b/docs/content/usage/configuration/_index.md
index f10d81ce1..7227fd285 100644
--- a/docs/content/usage/configuration/_index.md
+++ b/docs/content/usage/configuration/_index.md
@@ -7,9 +7,9 @@ weight: 3
pre: " "
---
-# Configure the Monkey
+# Configure the Infection Monkey
-The Monkey is highly configurable. Nearly every part of it can be modified to turn it to a fast acting worm or into a port scanning and system information collecting machine.
+The Infection Monkey is highly configurable. Nearly every part of it can be modified to turn it into a fast-acting worm or a port scanning and system information collecting machine.
{{% notice warning %}}
This section of the documentation is incomplete and under active construction.
@@ -17,4 +17,4 @@ This section of the documentation is incomplete and under active construction.
See these documentation pages for information on each configuration value:
-{{% children description=true %}}
+{{% children description=true style="p"%}}
diff --git a/docs/content/usage/configuration/basic-credentials.md b/docs/content/usage/configuration/basic-credentials.md
index ffd6a87e4..d87ab97dd 100644
--- a/docs/content/usage/configuration/basic-credentials.md
+++ b/docs/content/usage/configuration/basic-credentials.md
@@ -5,6 +5,6 @@ draft: false
description: "Configure credentials that the Monkey will use for propagation."
---
-In this screen you can feed the Monkey with “stolen” credentials for your network, simulating an attacker with inside knowledge.
+On this screen you can feed the Infection Monkey “stolen” credentials from your network, simulating an attacker with inside knowledge.
-
+
diff --git a/docs/content/usage/configuration/basic-network.md b/docs/content/usage/configuration/basic-network.md
index 410f7a2ee..fa6c6004d 100644
--- a/docs/content/usage/configuration/basic-network.md
+++ b/docs/content/usage/configuration/basic-network.md
@@ -7,6 +7,6 @@ description: "Configure settings related to the Monkey's network activity."
Here you can control multiple important settings, such as:
-* Network propagation depth - How many hops from the base machine will the Monkey spread
-* Local network scan - Should the Monkey attempt to attack any machine in its subnet
-* Scanner IP/subnet list - Specific IP ranges that the Monkey should try to attack.
+* Network propagation depth - How many hops from the base machine will the Infection Monkey spread?
+* Local network scan - Should the Infection Monkey attempt to attack any machine in its subnet?
+* Scanner IP/subnet list - Which specific IP ranges should the Infection Monkey should try to attack?
diff --git a/docs/content/usage/file-checksums.md b/docs/content/usage/file-checksums.md
index d892ff24a..b063550ed 100644
--- a/docs/content/usage/file-checksums.md
+++ b/docs/content/usage/file-checksums.md
@@ -20,7 +20,7 @@ Get-FileHash '.\Monkey Island v1.8.2_3536_windows.exe' | Format-List
# Should print
# Algorithm : SHA256
# Hash : 2BE528685D675C882604D98382ADB739F5BA0A7E234E3569B21F535173BD9569
-# Path : C:\Users\shay.nehmad\Desktop\work\compiled monkeys\1.8.2\Monkey Island v1.8.2_3536_windows.exe
+# Path : C:\Users\shay.nehmad\Desktop\work\compiled monkeys\1.8.2\Monkey Island v1.8.2_3536_windows.exe <-- Your path will be different
```
### On Linux
@@ -28,27 +28,163 @@ Get-FileHash '.\Monkey Island v1.8.2_3536_windows.exe' | Format-List
Use the `sha256sum` shell command, like so:
```sh
-sha256sum monkey-linux-64
+$ sha256sum monkey-linux-64
# Should print:
# 734dd2580f3d483210daf54c063a0a972911bbe9afb6ebc6278f86cd6b05e7ab monkey-linux-64
```
## Latest version checksums
-| Filename | Type | Version | SHA256 hash |
-|-|-|-|-|
-monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550`
-monkey-windows-32.exe | Windows Agent | 1.8.2 | `86a7d7065e73b795e38f2033be0c53f3ac808cc67478aed794a7a6c89123979f`
-monkey-linux-64 | Linux Agent | 1.8.2 | `4dce4a115d41b43adffc11672fae2164265f8902267f1355d02bebb802bd45c5`
-monkey-linux-32 | Linux Agent | 1.8.2 | `39d3fe1c7b33482a8cb9288d323dde17b539825ab2d736be66a9582764185478`
-infection_monkey_deb.tgz | Debian Package | 1.8.2 | `2a6b4b9b846566724ff985c6cc8283222b981b3495dd5a8920b6bc3f34d556e2`
-Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | `2be528685d675c882604d98382adb739f5ba0a7e234e3569b21f535173bd9569`
-Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a`
-infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d`
-infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75`
+| Filename | Type | Version | SHA256 |
+|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
+| monkey-windows-64.exe | Windows Agent | 1.10.0 | `3b499a4cf1a67a33a91c73b05884e4d6749e990e444fa1d2a3281af4db833fa1` |
+| monkey-windows-32.exe | Windows Agent | 1.10.0 | `8e891e90b11b97fbbef27f1408c1fcad486b19c612773f2d6a9edac5d4cdb47f` |
+| monkey-linux-64 | Linux Agent | 1.10.0 | `932f703510b6484c3824fc797f90f99722e38a7f8956cf6fa58fdecb3790ab93` |
+| monkey-linux-32 | Linux Agent | 1.10.0 | `a6de7d571051292b9db966afe025413dc20b214c4aab53e48d90d8e04264f4f5` |
+| infection_monkey_deb.tgz | Debian Package | 1.10.0 | `534d85c4abc78e2c86a74d8b88759b091b62077dd9e32f02eeb43d716d359ff6` |
+| infection_monkey_debzt.tgz | Debian Package | 1.10.0 | `bd01d8482f80990e6cc0ed654c07dbd80da71eebe3dd244365e9bc00f86b1c03` |
+| Monkey Island v1.10.0_3593_windows.exe | Windows Installer | 1.10.0 | `ebd2c5627d21dd8670def02c3a5a995f9e799ba567cf4caacd702654264ddf06` |
+| Monkey Island v1.10.0_3593_windowszt.exe | Windows Installer | 1.10.0 | `60aaf3b32e5d06c91fe0d4f1b950529517ac33796f67e9ccfef0e8ce1c5372d8` |
+| infection_monkey_docker_docker_20210326_171631.tgz | Docker | 1.10.0 | `e4f9c7c5aafe7e38b33d2927a9c0cf6a3ac27858d3d0e3f2252c2e91809a78db` |
+| infection_monkey_docker_dockerzt_20210326_172035.tgz | Docker | 1.10.0 | `248640e9eaa18e4c27f67237f0594d9533732f372ba4674d5d1bea43ab498cf5` |
+| monkey-island-vmware.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
+| monkey-island-vmwarezt.ova | OVA | 1.10.0 | `3472ad4ae557ddad7d7db8fbbfcfd33c4f2d95d870b18fa4cab49af6b562009c` |
-## All checksums
-### 1.8.0 and older
+## Older checksums
-You can find all these checksums in [this page](https://www.guardicore.com/infectionmonkey/checksums.html).
+| Filename | Type | Version | SHA256 |
+|------------------------------------------------------|-------------------|---------|--------------------------------------------------------------------|
+| monkey-windows-64.exe | Windows Agent | 1.9.0 | `24622cb8dbabb0cf4b25ecd3c13800c72ec5b59b76895b737ece509640d4c068` |
+| monkey-windows-32.exe | Windows Agent | 1.9.0 | `67f12171c3859a21fc8f54c5b2299790985453e9ac028bb80efc7328927be3d8` |
+| monkey-linux-64 | Linux Agent | 1.9.0 | `aec6b14dc2bea694eb01b517cca70477deeb695f39d40b1d9e5ce02a8075c956` |
+| monkey-linux-32 | Linux Agent | 1.9.0 | `4c24318026239530ed2437bfef1a01147bb1f3479696eb4eee6009326ce6b380` |
+| infection_monkey_deb.tgz | Debian Package | 1.9.0 | `33c23ddae283e3aafe965d264bc88464b66db3dd6874fd7e5cbcd4e931b3bb25` |
+| infection_monkey_debzt.tgz | Debian Package | 1.9.0 | `cc53fe9632f44248357d6bd20cf8629be9baf8688468fa6d3e186dcebf10cef6` |
+| Monkey Island v1.9.0_3546_windows.exe | Windows Installer | 1.9.0 | `371f6d25e8cb16ea7ebdfd367092ee65b33db2ec35b44d96705716641eaa59e8` |
+| Monkey Island v1.9.0_3546_windowszt.exe | Windows Installer | 1.9.0 | `662c611fb83bb8c7ef5f99c5d5ae04f5758727c688238d6a3cd4c58675581695` |
+| infection_monkey_docker_docker_20200806_153913.tgz | Docker | 1.9.0 | `5da11c539045a395ced5dd572d331c4f0e9315a3ee192c06279ff4fef668b96e` |
+| infection_monkey_docker_dockerzt_20200806_154742.tgz | Docker | 1.9.0 | `a84dbaad32ae42cc2d359ffbe062aec493a7253cf706a2d45f0d0b1c230f9348` |
+| monkey-island-vmware.ova | OVA | 1.9.0 | `3861d46518e8a92e49992b26dbff9fe8e8a4ac5fd24d68e68b13e7fd3fa22247` |
+| monkey-island-vmwarezt.ova | OVA | 1.9.0 | `03d356eb35e6515146f5bd798bb62cb15c56fcdf83a5281cf6cdc9b901586026` |
+| monkey-windows-64.exe | Windows Agent | 1.8.2 | `2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550` |
+| monkey-windows-32.exe | Windows Agent | 1.8.2 | `86a7d7065e73b795e38f2033be0c53f3ac808cc67478aed794a7a6c89123979f` |
+| monkey-linux-64 | Linux Agent | 1.8.2 | `4dce4a115d41b43adffc11672fae2164265f8902267f1355d02bebb802bd45c5` |
+| monkey-linux-32 | Linux Agent | 1.8.2 | `39d3fe1c7b33482a8cb9288d323dde17b539825ab2d736be66a9582764185478` |
+| infection_monkey_deb.tgz | Debian Package | 1.8.2 | `2a6b4b9b846566724ff985c6cc8283222b981b3495dd5a8920b6bc3f34d556e2` |
+| Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | `2be528685d675c882604d98382adb739f5ba0a7e234e3569b21f535173bd9569` |
+| Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | `f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a` |
+| infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | `0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d` |
+| infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | `0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75` |
+| monkey-windows-64.exe | Windows Agent | 1.8.0 | `f0bc144ba4ff46094225adaf70d3e92e9aaddb13b59e4e47aa3c2b26fd7d9ad7` |
+| monkey-windows-32.exe | Windows Agent | 1.8.0 | `1ddb093f9088a4d4c0af289ff568bbe7a0d057e725e6447055d4fe6c5f4e2c08` |
+| monkey-linux-64 | Linux Agent | 1.8.0 | `d41314e5df72d5a470974522935c0b03dcb1c1e6b094d4ab700b04d5fec59ae6` |
+| monkey-linux-32 | Linux Agent | 1.8.0 | `217cc2b9481f6454fa0a13adf12d9b29ce4e1e6a319971c8db9b446952ce3fb2` |
+| infection_monkey_deb.tgz | Debian Package | 1.8.0 | `9c5254583ce786768ea55df8063152bd19e0f21a83e6f4f873c5dccc5a1c9d5e` |
+| infection_monkey_debzt.tgz | Debian Package | 1.8.0 | `90A0824EC98680944B15B86CF5CFA09D48EDA406300C4CAE54432DB05F486D07` |
+| Monkey Island v1.8.0_3513_windows.exe | Windows Installer | 1.8.0 | `ce9a9d0539c14ebe2a10cf3b36991b309abd7b62dd7fb7522a549d8987b0f0f4` |
+| Monkey Island v1.8.0_3514_windowszt.exe | Windows Installer | 1.8.0 | `0b535a802ac43455d702b45673859b940c1feb7702b46a6a2cbc699672b0c89d` |
+| infection_monkey_docker_docker_20200330_201419.tgz | Docker | 1.8.0 | `4f15a5008e43d8c5184456771dd9e8d70104b4ec79e34b53d230662604a7d190` |
+| infection_monkey_docker_dockerzt_20200401_174529.tgz | Docker | 1.8.0 | `d94404134d879f3d859c77454df4abd0dbca00b8cae4b1c52d3b38e847f34e4c` |
+| monkey-island-vmware.ova | OVA | 1.8.0 | `6BC4E85A0EA81045BD88E2D5A9F98F0DD40DE99E94D1E343D13FA418045A6915` |
+| monkey-island-vmwarezt.ova | OVA | 1.8.0 | `79A043D85521F94024F8B0428A7A33B4D3F5B13F9D2B83F72C73C8D0BB12ED91` |
+| monkey-linux-64 | Debian Package | 1.8.0 | `b0de3931f6b9c2d986860151e5094e4c57aafa5e3e4aced828ecba36e4ece851` |
+| infection_monkey_docker_docker_20200330_201419.tgz | Docker | 1.8.0 | `4f15a5008e43d8c5184456771dd9e8d70104b4ec79e34b53d230662604a7d190` |
+| Monkey Island v1.8.0_3513_windows.exe | Windows Installer | 1.8.0 | `ce9a9d0539c14ebe2a10cf3b36991b309abd7b62dd7fb7522a549d8987b0f0f4` |
+| monkey-windows-64.exe | Windows Agent | 1.8.0 | `f0bc144ba4ff46094225adaf70d3e92e9aaddb13b59e4e47aa3c2b26fd7d9ad7` |
+| monkey-linux-64 | Linux Agent | 1.8.0 | `d41314e5df72d5a470974522935c0b03dcb1c1e6b094d4ab700b04d5fec59ae6` |
+| monkey-windows-32.exe | Windows Agent | 1.8.0 | `1ddb093f9088a4d4c0af289ff568bbe7a0d057e725e6447055d4fe6c5f4e2c08` |
+| monkey-linux-32 | Linux Agent | 1.8.0 | `217cc2b9481f6454fa0a13adf12d9b29ce4e1e6a319971c8db9b446952ce3fb2` |
+| infection_monkey_deb.tgz | Debian Package | 1.8.0 | `9c5254583ce786768ea55df8063152bd19e0f21a83e6f4f873c5dccc5a1c9d5e` |
+| infection_monkey_debzt.tgz | Debian Package | 1.8.0 | `90A0824EC98680944B15B86CF5CFA09D48EDA406300C4CAE54432DB05F486D07` |
+| infection_monkey_docker_docker_20200401_174048.tgz | Docker | 1.8.0 | `ae59b222a94e1ec83a1c36917bc5cd3d119057e146ac01242af91808f3dce37a` |
+| infection_monkey_docker_dockerzt_20200401_174529.tgz | Docker | 1.8.0 | `d94404134d879f3d859c77454df4abd0dbca00b8cae4b1c52d3b38e847f34e4c` |
+| Monkey Island v1.8.0_3514_windows.exe | Windows Installer | 1.8.0 | `a56bd98ca3d0dd260f26ac5ee46022fd5ca3f9081a43535b4f57cef43c345dc0` |
+| Monkey Island v1.8.0_3514_windowszt.exe | Windows Installer | 1.8.0 | `0b535a802ac43455d702b45673859b940c1feb7702b46a6a2cbc699672b0c89d` |
+| Monkey Island v1.8.0_3516_windows.exe | Windows Installer | 1.8.0 | `a31a3837d8ca722e8db10148704237b032e5ef62acc080a82ab80f009d8de6bd` |
+| Monkey Island v1.8.0_3517_windows.exe | Windows Installer | 1.8.0 | `450e9ea58a5282f506f819bdc3d4477bbc917d74ee837ca0cc3e62b4a923fef1` |
+| Monkey Island v1.8.0_3519_windows.exe | Windows Installer | 1.8.0 | `dfaf7b11b148a5648ca92887d731633f85b68dc82313616f0009eee123c47352` |
+| Monkey Island v1.8.0_3520_windows.exe | Windows Installer | 1.8.0 | `719427a7f1878555d6940485330f51e2ddb3331c96b60a1719f6e21987efb3d3` |
+| Monkey Island v1.8.0_3521_windows.exe | Windows Installer | 1.8.0 | `a9a37ec2677fc7d224c5993f914ba402c9f86c2f909dc5d649f67d08802dc847` |
+| Monkey Island v1.8.0_3522_windows.exe | Windows Installer | 1.8.0 | `4aaa5a99a108ab3cb14b9268a32ac68cb2de4a001ae0e4374ca779824981ea64` |
+| Monkey Island v1.8.0_3523_windows.exe | Windows Installer | 1.8.0 | `4f029d2683cf68e63f8b426fa19df9561add0ed169821b4fc83c2721f0939520` |
+| Monkey Island v1.8.0_3525_windows.exe | Windows Installer | 1.8.0 | `4a660cf5eda5beae844e5a62031972304eaa0432c32708f11d94dc0a501be182` |
+| Monkey Island v1.8.0_3525_windowszt.exe | Windows Installer | 1.8.0 | `980ba04ef9f6395e2885851f906ee3ed57d696a2e984aa1e7a59446a57ce0408` |
+| infection_monkey_docker_docker_20200419_160310.tgz | Docker | 1.8.0 | `999edc833484f51475db5a56e0557b59d09f520453b8077c60f7d9359b504299` |
+| infection_monkey_docker_dockerzt_20200419_160542.tgz | Docker | 1.8.0 | `87ec632837d4add968831ee7fd271871f89e5b29e251d046ebf100bc94bb755e` |
+| Monkey Island v1.8.0_3526_windows.exe | Windows Installer | 1.8.0 | `6b6c05f3575eef9b95c1624f74953e54654211de4ae1ad738b287e661f002989` |
+| Monkey Island v1.8.0_3526_windowszt.exe | Windows Installer | 1.8.0 | `f181e58820817d76274fab3ee2a7824fc0d5b1f637d7f5c7fe111eb7061844f2` |
+| Monkey Island v1.8.0_3527_windows.exe | Windows Installer | 1.8.0 | `94c2e09ca103bc22206715783616af91e58fe773a04c975d6a09d48d9a5759b2` |
+| infection_monkey_docker_docker_20200420_151527.tgz | Docker | 1.8.0 | `fe4512fd46c3be6c9416287e3a703e8453a46a17b05404ba72035036946f6dbd` |
+| infection_monkey_docker_docker_20200420_153306.tgz | Docker | 1.8.0 | `17ef5de58a49168a70085cb80063355ac489139c88d029d175a09e36524fe224` |
+| infection_monkey_docker_docker_20200420_174533.tgz | Docker | 1.8.0 | `fcf57ab8b1b77bcf678765c90798b950fd4a62019c48ebeeac37e9d3011b6b2e` |
+| infection_monkey_docker_docker_20200427_184208.tgz | Docker | 1.8.0 | `082165abd8c45d9731472ae0877fecedfbcefcff8c0003b43d4300854908f0cb` |
+| infection_monkey_docker_dockerzt_20200427_184441.tgz | Docker | 1.8.0 | `74f824ecb14f5d47182156999d5aeaf2177d719c6f53ed81b68606b2ed931647` |
+| Monkey Island v1.8.0_3528_windows.exe | Windows Installer | 1.8.0 | `baa13321c88223acd0262137ba018f9cbea869b5d1920565a5e6c8eb2c83b80e` |
+| Monkey Island v1.8.0_3528_windowszt.exe | Windows Installer | 1.8.0 | `466f7c3aa052163f10e154ec787b31a98b54ced8cffc17373525e8ca39ec2556` |
+| monkey-island-vmware.ova | OVA | 1.8.0 | `6BC4E85A0EA81045BD88E2D5A9F98F0DD40DE99E94D1E343D13FA418045A6915` |
+| monkey-island-vmwarezt.ova | OVA | 1.8.0 | `79A043D85521F94024F8B0428A7A33B4D3F5B13F9D2B83F72C73C8D0BB12ED91` |
+| monkey_island_vmware.deb | VMWare Debian | 1.7.0 | `8F77347343B1D070C4BCC43A6CF5971F086665206F76AD1304359ADB388C55DE` |
+| dk.monkeyisland.latest.tar | Docker | 1.7.0 | `E92CD45DB172342FE906FEFA7F26BACB2F59C2BE8484756B71CD1BDEBCCA8BFB` |
+| monkey-windows-32.exe | Agent | 1.7.0 | `00E121EC8AA3519498D225066A3BC29984A7DA2A6F4F0641ED465FD64107A117` |
+| Monkey Island v1.7.0.3478.exe | Windows Installer | 1.7.0 | `AFC969884939DBE37DA6B8AD4999CA6E9F18E54BA03AC0C04C59ABB6D6204634` |
+| monkey_island.deb | Debian | 1.7.0 | `4AE051BC47B39FA05937994B3D24226771D03891AB2EA484FD7B4AADC0C5E220` |
+| monkey-windows-64.exe | Agent | 1.7.0 | `BCF60E0C4BC2578361CCACDA0C183B726AF375F0142306CA9013A14BBA9B962C` |
+| monkey-linux-64 | Agent | 1.7.0 | `333529B3061473BF5EE713FA7E3DF4B05DD01823840BB92E1E715488A749B9EA` |
+| monkey-linux-32 | Agent | 1.7.0 | `EF7A72FFDDF3A54C74F458201A45B51B779A68C460A309B0D5FD247264D7137D` |
+| Monkey Island 1.7.0 OVA 20191013.ova | OVA | 1.7.0 | `EB1D568F1EA9236B3402A65484EE1F06350FF5C4097288F3FE3312474ECB48C7` |
+| dk.monkeyisland.latest.zt.tar | Docker | 1.7.0 | `C998FD7CC73F394CD39450E49586397F721D8B7F2DFA4CFE30EC797864588C72` |
+| Monkey Island v1.7.0 zt.exe | Windows Installer | 1.7.0 | `5C6DADDD3BCF0766DB515DC911DC80D7D11DFF8A72BCBBBE21DEB3C9F78B6889` |
+| monkey_island_zt.deb | Debian | 1.7.0 | `A0515FBCFD9590CEA739E1AFA95CE7FC406C5E4206A67A50C8CD2423540818C8` |
+| monkey_island_vmware_zt.deb | VMWare Debian | 1.7.0 | `80EDB3FB846251C7B80B72259837629F17A4166C34FE440451BDD7ED8CC43F7F` |
+| Monkey Island 1.7.0 ZT OVA 20191013.ova | OVA | 1.7.0 | `D220E171CF38DCD434AB4473C72CE29873A495B16FFAA8CA55658F5606398E34` |
+| infection_monkey_deb_vmware.20190519_125330.tgz | VMWare | 1.6.3 | `22e51f089e6537e2cb349b07b4bf22c7a63c68ae12776a7b5239a0238bf02a05` |
+| infection_monkey_deb_gcp.20190519_125239.tgz | GCP | 1.6.3 | `b8fdb976af8130329265bd3ad36b553864f6f7a2a2df912cfea4215584774686` |
+| infection_monkey_docker.20190519_125632.tgz | Docker | 1.6.3 | `5576e20fe8ee502a7b452b504789961aedae214e49061a58ca0f248cc72c1c78` |
+| monkey-windows-32.exe | Agent | 1.6.3 | `6f68d436a2a85852b02e4d72d4202919753a78e5285c36bd1a5481c8711b1d6b` |
+| Monkey Island v1.6.3.3468.exe | Windows Installer | 1.6.3 | `69cb63612855165db97eb3c253e5a6f627fe216e0610eca5e5e6f875281a3604` |
+| infection_monkey_deb.20190519_124555.tgz | Debian | 1.6.3 | `2389b553bd569defa4b81053984f0743b1b4093cdcfcf8561243b9d882d55e83` |
+| monkey-windows-64.exe | Agent | 1.6.3 | `502c749ede6e09b8c40bc4bbfd2a46c95d3626a1aef74c72ac7b5641595e8c9c` |
+| monkey-linux-64 | Agent | 1.6.3 | `6cfec4aea2f993294ca32f816a85347be8b155fb9c39706c82866bce8d8f87c1` |
+| monkey-linux-32 | Agent | 1.6.3 | `996b3883e9b1114b274bf25426ee13060b65f8deb08c96b57857b99d8e8e3277` |
+| Infection Monkey 1.6.3.ova | OVA | 1.6.3 | `a5b6e7d547ad4ae79508301698d99cbaf3b3ebfb1d2f0274ae1151d803def1e4` |
+| infection_monkey_deb_azure.20190519_125317.tgz | Azure | 1.6.3 | `fcf1b6bf805f4422deb90f25752573f796d5a73e148086f49db310208b02c829` |
+| infection_monkey_deb_aws.20190519_130517.tgz | AWS | 1.6.3 | `9c232f5d2f9dc24c9faea3cf597af783798baedb61334e0e650ca79bdac29fec` |
+| Infection Monkey 1.6.2.ova | OVA | 1.6.2 | `00346E6383E7BBDB107C14B668D251513E150C089A26AAFA3E17040D96C7DEC9` |
+| infection_monkey_deb.1.6.2.tgz | Debian | 1.6.2 | `56BF1D99DD6674F9D3504D5DD5A62D8B3520B4F25449ED0026E5A0DC99BD0683` |
+| infection_monkey_1.5_docker.tgz | Docker | 1.6.2 | `2466B4FFFE175EC5DEF0CAACF93EE5CC7D8878DBA63B30F148C560A6AFA5B537` |
+| Monkey Island v1.6.2.3434.exe | Windows Installer | 1.6.2 | `2B0BFD5721897787536F4F94D5641E061833CBEF0279C0E38C41BC1B3E76A380` |
+| Monkey-Linux-32 | Agent | 1.6.1 | `9E5F8FA7F85FEB1BC31E0AE7D1F303139CA3FE5FA044E6C58F68B4917D27CACE` |
+| Monkey-Linux-64 | Agent | 1.6.1 | `74F9FFBB504FF5E74EFF1399685C0C110EDE0D3244F61591D77EE7A22672457E` |
+| Monkey-Windows-32.exe | Agent | 1.6.1 | `53AC0F047CA95A0476944559F6FC650ADA865891139FA1258B35A5A525BC6002` |
+| Monkey-Windows-64.exe | Agent | 1.6.1 | `53019FD25CD4A0AE526696EB05E2EEDE32607263C5F29BE36554D637532D41C3` |
+| infection_monkey_1.5.2.ova | OVA | 1.5.2 | `6E6CAABBA7CCDB20E981147560353EC731B1FC8955D0319886D36E9825C201C7` |
+| infection_monkey_1.5_deb.tgz | Debian | 1.5.2 | `E84EFA3C20A417D13DC6EA64CB046D40ED7534A6FBB91EBF6EA061716A855A17` |
+| infection_monkey_1.5_docker.tgz | Docker | 1.5.2 | `0D33C17556FAC28874A2FE9157DB311892B42669E51C043C4DAE2F68B0D74B8F` |
+| Monkey-Linux-32 | Agent | 1.5.2 | `4DF689A845FD7092E81ECB0AB5207621836B3D46B71FB3829E5E5CF9DDAF52D0` |
+| Monkey-Linux-64 | Agent | 1.5.2 | `99FC4BB24D2EFF1CD107CCE932EA0BDC006ED2226AE0DC19DD0BC7A97ADB553F` |
+| Monkey-Windows-32.exe | Agent | 1.5.2 | `8FC1441B87BDFD786A3A262542C013E4C84AC870C847A919CDA0851F91A511B9` |
+| Monkey-Windows-64.exe | Agent | 1.5.2 | `0AE8F0AB190E8BEAE78AB12C8477C924FE92B19B1E079B279F4F87AE4BD2A718` |
+| infection_monkey_deb.20180402_184213.tgz | Debian | 1.5.1 | `4425FC97DE825715837783258FD8BCF88E87AAB3500F63D287384B9D74D54122` |
+| Monkey Island v1.5.1.3377.exe | Windows Installer | 1.5.1 | `5A137ADA97F39F4C3CA278E851D2684B929911639E2876EB4DF1D1AC5D70E27D` |
+| infection_monkey_docker.20180402_184212.tgz | Docker | 1.5.1 | `049831C3F9C959128C5C8D9843819A4ED960FF046B1536216B5FA5FF4B28D1A6` |
+| Monkey-Linux-32 | Agent | 1.6 | `665E1263347B9D0245211676496E91669809B3865ED8B5AD1878DA54A9784F5C` |
+| Monkey-Linux-64 | Agent | 1.6 | `F0D51E7431CF07A842D4D25AAE2DD8A6B9EE08744914729AF448F92088798F7F` |
+| Monkey-Windows-32.exe | Agent | 1.6 | `77AC4264715A6E7D238F8B67ED04EE75CF75C07D360A4B649CA6E31C83CE7B21` |
+| Monkey-Windows-64.exe | Agent | 1.6 | `0DEED0AA00F7D54B084EF6888731B0CFEC6382045A74B55162FDD3D00D0BE9F8` |
+| Monkey Island v1.6.0.3414.exe | Windows installer | 1.6 | `242879983A709D7CD6D7D7EEC493442B7FACC8E215CBB21650915C5EECB8829A` |
+| infection_monkey_1.6.ova | OVA | 1.6 | `831FBA09AA49940B1747164BEB6B4AF83BA04FCE35285912AB0B18A7FA1A39D8` |
+| infection_monkey_deb.1.6.tgz | Debian | 1.6 | `339EC88DD6A2AB6CB917456AA8970B0F1D36D7335E7D2EE1A34B74047F843542` |
+| infection_monkey_docker.1.6.tgz | Docker | 1.6 | `0624CF75C4D208DDC7475636CFE2869BA324DEB88C3860DB2934E7BDA3E664F6` |
+| infection_monkey.ova | OVA | 1.5 | `A6773C4DA8FF7A09C0F3FEE45A25D45830C616AACCEC14C86542462ADCDA1F89` |
+| infection_monkey_deb.20180208_175917.tgz | Debian | 1.5 | `04E3CD3CD301A44BEE508C1BF993948B89212EF3269D61FB13ECB9FDC25268DB` |
+| infection_monkey_docker.20180119_112852.tgz | Docker | 1.5 | `4D94C6BB7B4A0177CC1F3E864FB714015619ACB4DD1C4E92D8986BA093F8BD87` |
+| Monkey Island v1.5.0.exe | Windows installer | 1.5 | `A1D7725AF116AE33CEA9A0E641E61C96E51FAFCCCB598F668EB99E35DE799C7B` |
+| infection_monkey_1.5_deb.tgz | Debian | 1.5 | `1433B8A5E778F12C9E8AE4B1BCBF2863E0CC5E001D661C8540804B909B9D83C5` |
+| infection_monkey_1.5_docker.tgz | Docker | 1.5 | `22B7FDC4C213F0385AEB9F63E60665470C2862C8C1B45B5B49FBF320570A9082` |
+| Monkey Island v1.5.0.3371.exe | Windows Installer | 1.5 | `B69997E9920E73F16896D3E793AB721388E5636DB1846D4BFEC1C7A372EE2059` |
+| infection_monkey_1.5_deb.tgz | Debian | 1.5 | `00EB499FCC590950723E42784D3502B70EAD8AD396B916AF450AB1A48DF993ED` |
+| infection_monkey_1.5_docker.tgz | Docker | 1.5 | `A8670280A07EF6A9F5DC9CEB4B11B25DD7B90C37AD94666A6FFAABD6D105F0CB` |
+| Monkey Island v1.5.0.exe | Windows Installer | 1.5 | `55F39C8EEB04089F54C10C991A82FE1539BC072E1A7F364D0C720CBF0A28EBB7` |
+| Monkey-Linux-32 | Agent | 1.5 | `B85E10AEF0B6935B0AF6EFEA03C9A684859F2DD078B31D9492E98585E2E89C39` |
+| Monkey-Linux-64 | Agent | 1.5 | `44BA13A7391D4A16C46D5EF44F60B09E1EDCEB3C716C0AF4241F166619A62944` |
diff --git a/docs/content/usage/getting-started.md b/docs/content/usage/getting-started.md
index 631957506..6572e7b24 100644
--- a/docs/content/usage/getting-started.md
+++ b/docs/content/usage/getting-started.md
@@ -7,32 +7,34 @@ pre: " "
tags: ["usage"]
---
+If you haven't deployed the Monkey Island yet, please [refer to our setup documentation](/setup).
+
## Using the Infection Monkey
-After deploying the Monkey Island in your environment, navigate to `https://