Jump to content
YOUR-AD-HERE
HOSTING
TOOLS

Locked Infection Monkey v2.0 - An automated pentest tool

itsMe

By MASTERitsMe
in Pentesting

 Share

Recommended Posts

itsMe Master Hacker

MASTERitsMe

Posted
Posted

This is the hidden content, please

The Infection Monkey is an open-source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Command and Control(C&C) server.

Main Features

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

    Multiple propagation techniques:
        Predefined passwords
        Common logical exploits
        Password stealing using mimikatz


    Multiple exploit methods:
        SSH
        SMB
        RDP
        WMI
        Shellshock
        Conficker
        SambaCry
        Elastic Search (CVE-2015-1427)

Changelog v2.0
Added

    credentials.json file for storing Monkey Island user login information. #1206
    GET /api/propagation-credentials/<string:guid> endpoint for agents to retrieve updated credentials from the Island. #1538
    GET /api/island/ip-addresses endpoint to get IP addresses of the Island server network interfaces. #1996
    SSHCollector as a configurable System info Collector. #1606
    deployment_scrips/install-infection-monkey-service.sh to install an AppImage as a service. #1552
    The ability to download the Monkey Island logs from the Infection Map page. #1640
    POST /api/reset-agent-configuration endpoint. #2036
    POST /api/clear-simulation-data endpoint. #2036
    GET /api/registration-status endpoint. #2149
    Authentication to /api/island/version. #2109
    The ability to customize the file extension used by the ransomware payload when encrypting files. #1242
    {GET,POST} /api/agents endpoint. #2362
    GET /api/agent-signals endpoint. #2261
    GET /api/agent-logs/<uuid:agent_id> endpoint. #2274
    GET /api/machines endpoint. #2362
    {GET,POST} /api/agent-events endpoints. #2405
    GET /api/nodes endpoint. #2155, #2300, #2334
    Scrollbar to preview pane’s exploit timeline in the map page. #2455
    GET /api/agent-plugins/<string:os>/<string:type>/<string:name> endpoint. #2578, #2811
    GET /api/agent-configuration-schema endpoint. #2710
    GET /api/agent-plugins/<string:type>/<string:name>/manifest endpoint. #2786
    GET /api/agent-binaries/<string:os> endpoint. #1675, #1978
    More…

This is the hidden content, please

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.