Infection Monkey has multiple ways to steal credentials from compromised machines:
The Chrome Credentials Collector steals saved credentials from Chrome-based browsers.
On Linux, it targets Google Chrome and Chromium. On Windows, it targets Google Chrome
and Microsoft Edge.
The SSH Credentials Collector steals SSH keys from Linux users.
For all users on the system, it locates the
/home/<user>/.ssh directory and steals keypairs from it. The supported private key encryption formats are RSA, DSA, EC, and ECDSA.
Updated 3 months ago