Welcome to the Infection Monkey!
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.
The Infection Monkey is comprised of two parts:
- Monkey - A tool which infects other machines and propagates to them.
- Monkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data center.
To read more about the Monkey, visit akamai.com/infectionmonkey.
The Infection Monkey uses the following techniques and exploits to propagate to other machines.
- Multiple propagation techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using Mimikatz
- Multiple exploit methods:
- SSH
- SMB
- WMI
- Log4Shell
- Zerologon
- and more, see our documentation hub for more information.
Check out the Setup page and the Getting Started guide in our documentation.
The Infection Monkey supports a variety of platforms, documented in our documentation hub.
To deploy development version of monkey you should refer to readme in the deployment scripts folder or follow documentation in documentation hub.
| Branch | Status |
|---|---|
| Develop | |
| Master |
In order to run all of the Unit Tests, run the command python -m pytest in the monkey directory.
To get a coverage report, first make sure the coverage package is installed using pip install coverage. Run the command
coverage run -m unittest in the monkey directory and then coverage html. The coverage report can be found in
htmlcov.index.
In order to run the Blackbox tests, refer to envs/monkey_zoo/blackbox/README.md.
Copyright (c) Guardicore Ltd
See the LICENSE file for license rights and limitations (GPLv3).