Go to file
Daniel Goldberg 8f0251e822
Updated readme links
2018-03-13 11:08:23 +02:00
.github Update PULL_REQUEST_TEMPLATE.md 2018-02-19 14:19:25 +02:00
infection_monkey Merge pull request #87 from guardicore/feature/send-raw-log 2018-03-06 18:10:22 +02:00
monkey_business added tornado 2016-09-06 10:45:32 +03:00
monkey_island quick bugfix for auth 2018-03-11 19:03:40 +02:00
.gitignore git ignore node_modules 2017-09-12 13:47:28 +03:00
CONTRIBUTING.md Basic contributing.md 2018-01-16 19:37:40 +02:00
LICENSE Changed name to fit Github standard 2016-03-01 17:54:01 +02:00
README.md Updated readme links 2018-03-13 11:08:23 +02:00

README.md

Infection Monkey

Data center Security Testing Tool


Welcome to the Infection Monkey!

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.

The Infection Monkey is comprised of two parts:

  • Monkey - A tool which infects other machines and propagates to them
  • Monkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data center

To read more about the Monkey, visit http://infectionmonkey.com

Main Features

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

  • Multiple propagation techniques:
    • Predefined passwords
    • Common logical exploits
    • Password stealing using Mimikatz
  • Multiple exploit methods:
    • SSH
    • SMB
    • RDP
    • WMI
    • Shellshock
    • Conficker
    • SambaCry
    • Elastic Search (CVE-2015-1427)

Setup

Check out the Setup page in the Wiki or a quick getting started guide.

Building the Monkey from source

If you want to build the monkey from source, see Setup and follow the instructions at the readme files under infection_monkey and monkey_island.

License

Copyright (c) 2017 Guardicore Ltd

See the LICENSE file for license rights and limitations (GPLv3).