KitPloitKITPLOIT:8156513738773047978Infection Monkey v1.6 - An Automated Pentest Tool
9.5 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.86 High
EPSS
Percentile
98.5%
The Infection Monkey is an open source security tool for testing a data centerβs resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server.
The Infection Monkey is comprised of two parts:
- Monkey - A tool which infects other machines and propagates to them
- Monkey Island - A dedicated server to control and visualize the Infection Monkeyβs progress inside the data center
To read more about the Monkey, visit http://infectionmonkey.com
Main Features
The Infection Monkey uses the following techniques and exploits to propagate to other machines.
- Multiple propagation techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using Mimikatz
- Multiple exploit methods:
- SSH
- SMB
- RDP
- WMI
- Shellshock
- Conficker
- SambaCry
- Elastic Search (CVE-2015-1427)
Setup
Check out the Setup page in the Wiki or a quick getting started guide.
Building the Monkey from source
If you want to build the monkey from source, see Setup and follow the instructions at the readme files under infection_monkey and monkey_island.
Related
9.5 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.86 High
EPSS
Percentile
98.5%