Infection Monkey v1.6 - An Automated Pentest Tool
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server.
The Infection Monkey is comprised of two parts:
- Monkey - A tool which infects other machines and propagates to them
- Monkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data center
Main Features
The Infection Monkey uses the following techniques and exploits to propagate to other machines.
- Multiple propagation techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using Mimikatz
- Multiple exploit methods:
- SSH
- SMB
- RDP
- WMI
- Shellshock
- Conficker
- SambaCry
- Elastic Search (CVE-2015-1427)
Setup
Check out the Setup page in the Wiki or a quick getting started guide.
Building the Monkey from source
If you want to build the monkey from source, see Setup and follow the instructions at the readme files under infection_monkey and monkey_island.
Infection Monkey v1.6 - An Automated Pentest Tool
Reviewed by Zion3R
on
5:54 PM
Rating:
![Infection Monkey v1.6 - An Automated Pentest Tool](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5vqEm5MfhWPMMJ1_soOTVRDaLw2Gc3S9odZE81-RunxEmRuB7m-pHQHXQhi3IOjl9aUAR1Sos3T2qvW30oqJ7i_FB7f1AZVkKsn-A6kXY4b2_VFm77BRWGHz38U2ZHH4kZGeL9GsELQQ/s72-c/monkey_1_map-full.png)