Infection Monkey is an open source security tool for checking the resilience of a data center to perimeter breaches and internal server breaches.
Monkey uses various methods to self-propagate in a data center and reports success on a Command and Control (C&C) server.
Infection Monkey consists of two parts:
- Monkey - A tool that infects other machines and spreads on them
- Monkey Island - A C&C server with a special UI to display the progress of Chaos Monkey in the data center
- Multiple techniques:
- Predefined passwords
- Common logical exploits
- Password stealing using mimikatz
- Multiple exploits:
- Elastic Search (CVE-2015-1427)
You will find instructions for installing the program here.
You can download the program from here.