forked from p15670423/monkey
Merge branch 'documentation_hub_link_fixes' into develop
This commit is contained in:
commit
9e26a3f1eb
|
@ -1,5 +1,6 @@
|
|||
# Intellij
|
||||
.idea/
|
||||
.run/
|
||||
|
||||
# Byte-compiled / optimized / DLL files
|
||||
__pycache__/
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
baseURL = "https://www.guardicore.com/infectionmonkey/docs"
|
||||
baseURL = "https://www.guardicore.com/infectionmonkey/docs/"
|
||||
canonifyURLs = true
|
||||
|
|
|
@ -39,9 +39,9 @@ The Monkey shuts off either when it can't find new victims, or when it has excee
|
|||
## How to reset the password?
|
||||
|
||||
On your first access of Monkey Island server, you'll be prompted to create an account. If you forgot the credentials you
|
||||
entered or just want to change them, you need to manually alter the `server_config.json` file. On Linux, this file is
|
||||
located on `/var/monkey/monkey_island/cc/server_config.json`. On windows, it's based on your install directory (typically
|
||||
`C:\Program Files\Guardicore\Monkey Island\monkey_island\cc\server_config.json`). Reset the contents of this file
|
||||
entered or just want to change them, you need to manually alter the `server_config.json` file. On Linux, this file is
|
||||
located on `/var/monkey/monkey_island/cc/server_config.json`. On windows, it's based on your install directory (typically
|
||||
`C:\Program Files\Guardicore\Monkey Island\monkey_island\cc\server_config.json`). Reset the contents of this file
|
||||
leaving the **deployment option unchanged** (it might be "vmware" or "linux" in your case):
|
||||
|
||||
```json
|
||||
|
@ -50,7 +50,7 @@ On your first access of Monkey Island server, you'll be prompted to create an ac
|
|||
"deployment": "windows"
|
||||
}
|
||||
```
|
||||
Then reset the Island process (`sudo systemctl restart monkey-island.service` for linux, restart program for windows).
|
||||
Then reset the Island process (`sudo systemctl restart monkey-island.service` for linux, restart program for windows).
|
||||
Finally, go to the Island's URL and create a new account.
|
||||
|
||||
## Should I run the Monkey continuously?
|
||||
|
@ -134,7 +134,7 @@ If you do experience any performance issues please let us know on [our Slack cha
|
|||
|
||||
Absolutely! User credentials are stored encrypted in the Monkey Island server. This information is then accessible only to users that have access to the Island.
|
||||
|
||||
We advise to limit access to the Monkey Island server by following our [password protection guide](../usage/island/password-guide).
|
||||
We advise to limit access to the Monkey Island server by following our [password protection guide]({{< ref "/setup/accounts-and-security" >}}).
|
||||
|
||||
### How do you store sensitive information on Monkey Island?
|
||||
|
||||
|
@ -150,7 +150,7 @@ This means we avoid using some very strong (and famous) exploits such as [Eterna
|
|||
|
||||
## After I've set up Monkey Island, how can I execute the Monkey?
|
||||
|
||||
See our detailed [getting started](../content/usage/getting-started) guide.
|
||||
See our detailed [getting started]({{< ref "/usage/getting-started" >}}) guide.
|
||||
|
||||
## How can I make the monkey propagate “deeper” into the network?
|
||||
|
||||
|
@ -169,7 +169,7 @@ This is sometimes caused when Monkey Island is installed with an old version of
|
|||
|
||||
## How can I get involved with the project?
|
||||
|
||||
The Monkey is an open-source project, and we weclome contributions and contributors. Check out the [contribution documentation](../development) for more information.
|
||||
The Monkey is an open-source project, and we weclome contributions and contributors. Check out the [contribution documentation]({{< ref "/development" >}}) for more information.
|
||||
|
||||
## About the project 🐵
|
||||
|
||||
|
|
|
@ -24,8 +24,8 @@ Architecturally, Infection Monkey is comprised of two components:
|
|||
* Monkey Agent (Monkey for short) - a safe, worm-like binary program which scans, propagates and simulates attack techniques on the **local network**.
|
||||
* Monkey Island Server (Island for short) - a C&C web server which provides a GUI for users and interacts with the Monkey Agents.
|
||||
|
||||
The user can run the Monkey Agent on the Island server machine or distribute Monkey Agent binaries on the network manually. Based on
|
||||
the configuration parameters, Monkey Agents scan, propagate and simulate an attacker's behavior on the local network. All of the
|
||||
The user can run the Monkey Agent on the Island server machine or distribute Monkey Agent binaries on the network manually. Based on
|
||||
the configuration parameters, Monkey Agents scan, propagate and simulate an attacker's behavior on the local network. All of the
|
||||
information gathered about the network is aggregated in the Island Server and displayed once all Monkey Agents are finished.
|
||||
|
||||
## Results
|
||||
|
@ -35,12 +35,12 @@ The results of running Monkey Agents are:
|
|||
- A security report, which displays security issues that Monkey Agents discovered and/or exploited.
|
||||
- A MITRE ATT&CK report, which displays the information about the ATT&CK techniques that Monkey Agents tried to use.
|
||||
- A Zero Trust report, which displays violations of Zero Trust principles that Monkey Agents found.
|
||||
|
||||
A more in-depth description of reports generated can be found in the [reports documentation page](/reports).
|
||||
|
||||
A more in-depth description of reports generated can be found in the [reports documentation page]({{< ref "/reports" >}}).
|
||||
|
||||
## Getting Started
|
||||
|
||||
If you haven't downloaded Infection Monkey yet you can do so [from our homepage](https://www.guardicore.com/infectionmonkey/#download). After downloading the Monkey, install it using one of our [setup guides](setup), and read our [getting started guide](usage/getting-started) for a quick-start on Monkey!
|
||||
If you haven't downloaded Infection Monkey yet you can do so [from our homepage](https://www.guardicore.com/infectionmonkey/#download). After downloading the Monkey, install it using one of our [setup guides] ({{< ref "/setup" >}}), and read our [getting started guide] ({{< ref "/usage/getting-started" >}}) for a quick-start on Monkey!
|
||||
|
||||
## Support and community
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ date = 2020-05-26T20:55:04+03:00
|
|||
weight = 30
|
||||
chapter = true
|
||||
pre = '<i class="fas fa-code"></i> '
|
||||
tags = ["development", "contribute"]
|
||||
tags = ["development", "contribute"]
|
||||
+++
|
||||
|
||||
# Securing networks together
|
||||
|
@ -15,7 +15,7 @@ Want to help secure networks? That's great!
|
|||
|
||||
Here are a few short links to help you get started:
|
||||
|
||||
* [Getting up and running](./setup-development-environment) - These instructions will help you get a working development setup.
|
||||
* [Getting up and running]({{< ref "/development/setup-development-environment" >}}) - These instructions will help you get a working development setup.
|
||||
* [Contributing guidelines](https://github.com/guardicore/monkey/blob/master/CONTRIBUTING.md) - These guidelines will help you submit.
|
||||
|
||||
## What are we looking for?
|
||||
|
@ -30,7 +30,7 @@ It's important to note that the Infection Monkey must be absolutely reliable. Ot
|
|||
|
||||
### Analysis plugins 🔬
|
||||
|
||||
Successfully attacking every server in the network has little value if the Infection Monkey can't provide recommendations for reducing future risk. Whether it's explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey's activities into actionable next steps for improving security.
|
||||
Successfully attacking every server in the network has little value if the Infection Monkey can't provide recommendations for reducing future risk. Whether it's explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey's activities into actionable next steps for improving security.
|
||||
|
||||
### Better code 💪
|
||||
|
||||
|
|
|
@ -5,4 +5,4 @@ draft: false
|
|||
tags: ["exploit", "windows"]
|
||||
---
|
||||
|
||||
Brute forces using credentials provided by user (see ["Configuration"](../usage/configuration)) and hashes gathered by Mimikatz.
|
||||
Brute forces using credentials provided by user (see ["Configuration"] ({{< ref "/usage/configuration" >}}) and hashes gathered by Mimikatz.
|
||||
|
|
|
@ -5,4 +5,4 @@ draft: false
|
|||
tags: ["exploit", "linux"]
|
||||
---
|
||||
|
||||
Brute forces using credentials provided by user (see ["Configuration"](../usage/configuration))and SSH keys gathered from systems.
|
||||
Brute forces using credentials provided by user (see ["Configuration"]({{< ref "/usage/configuration" >}})and SSH keys gathered from systems.
|
||||
|
|
|
@ -5,4 +5,4 @@ draft: false
|
|||
tags: ["exploit", "windows"]
|
||||
---
|
||||
|
||||
Brute forces WMI (Windows Management Instrumentation) using credentials provided by user (see ["Configuration"](../usage/configuration)) and hashes gathered by mimikatz.
|
||||
Brute forces WMI (Windows Management Instrumentation) using credentials provided by user (see ["Configuration"]({{< ref "/usage/configuration" >}})) and hashes gathered by mimikatz.
|
||||
|
|
|
@ -3,17 +3,17 @@ title: "MITRE ATT&CK"
|
|||
date: 2020-09-24T08:18:37+03:00
|
||||
draft: false
|
||||
pre: ' <b><u>&</u></b> '
|
||||
weight: 10
|
||||
weight: 10
|
||||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for the MITRE ATT&CK report as well](../../usage/reports/mitre).
|
||||
Check out [the documentation for the MITRE ATT&CK report as well]({{< ref "/reports/mitre" >}}).
|
||||
{{% /notice %}}
|
||||
|
||||
The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base and based on this,
|
||||
provides a report detailing the techniques it used and recommended mitigations.
|
||||
The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently.
|
||||
|
||||
|
||||
In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about,
|
||||
categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic.
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ draft: false
|
|||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for other reports available in the Infection Monkey](../) and [the documentation for supported ATT&CK techniques](../../../reference/mitre_techniques).
|
||||
Check out [the documentation for other reports available in the Infection Monkey] ({{< ref "/reports" >}}) and [the documentation for supported ATT&CK techniques]({{< ref "/reference/mitre_techniques" >}}).
|
||||
{{% /notice %}}
|
||||
|
||||
The Infection Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base. After simulating an advanced persistent threat (APT) attack, it generates a report summarizing the success of the techniques utilized along with recommended mitigation steps, helping you identify and mitigate attack paths in your environment.
|
||||
|
|
|
@ -6,7 +6,7 @@ description: "Provides actionable recommendations and insight into an attacker's
|
|||
---
|
||||
|
||||
{{% notice info %}}
|
||||
Check out [the documentation for other reports available in the Infection Monkey](../).
|
||||
Check out [the documentation for other reports available in the Infection Monkey]({{< ref "/reports" >}}).
|
||||
{{% /notice %}}
|
||||
|
||||
The Infection Monkey's **Security Report** provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here:
|
||||
|
|
|
@ -4,7 +4,7 @@ date = 2020-05-26T20:55:04+03:00
|
|||
weight = 5
|
||||
chapter = true
|
||||
pre = '<i class="fas fa-cogs"></i> '
|
||||
tags = ["setup"]
|
||||
tags = ["setup"]
|
||||
+++
|
||||
|
||||
# Setting up Infection Monkey
|
||||
|
@ -15,7 +15,7 @@ Once you've downloaded an installer, follow the relevant guide for your environm
|
|||
|
||||
{{% children %}}
|
||||
|
||||
After setting the Monkey up, check out our [Getting Started](../usage/getting-started) guide!
|
||||
After setting the Monkey up, check out our [Getting Started](/usage/getting-started) guide!
|
||||
|
||||
{{% notice tip %}}
|
||||
You can find information about [operating system compatibility and support here](../reference/operating_systems_support).
|
||||
|
|
|
@ -15,15 +15,4 @@ If you want an island to be accessible without credentials, press *I want anyone
|
|||
|
||||
## Resetting your account credentials
|
||||
|
||||
To reset your credentials, edit `monkey_island\cc\server_config.json` by deleting the `user` and `password_hash` variables.
|
||||
|
||||
When you restart the Monkey Island server, you will again be prompted with the registration form.
|
||||
|
||||
Example `server_config.json` for account reset:
|
||||
|
||||
```json
|
||||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop"
|
||||
}
|
||||
```
|
||||
This procedure is documented in [the FAQ.]({{< ref "/faq/#how-to-reset-the-password" >}})
|
||||
|
|
|
@ -32,7 +32,7 @@ This Debian package has been tested on Ubuntu Bionic 18.04 LTS and Ubuntu Focal
|
|||
```
|
||||
1. Install the Monkey Island Debian package:
|
||||
```sh
|
||||
sudo dpkg -i monkey_island.deb # this might print errors
|
||||
sudo dpkg -i monkey_island_deb.deb # this might print errors
|
||||
```
|
||||
1. If, at this point, you receive dpkg errors that look like this:
|
||||
|
||||
|
@ -86,4 +86,3 @@ If you'd like to keep your existing configuration, you can export it to a file
|
|||
using the *Export config* button and then import it to the new Monkey Island.
|
||||
|
||||
![Export configuration](../../images/setup/export-configuration.png "Export configuration")
|
||||
|
||||
|
|
|
@ -6,18 +6,18 @@ description: "See where you stand in your Zero Trust journey."
|
|||
weight: 1
|
||||
---
|
||||
|
||||
## Overview
|
||||
## Overview
|
||||
|
||||
Want to assess your progress in achieving a Zero Trust network? The Infection Monkey can automatically evaluate your readiness across the different
|
||||
[Zero Trust Extended Framework](https://www.forrester.com/report/The+Zero+Trust+eXtended+ZTX+Ecosystem/-/E-RES137210) principles.
|
||||
|
||||
You can additionally scan your cloud infrastructure's compliance to ZeroTrust principles using [ScoutSuite integration.](/usage/integrations/scoutsuite)
|
||||
You can additionally scan your cloud infrastructure's compliance to ZeroTrust principles using [ScoutSuite integration.]({{< ref "/usage/integrations/scoutsuite" >}})
|
||||
|
||||
## Configuration
|
||||
|
||||
- **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.
|
||||
- **Network -> Scope** Disable “Local network scan” and instead provide specific network ranges in the “Scan target list.”
|
||||
- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
|
||||
- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
|
||||
subnets that should be segregated from each other.
|
||||
|
||||
In general, other configuration value defaults should be good enough, but feel free to see the “Other” section for tips and tricks about more features and in-depth configuration parameters you can use.
|
||||
|
@ -31,4 +31,3 @@ Run the Infection Monkey on as many machines as you can. You can easily achieve
|
|||
## Assessing results
|
||||
|
||||
You can see your results in the Zero Trust report section. “The Summary” section will give you an idea about which Zero Trust pillars were the Infection Monkey tested, how many tests were performed and test statuses. Specific tests are described in the “Test Results” section. The “Findings” section shows details about the Monkey actions. Click on “Events” of different findings to observe what exactly the Infection Monkey did and when it did it. This should make it easy to cross reference events with your security solutions and alerts/logs.
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
.
|
||||
*
|
||||
|
|
Loading…
Reference in New Issue