diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py
index 66d881d93..478c8dde2 100644
--- a/monkey/infection_monkey/monkey.py
+++ b/monkey/infection_monkey/monkey.py
@@ -37,6 +37,19 @@ from infection_monkey.network_scanning.mssql_fingerprinter import MSSQLFingerpri
 from infection_monkey.network_scanning.smb_fingerprinter import SMBFingerprinter
 from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter
 from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
+from infection_monkey.post_breach.actions.change_file_privileges import ChangeSetuidSetgid
+from infection_monkey.post_breach.actions.clear_command_history import ClearCommandHistory
+from infection_monkey.post_breach.actions.collect_processes_list import ProcessListCollection
+from infection_monkey.post_breach.actions.communicate_as_backdoor_user import (
+    CommunicateAsBackdoorUser,
+)
+from infection_monkey.post_breach.actions.discover_accounts import AccountDiscovery
+from infection_monkey.post_breach.actions.hide_files import HiddenFiles
+from infection_monkey.post_breach.actions.modify_shell_startup_files import ModifyShellStartupFiles
+from infection_monkey.post_breach.actions.schedule_jobs import ScheduleJobs
+from infection_monkey.post_breach.actions.timestomping import Timestomping
+from infection_monkey.post_breach.actions.use_signed_scripts import SignedScriptProxyExecution
+from infection_monkey.post_breach.actions.use_trap_command import TrapCommand
 from infection_monkey.puppet.puppet import Puppet
 from infection_monkey.system_singleton import SystemSingleton
 from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
@@ -234,6 +247,29 @@ class InfectionMonkey:
             PluginType.EXPLOITER,
         )
 
+        puppet.load_plugin(
+            "CommunicateAsBackdoorUser", CommunicateAsBackdoorUser, PluginType.POST_BREACH_ACTION
+        )
+        puppet.load_plugin(
+            "ModifyShellStartupFiles", ModifyShellStartupFiles, PluginType.POST_BREACH_ACTION
+        )
+        puppet.load_plugin("HiddenFiles", HiddenFiles, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin("TrapCommand", CommunicateAsBackdoorUser, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin("ChangeSetuidSetgid", ChangeSetuidSetgid, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin("ScheduleJobs", ScheduleJobs, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin("Timestomping", Timestomping, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin("AccountDiscovery", AccountDiscovery, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin(
+            "ProcessListCollection", ProcessListCollection, PluginType.POST_BREACH_ACTION
+        )
+        puppet.load_plugin("TrapCommand", TrapCommand, PluginType.POST_BREACH_ACTION)
+        puppet.load_plugin(
+            "SignedScriptProxyExecution", SignedScriptProxyExecution, PluginType.POST_BREACH_ACTION
+        )
+        puppet.load_plugin(
+            "ClearCommandHistory", ClearCommandHistory, PluginType.POST_BREACH_ACTION
+        )
+
         puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD)
 
         return puppet