p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

docs: Modify ransomware page and add screenshot of ransomware config

This commit is contained in:
Shreya Malviya 2021-07-28 16:46:12 +05:30
parent 42f14e25c1
commit 4e95721f88
2 changed files with 14 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
docs/content/usage/scenarios/ransomware-simulation.md
View File

@ -10,26 +10,6 @@ pre: "<i class='fa fa-lock'></i>"
The Infection Monkey is capable of simulating a ransomware attack on your The Infection Monkey is capable of simulating a ransomware attack on your
network using a set of configurable behaviors. network using a set of configurable behaviors.
## Leaving a README.txt file
Many ransomware packages leave a README.txt file on the victim machine with an
explanation of what has occurred and instructions for paying the attacker.
The Infection Monkey can also leave a README.txt file in the target directory on
the victim machine in order to replicate this behavior. This can be enabled or
disabled by checking the box on the configuration screen. Note that if no
target directory is specified for encryption, the Infection Monkey will not
leave a README.txt file.
<!-- add screenshot highlighting readme option -->
The README.txt file informs the user that a ransomware simulation has taken
place and that they should contact their administrator. The contents of the
file can be found
[here](https://github.com/guardicore/monkey/tree/develop/monkey/infection_monkey/ransomware/ransomware_readme.txt).
<!-- add config screenshot here -->
## Encryption ## Encryption
@ -57,7 +37,7 @@ To ensure minimum interference and easy recoverability, the ransomware
simulation will only encrypt files contained in a user-specified directory. If simulation will only encrypt files contained in a user-specified directory. If
no directory is specified, no files will be encrypted. no directory is specified, no files will be encrypted.
<!-- add screenshot highlighting encryption options --> ![Ransomware configuration](/images/usage/scenarios/ransomware-config.png "Ransomware configuration")
### How are the files encrypted? ### How are the files encrypted?
@ -166,3 +146,16 @@ BitDefender](https://labs.bitdefender.com/2017/07/a-technical-look-into-the-gold
- .xlsx - .xlsx
- .xvd - .xvd
- .zip - .zip
## Leaving a README.txt file
Many ransomware packages leave a README.txt file on the victim machine with an
explanation of what has occurred and instructions for paying the attacker.
The Infection Monkey will also leave a README.txt file in the target directory on
the victim machine in order to replicate this behavior.
The README.txt file informs the user that a ransomware simulation has taken
place and that they should contact their administrator. The contents of the
file can be found
[here](https://github.com/guardicore/monkey/tree/develop/monkey/infection_monkey/ransomware/ransomware_readme.txt).

BIN
docs/static/images/usage/scenarios/ransomware-config.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 136 KiB