From 31657c9fae61d78b84c099cad32a46f508808921 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 14:23:26 +0300 Subject: [PATCH 1/6] Fixed small inconsistency in debian installation tutorial --- docs/content/setup/debian.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/content/setup/debian.md b/docs/content/setup/debian.md index b76d27ec0..ae9751ff5 100644 --- a/docs/content/setup/debian.md +++ b/docs/content/setup/debian.md @@ -32,7 +32,7 @@ This Debian package has been tested on Ubuntu Bionic 18.04 LTS and Ubuntu Focal ``` 1. Install the Monkey Island Debian package: ```sh - sudo dpkg -i monkey_island.deb # this might print errors + sudo dpkg -i monkey_island_deb.deb # this might print errors ``` 1. If, at this point, you receive dpkg errors that look like this: @@ -86,4 +86,3 @@ If you'd like to keep your existing configuration, you can export it to a file using the *Export config* button and then import it to the new Monkey Island. ![Export configuration](../../images/setup/export-configuration.png "Export configuration") - From 84ed067f28287b7e3f4336c0761b1589c7db713c Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 14:41:29 +0300 Subject: [PATCH 2/6] Fixed gitignores to exclude some irrelevant files --- .gitignore | 1 + envs/monkey_zoo/blackbox/utils/generated_configs/.gitignore | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 75074b4c5..82df0f640 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ # Intellij .idea/ +.run/ # Byte-compiled / optimized / DLL files __pycache__/ diff --git a/envs/monkey_zoo/blackbox/utils/generated_configs/.gitignore b/envs/monkey_zoo/blackbox/utils/generated_configs/.gitignore index 9c558e357..72e8ffc0d 100644 --- a/envs/monkey_zoo/blackbox/utils/generated_configs/.gitignore +++ b/envs/monkey_zoo/blackbox/utils/generated_configs/.gitignore @@ -1 +1 @@ -. +* From 77d76b075a53835bd395aba8c323e4db2ed03b1d Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 15:06:17 +0300 Subject: [PATCH 3/6] Fixed link in zero-trust documentation page --- docs/content/usage/use-cases/zero-trust.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/content/usage/use-cases/zero-trust.md b/docs/content/usage/use-cases/zero-trust.md index 56b294cbc..2e54dc73e 100644 --- a/docs/content/usage/use-cases/zero-trust.md +++ b/docs/content/usage/use-cases/zero-trust.md @@ -6,18 +6,18 @@ description: "See where you stand in your Zero Trust journey." weight: 1 --- -## Overview +## Overview Want to assess your progress in achieving a Zero Trust network? The Infection Monkey can automatically evaluate your readiness across the different [Zero Trust Extended Framework](https://www.forrester.com/report/The+Zero+Trust+eXtended+ZTX+Ecosystem/-/E-RES137210) principles. -You can additionally scan your cloud infrastructure's compliance to ZeroTrust principles using [ScoutSuite integration.](/usage/integrations/scoutsuite) +You can additionally scan your cloud infrastructure's compliance to ZeroTrust principles using [ScoutSuite integration.]({{< ref "/usage/integrations/scoutsuite" >}}) ## Configuration - **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times. - **Network -> Scope** Disable “Local network scan” and instead provide specific network ranges in the “Scan target list.” -- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define +- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define subnets that should be segregated from each other. In general, other configuration value defaults should be good enough, but feel free to see the “Other” section for tips and tricks about more features and in-depth configuration parameters you can use. @@ -31,4 +31,3 @@ Run the Infection Monkey on as many machines as you can. You can easily achieve ## Assessing results You can see your results in the Zero Trust report section. “The Summary” section will give you an idea about which Zero Trust pillars were the Infection Monkey tested, how many tests were performed and test statuses. Specific tests are described in the “Test Results” section. The “Findings” section shows details about the Monkey actions. Click on “Events” of different findings to observe what exactly the Infection Monkey did and when it did it. This should make it easy to cross reference events with your security solutions and alerts/logs. - From f62007d028f60d0a376abc0da474c2fc7090252f Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 16:35:18 +0300 Subject: [PATCH 4/6] Refactored internal documentation hub links to proper structure which fixed them in production --- docs/content/FAQ/_index.md | 14 +++++++------- docs/content/_index.md | 10 +++++----- docs/content/development/_index.md | 6 +++--- docs/content/reference/exploiters/SMBExec.md | 2 +- docs/content/reference/exploiters/SSHExec.md | 2 +- docs/content/reference/exploiters/WMIExec.md | 2 +- docs/content/reference/mitre_techniques.md | 6 +++--- docs/content/reports/mitre.md | 2 +- docs/content/reports/security.md | 2 +- docs/content/setup/_index.md | 4 ++-- 10 files changed, 25 insertions(+), 25 deletions(-) diff --git a/docs/content/FAQ/_index.md b/docs/content/FAQ/_index.md index 2d46310cd..8db7c63db 100644 --- a/docs/content/FAQ/_index.md +++ b/docs/content/FAQ/_index.md @@ -39,9 +39,9 @@ The Monkey shuts off either when it can't find new victims, or when it has excee ## How to reset the password? On your first access of Monkey Island server, you'll be prompted to create an account. If you forgot the credentials you - entered or just want to change them, you need to manually alter the `server_config.json` file. On Linux, this file is - located on `/var/monkey/monkey_island/cc/server_config.json`. On windows, it's based on your install directory (typically - `C:\Program Files\Guardicore\Monkey Island\monkey_island\cc\server_config.json`). Reset the contents of this file + entered or just want to change them, you need to manually alter the `server_config.json` file. On Linux, this file is + located on `/var/monkey/monkey_island/cc/server_config.json`. On windows, it's based on your install directory (typically + `C:\Program Files\Guardicore\Monkey Island\monkey_island\cc\server_config.json`). Reset the contents of this file leaving the **deployment option unchanged** (it might be "vmware" or "linux" in your case): ```json @@ -50,7 +50,7 @@ On your first access of Monkey Island server, you'll be prompted to create an ac "deployment": "windows" } ``` - Then reset the Island process (`sudo systemctl restart monkey-island.service` for linux, restart program for windows). + Then reset the Island process (`sudo systemctl restart monkey-island.service` for linux, restart program for windows). Finally, go to the Island's URL and create a new account. ## Should I run the Monkey continuously? @@ -134,7 +134,7 @@ If you do experience any performance issues please let us know on [our Slack cha Absolutely! User credentials are stored encrypted in the Monkey Island server. This information is then accessible only to users that have access to the Island. -We advise to limit access to the Monkey Island server by following our [password protection guide](../usage/island/password-guide). +We advise to limit access to the Monkey Island server by following our [password protection guide]({{< ref "/setup/accounts-and-security" >}}). ### How do you store sensitive information on Monkey Island? @@ -150,7 +150,7 @@ This means we avoid using some very strong (and famous) exploits such as [Eterna ## After I've set up Monkey Island, how can I execute the Monkey? -See our detailed [getting started](../content/usage/getting-started) guide. +See our detailed [getting started]({{< ref "/usage/getting-started" >}}) guide. ## How can I make the monkey propagate “deeper” into the network? @@ -169,7 +169,7 @@ This is sometimes caused when Monkey Island is installed with an old version of ## How can I get involved with the project? -The Monkey is an open-source project, and we weclome contributions and contributors. Check out the [contribution documentation](../development) for more information. +The Monkey is an open-source project, and we weclome contributions and contributors. Check out the [contribution documentation]({{< ref "/development" >}}) for more information. ## About the project 🐵 diff --git a/docs/content/_index.md b/docs/content/_index.md index 74905e8f2..117aae443 100644 --- a/docs/content/_index.md +++ b/docs/content/_index.md @@ -24,8 +24,8 @@ Architecturally, Infection Monkey is comprised of two components: * Monkey Agent (Monkey for short) - a safe, worm-like binary program which scans, propagates and simulates attack techniques on the **local network**. * Monkey Island Server (Island for short) - a C&C web server which provides a GUI for users and interacts with the Monkey Agents. -The user can run the Monkey Agent on the Island server machine or distribute Monkey Agent binaries on the network manually. Based on -the configuration parameters, Monkey Agents scan, propagate and simulate an attacker's behavior on the local network. All of the +The user can run the Monkey Agent on the Island server machine or distribute Monkey Agent binaries on the network manually. Based on +the configuration parameters, Monkey Agents scan, propagate and simulate an attacker's behavior on the local network. All of the information gathered about the network is aggregated in the Island Server and displayed once all Monkey Agents are finished. ## Results @@ -35,12 +35,12 @@ The results of running Monkey Agents are: - A security report, which displays security issues that Monkey Agents discovered and/or exploited. - A MITRE ATT&CK report, which displays the information about the ATT&CK techniques that Monkey Agents tried to use. - A Zero Trust report, which displays violations of Zero Trust principles that Monkey Agents found. - -A more in-depth description of reports generated can be found in the [reports documentation page](/reports). + +A more in-depth description of reports generated can be found in the [reports documentation page]({{< ref "/reports" >}}). ## Getting Started -If you haven't downloaded Infection Monkey yet you can do so [from our homepage](https://www.guardicore.com/infectionmonkey/#download). After downloading the Monkey, install it using one of our [setup guides](setup), and read our [getting started guide](usage/getting-started) for a quick-start on Monkey! +If you haven't downloaded Infection Monkey yet you can do so [from our homepage](https://www.guardicore.com/infectionmonkey/#download). After downloading the Monkey, install it using one of our [setup guides] ({{< ref "/setup" >}}), and read our [getting started guide] ({{< ref "/usage/getting-started" >}}) for a quick-start on Monkey! ## Support and community diff --git a/docs/content/development/_index.md b/docs/content/development/_index.md index 236c7c3cd..91c5e7855 100644 --- a/docs/content/development/_index.md +++ b/docs/content/development/_index.md @@ -4,7 +4,7 @@ date = 2020-05-26T20:55:04+03:00 weight = 30 chapter = true pre = ' ' -tags = ["development", "contribute"] +tags = ["development", "contribute"] +++ # Securing networks together @@ -15,7 +15,7 @@ Want to help secure networks? That's great! Here are a few short links to help you get started: -* [Getting up and running](./setup-development-environment) - These instructions will help you get a working development setup. +* [Getting up and running]({{< ref "/development/setup-development-environment" >}}) - These instructions will help you get a working development setup. * [Contributing guidelines](https://github.com/guardicore/monkey/blob/master/CONTRIBUTING.md) - These guidelines will help you submit. ## What are we looking for? @@ -30,7 +30,7 @@ It's important to note that the Infection Monkey must be absolutely reliable. Ot ### Analysis plugins 🔬 -Successfully attacking every server in the network has little value if the Infection Monkey can't provide recommendations for reducing future risk. Whether it's explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey's activities into actionable next steps for improving security. +Successfully attacking every server in the network has little value if the Infection Monkey can't provide recommendations for reducing future risk. Whether it's explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey's activities into actionable next steps for improving security. ### Better code 💪 diff --git a/docs/content/reference/exploiters/SMBExec.md b/docs/content/reference/exploiters/SMBExec.md index cccf0596d..93091357b 100644 --- a/docs/content/reference/exploiters/SMBExec.md +++ b/docs/content/reference/exploiters/SMBExec.md @@ -5,4 +5,4 @@ draft: false tags: ["exploit", "windows"] --- -Brute forces using credentials provided by user (see ["Configuration"](../usage/configuration)) and hashes gathered by Mimikatz. +Brute forces using credentials provided by user (see ["Configuration"] ({{< ref "/usage/configuration" >}}) and hashes gathered by Mimikatz. diff --git a/docs/content/reference/exploiters/SSHExec.md b/docs/content/reference/exploiters/SSHExec.md index d90d311cb..b0c4f6b66 100644 --- a/docs/content/reference/exploiters/SSHExec.md +++ b/docs/content/reference/exploiters/SSHExec.md @@ -5,4 +5,4 @@ draft: false tags: ["exploit", "linux"] --- -Brute forces using credentials provided by user (see ["Configuration"](../usage/configuration))and SSH keys gathered from systems. +Brute forces using credentials provided by user (see ["Configuration"]({{< ref "/usage/configuration" >}})and SSH keys gathered from systems. diff --git a/docs/content/reference/exploiters/WMIExec.md b/docs/content/reference/exploiters/WMIExec.md index 346bc6eed..20623be71 100644 --- a/docs/content/reference/exploiters/WMIExec.md +++ b/docs/content/reference/exploiters/WMIExec.md @@ -5,4 +5,4 @@ draft: false tags: ["exploit", "windows"] --- -Brute forces WMI (Windows Management Instrumentation) using credentials provided by user (see ["Configuration"](../usage/configuration)) and hashes gathered by mimikatz. +Brute forces WMI (Windows Management Instrumentation) using credentials provided by user (see ["Configuration"]({{< ref "/usage/configuration" >}})) and hashes gathered by mimikatz. diff --git a/docs/content/reference/mitre_techniques.md b/docs/content/reference/mitre_techniques.md index 9e528449e..52da5c296 100644 --- a/docs/content/reference/mitre_techniques.md +++ b/docs/content/reference/mitre_techniques.md @@ -3,17 +3,17 @@ title: "MITRE ATT&CK" date: 2020-09-24T08:18:37+03:00 draft: false pre: ' & ' -weight: 10 +weight: 10 --- {{% notice info %}} -Check out [the documentation for the MITRE ATT&CK report as well](../../usage/reports/mitre). +Check out [the documentation for the MITRE ATT&CK report as well]({{< ref "/reports/mitre" >}}). {{% /notice %}} The Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base and based on this, provides a report detailing the techniques it used and recommended mitigations. The idea is to help you simulate an APT attack on your network and mitigate real attack paths intelligently. - + In the following table we provide the list of all the ATT&CK techniques the Monkey provides info about, categorized by tactic. You can follow any of the links to learn more about a specific technique or tactic. diff --git a/docs/content/reports/mitre.md b/docs/content/reports/mitre.md index d1ab3f20c..0e454fd91 100644 --- a/docs/content/reports/mitre.md +++ b/docs/content/reports/mitre.md @@ -6,7 +6,7 @@ draft: false --- {{% notice info %}} -Check out [the documentation for other reports available in the Infection Monkey](../) and [the documentation for supported ATT&CK techniques](../../../reference/mitre_techniques). +Check out [the documentation for other reports available in the Infection Monkey] ({{< ref "/reports" >}}) and [the documentation for supported ATT&CK techniques]({{< ref "/reference/mitre_techniques" >}}). {{% /notice %}} The Infection Monkey maps its actions to the [MITRE ATT&CK](https://attack.mitre.org/) knowledge base. After simulating an advanced persistent threat (APT) attack, it generates a report summarizing the success of the techniques utilized along with recommended mitigation steps, helping you identify and mitigate attack paths in your environment. diff --git a/docs/content/reports/security.md b/docs/content/reports/security.md index e70f8539c..2ebe150bc 100644 --- a/docs/content/reports/security.md +++ b/docs/content/reports/security.md @@ -6,7 +6,7 @@ description: "Provides actionable recommendations and insight into an attacker's --- {{% notice info %}} -Check out [the documentation for other reports available in the Infection Monkey](../). +Check out [the documentation for other reports available in the Infection Monkey]({{< ref "/reports" >}}). {{% /notice %}} The Infection Monkey's **Security Report** provides you with actionable recommendations and insight into an attacker's view of your network. You can download a PDF of an example report here: diff --git a/docs/content/setup/_index.md b/docs/content/setup/_index.md index 0e5d38690..b97088b12 100644 --- a/docs/content/setup/_index.md +++ b/docs/content/setup/_index.md @@ -4,7 +4,7 @@ date = 2020-05-26T20:55:04+03:00 weight = 5 chapter = true pre = ' ' -tags = ["setup"] +tags = ["setup"] +++ # Setting up Infection Monkey @@ -15,7 +15,7 @@ Once you've downloaded an installer, follow the relevant guide for your environm {{% children %}} -After setting the Monkey up, check out our [Getting Started](../usage/getting-started) guide! +After setting the Monkey up, check out our [Getting Started](/usage/getting-started) guide! {{% notice tip %}} You can find information about [operating system compatibility and support here](../reference/operating_systems_support). From 38036f7a9dbf463d2842cb60703d78526b4136d1 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 16:51:37 +0300 Subject: [PATCH 5/6] Removed duplicate password reset tutorials in the documentation hub --- docs/content/setup/accounts-and-security.md | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/docs/content/setup/accounts-and-security.md b/docs/content/setup/accounts-and-security.md index da8dbbbb3..8f99d25f2 100644 --- a/docs/content/setup/accounts-and-security.md +++ b/docs/content/setup/accounts-and-security.md @@ -15,15 +15,4 @@ If you want an island to be accessible without credentials, press *I want anyone ## Resetting your account credentials -To reset your credentials, edit `monkey_island\cc\server_config.json` by deleting the `user` and `password_hash` variables. - -When you restart the Monkey Island server, you will again be prompted with the registration form. - -Example `server_config.json` for account reset: - -```json -{ - "server_config": "password", - "deployment": "develop" -} -``` +This procedure is documented in [the FAQ.]({{< ref "/faq/#how-to-reset-the-password" >}}) From 6396c7d1a4b57eccc9b721a188f9370b5644ea55 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Fri, 9 Apr 2021 17:17:40 +0300 Subject: [PATCH 6/6] Fixed homepage (Infection monkey logo) click to redirect back to documentation homepage, not guardicore. --- docs/config/production/config.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/config/production/config.toml b/docs/config/production/config.toml index 819657d4c..1fb5c2e20 100644 --- a/docs/config/production/config.toml +++ b/docs/config/production/config.toml @@ -1,2 +1,2 @@ -baseURL = "https://www.guardicore.com/infectionmonkey/docs" +baseURL = "https://www.guardicore.com/infectionmonkey/docs/" canonifyURLs = true