The Infection Monkey is an open-source breach and attack simulation tool for testing a data center's resiliency to perimeter breaches and internal server infection.
Infection Monkey will help you validate existing security solutions and provide a view of the internal network from an attacker's perspective.
Infection Monkey is free and can be downloaded from our homepage.
Architecturally, Infection Monkey is comprised of two components:
- Monkey Agent (Monkey for short) - a safe, worm-like binary program that scans, propagates, and simulates attack techniques on the local network.
- Monkey Island Server (Island for short) - a C&C web server that provides a GUI for users and interacts with the Monkey Agents.
The user can run the Monkey Agent on the Island server machine or manually distribute Monkey Agent binaries on the network. Monkey Agents scan, propagate, and simulate an attacker's behavior on the local network based on the configuration parameters. All information about the network is aggregated in the Island Server and displayed once all Monkey Agents are finished.
The results of running Monkey Agents are:
- A map displaying how much of the network an attacker can see, what services are accessible, and potential propagation routes.
- A security report displaying security issues that Monkey Agents discovered and exploited.
- A MITRE ATT&CK report, displaying the information about the ATT&CK techniques that Monkey Agents tried to use.
- A Zero Trust report displaying violations of Zero Trust principles that Monkey Agents found.
A more in-depth description of reports generated can be found on the reports documentation page.
If you haven't downloaded Infection Monkey yet, you can do so from our homepage. After downloading the Monkey, install it using one of our setup guides, and read our getting started guide for a quick-start on Monkey.
Updated about 1 month ago