p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

uploaded some more content

This commit is contained in:
Shay Nehmad 2020-06-08 22:26:35 +03:00
parent 102658d8c5
commit 1586a271ff
8 changed files with 158 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/config.toml
View File

@ -39,18 +39,24 @@ theme = "learn"
[[menu.shortcuts]]
name = "<i class='fas fa-home'></i> Homepage"
identifier = "hp"
identifier = "homepage"
url = "https://infectionmonkey.com"
weight = 10
[[menu.shortcuts]]
name = "<i class='fab fa-github'></i> GitHub"
identifier = "ds"
identifier = "github"
url = "https://github.com/guardicore/monkey"
weight = 20
[[menu.shortcuts]]
name = "<i class='fab fa-slack'></i> Slack"
identifier = "sl"
identifier = "slack"
url = "https://join.slack.com/t/infectionmonkey/shared_invite/enQtNDU5MjAxMjg1MjU1LWM0NjVmNWE2ZTMzYzAxOWJiYmMxMzU0NWU3NmUxYjcyNjk0YWY2MDkwODk4NGMyNDU4NzA4MDljOWNmZWViNDU"
weight = 30
[[menu.shortcuts]]
name = "<i class='fas fa-inbox'></i> Email"
identifier = "email"
url = "https://join.slack.com/t/infectionmonkey/shared_invite/enQtNDU5MjAxMjg1MjU1LWM0NjVmNWE2ZTMzYzAxOWJiYmMxMzU0NWU3NmUxYjcyNjk0YWY2MDkwODk4NGMyNDU4NzA4MDljOWNmZWViNDU"
weight = 40

19
docs/content/_index.md
View File

@ -6,4 +6,21 @@ draft: false
Welcome to the Infection Monkey documenation hub!
Can't find something? [Contact us](mailto:support@infectionmonkey.com).
## What is Infection Monkey?
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island Command and Control server.
The Infection Monkey is comprised of two parts:
* Monkey - A tool which infects other machines and propagates to them
* Monkey Island - A dedicated UI to visualize the Infection Monkey's progress inside the data center
To read more about the Monkey and download it, visit [our homepage](https://www.guardicore.com/infectionmonkey/).
## Getting Started
If you haven't downloaded Infection Monkey yet you can do so [from our homepage](infectionmonkey.com). After downloadling the Monkey, install it using one of our [setup guides](setup), and read our [getting started guide](usage/getting-started) for a quick-start on Monkey!
## Support and community
If you need help or want to talk all things Monkey, you can [join our public <i class='fab fa-slack'></i> Slack workspace](https://join.slack.com/t/infectionmonkey/shared_invite/enQtNDU5MjAxMjg1MjU1LWM0NjVmNWE2ZTMzYzAxOWJiYmMxMzU0NWU3NmUxYjcyNjk0YWY2MDkwODk4NGMyNDU4NzA4MDljOWNmZWViNDU) or [contact us via email](mailto:support@infectionmonkey.com).

43
docs/content/development/_index.md Normal file
View File

@ -0,0 +1,43 @@
+++
title = "Contribute"
date = 2020-05-26T20:55:04+03:00
weight = 30
chapter = true
pre = '<i class="fas fa-code"></i> '
tags = ["development", "contribute"]
+++
# Securing networks together
Want to help secure networks? That's great!
## How should I start?
Here's a few short links to help you get started.
* [Getting up and running](../setup-development-environment) - To help you get a working development setup.
* [Contributing guidelines](https://github.com/guardicore/monkey/blob/master/CONTRIBUTING.md) - Some guidelines to help you submit.
## What are we looking for?
You can take a look at [our roadmap](https://github.com/guardicore/monkey/projects/5) to see what issues we're thinking about doing soon. We are looking for:
### More exploits! 💥
The best way to find weak spots in the network is by attacking it. The [Exploit template](https://github.com/guardicore/monkey/wiki/Exploit-templates) page will help you add exploits.
It's important to note that the Infection Monkey must be perfectly reliable otherwise no one will use it, so avoid memory corruption exploits _unless they're rock solid_ and focus on the logical vulns such as Shellshock.
### Analysis plugins 🔬
Successfully attacking every server in the network is no good unless the Monkey can explain how to prevent the attack. Whether it's detecting when the Monkey is using stolen credentials or when the Monkey can escape locked down networks, this is the part that actually helps secure different parts.
### Better code 💪
We always want to improve the core Monkey code, to make it smaller, faster and more reliable. If you have an idea of how to do it, or just want to modularise/improve test coverage for the code, do share!
### Documentation 📚
Every project requires better documentation. The Monkey is no different, so feel free to open PRs with suggestions, improvements or issues asking us to document different parts of the Monkey.
The Monkey's documentation is stored in the `/docs/content` directory.

5
docs/content/development/adding-exploits.md Normal file
View File

@ -0,0 +1,5 @@
---
title: "Adding Exploits"
date: 2020-06-08T19:53:00+03:00
draft: true
---

6
docs/content/development/adding-post-breach-actions.md Normal file
View File

@ -0,0 +1,6 @@
---
title: "Adding Post Breach Actions"
date: 2020-06-08T19:53:13+03:00
draft: true
---

23
docs/content/development/setup-development-environment.md Normal file
View File

@ -0,0 +1,23 @@
---
title: "Setting up a development environment"
date: 2020-06-08T19:53:00+03:00
draft: false
---
## Deployment scripts
To setup development environment using scripts look at the readme under [`/deployment_scripts`](https://github.com/guardicore/monkey/blob/develop/deployment_scripts). If you want to setup it manually or if run into some problems, read further below.
## Agent
The Agent, (what we refer as the Monkey), is a single Python project under the [`infection_monkey`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey) folder. Built for Python 3.7, you can get it up and running by setting up a [virtual environment](https://docs.python-guide.org/dev/virtualenvs/) and inside it installing the requirements listed under [`requirements.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/requirements.txt).
In order to compile the Monkey for distribution by the Monkey Island, you need to run the instructions listed in [`readme.txt`](https://github.com/guardicore/monkey/blob/master/monkey/infection_monkey/readme.txt) on each supported environment.
This means setting up an environment with Linux 32/64-bit with Python installed and a Windows 64-bit machine with developer tools + 32/64-bit Python versions.
## Monkey Island
The Monkey Island is a Python backend React frontend project. Similar to the agent, the backend's requirements are listed in the matching [`requirements.txt`](https://github.com/guardicore/monkey/blob/master/monkey/monkey_island/requirements.txt).
To setup a working front environment, run the instructions listed in the [`readme.txt`](https://github.com/guardicore/monkey/blob/master/monkey/monkey_island/readme.txt)

53
docs/content/usage/file-checksums.md Normal file
View File

@ -0,0 +1,53 @@
---
title: "Verify Integrity - Checksums"
date: 2020-06-08T19:53:47+03:00
draft: true
weight: 100
---
The official distribution of Infection Monkey is compiled and supplied by Guardicore ([download from our official site here](infectionmonkey.com)). The team signs all software packages to certify that a particular Infection Monkey package is a valid and unaltered Infection Monkey release. Before installing Monkey, you should validate the package using the SHA-256 checksum.
## How to get SHA-256 checksum
### On Windows
Use the `Get-FileHash` powershell commandlet, like so:
```powershell
Get-FileHash '.\Monkey Island v1.8.2_3536_windows.exe' | Format-List
# Should print
# Algorithm : SHA256
# Hash : 2BE528685D675C882604D98382ADB739F5BA0A7E234E3569B21F535173BD9569
# Path : C:\Users\shay.nehmad\Desktop\work\compiled monkeys\1.8.2\Monkey Island v1.8.2_3536_windows.exe
```
### On Linux
Use the `sha256sum` shell command, like so:
```sh
sha256sum monkey-linux-64
# Should print:
# 734dd2580f3d483210daf54c063a0a972911bbe9afb6ebc6278f86cd6b05e7ab monkey-linux-64
```
## Latest version checksums
| Filename | Type | Version | SHA256 hash |
|-|-|-|-|
monkey-windows-64.exe | Windows Agent | 1.8.2 | 2e6a1cb5523d87ddfd48f75b10114617343fbac8125fa950ba7f00289b38b550
monkey-windows-32.exe | Windows Agent | 1.8.2 | 86a7d7065e73b795e38f2033be0c53f3ac808cc67478aed794a7a6c89123979f
monkey-linux-64 | Linux Agent | 1.8.2 | 4dce4a115d41b43adffc11672fae2164265f8902267f1355d02bebb802bd45c5
monkey-linux-32 | Linux Agent | 1.8.2 | 39d3fe1c7b33482a8cb9288d323dde17b539825ab2d736be66a9582764185478
infection_monkey_deb.tgz | Debian Package | 1.8.2 | 2a6b4b9b846566724ff985c6cc8283222b981b3495dd5a8920b6bc3f34d556e2
Monkey Island v1.8.2_3536_windows.exe | Windows Installer | 1.8.2 | 2be528685d675c882604d98382adb739f5ba0a7e234e3569b21f535173bd9569
Monkey Island v1.8.2_3536_windowszt.exe | Windows Installer | 1.8.2 | f282ce4dd50abe54671948fb5b3baf913087459444e451660971290a72fe244a
infection_monkey_docker_docker_20200607_172156.tgz | Docker | 1.8.2 | 0e4bc731ef7e8bf19b759709672375890136c008526be454850d334d9ba5012d
infection_monkey_docker_dockerzt_20200607_172521.tgz | Docker | 1.8.2 | 0f4b0cd6fd54dc14ea50c5d2fb3fc711e9863518bd5bffd04e08a0f17eb99e75
## All checksums
### 1.8.0 and older
You can find all these checksums in [this page](https://www.guardicore.com/infectionmonkey/checksums.html).

1
docs/content/usage/scenarios.md
View File

@ -2,6 +2,7 @@
title: "Scenarios"
date: 2020-05-26T21:01:19+03:00
draft: true
weight: 2
---
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.