GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → guardicore → Monkey

guardicore / Monkey

Licence: gpl-3.0
Infection Monkey - An automated pentest tool

Programming Languages

python
139335 projects - #7 most used programming language
javascript
184084 projects - #8 most used programming language
typescript
32286 projects
HCL
1544 projects
shell
77523 projects
SCSS
7915 projects

Labels

security-toolspenetration-testingsecurity-automationinfection-monkey

Projects that are alternatives of or similar to Monkey

Patrowlmanager
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (-93.49%)
Mutual labels:  security-tools, security-automation
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-93.14%)
Mutual labels:  security-tools, penetration-testing
W5
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Stars: ✭ 367 (-93.41%)
Mutual labels:  security-tools, security-automation
Shodansploit
🔎 shodansploit > v1.3.0
Stars: ✭ 342 (-93.86%)
Mutual labels:  security-tools, security-automation
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-92.34%)
Mutual labels:  security-tools, penetration-testing
Super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-93.9%)
Mutual labels:  security-tools, security-automation
Yasuo
A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-90.72%)
Mutual labels:  security-tools, security-automation
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (-39.14%)
Mutual labels:  security-tools, penetration-testing
Burpa
Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (-92.34%)
Mutual labels:  security-tools, security-automation
Huskyci
Performing security tests inside your CI
Stars: ✭ 398 (-92.86%)
Mutual labels:  security-tools, security-automation
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (-36.81%)
Mutual labels:  security-tools, penetration-testing
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (-91.73%)
Mutual labels:  penetration-testing, security-automation
Wsltools
Web Scan Lazy Tools - Python Package
Stars: ✭ 288 (-94.83%)
Mutual labels:  security-tools, security-automation
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (-93.56%)
Mutual labels:  security-tools, security-automation
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (-37.13%)
Mutual labels:  security-tools, penetration-testing
Fwanalyzer
a tool to analyze filesystem images for security
Stars: ✭ 382 (-93.14%)
Mutual labels:  security-tools, security-automation
Faraday
Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (-42.61%)
Mutual labels:  penetration-testing, security-automation
Securecodebox
secureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-94.99%)
Mutual labels:  security-tools, security-automation
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-93.02%)
Mutual labels:  security-tools, penetration-testing
Gosec
Golang security checker
Stars: ✭ 5,694 (+2.19%)
Mutual labels:  security-tools, security-automation
View All Similar Projects ➔

Infection Monkey

GitHub release (latest by date)

Build Status codecov

GitHub stars GitHub commit activity

Data center Security Testing Tool

Welcome to the Infection Monkey!

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.

The Infection Monkey is comprised of two parts:

  • Monkey - A tool which infects other machines and propagates to them.
  • Monkey Island - A dedicated server to control and visualize the Infection Monkey's progress inside the data center.

To read more about the Monkey, visit infectionmonkey.com.

Screenshots

Map

Security report

Zero trust report

ATT&CK report

Main Features

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

  • Multiple propagation techniques:
    • Predefined passwords
    • Common logical exploits
    • Password stealing using Mimikatz
  • Multiple exploit methods:
    • SSH
    • SMB
    • WMI
    • Shellshock
    • Conficker
    • Elastic Search (CVE-2015-1427)
    • Weblogic server
    • and more, see our Documentation hub for more information about our RCE exploiters.

Setup

Check out the Setup page in the Wiki or a quick getting started guide.

The Infection Monkey supports a variety of platforms, documented in our documentation hub.

Building the Monkey from source

To deploy development version of monkey you should refer to readme in the deployment scripts folder or follow documentation in documentation hub.

Build status

Branch Status
Develop Build Status
Master Build Status

Tests

Unit Tests

In order to run all of the Unit Tests, run the command python -m pytest in the monkey directory.

To get a coverage report, first make sure the coverage package is installed using pip install coverage. Run the command coverage run -m unittest in the monkey directory and then coverage html. The coverage report can be found in htmlcov.index.

Blackbox tests

In order to run the Blackbox tests, refer to envs/monkey_zoo/blackbox/README.md.

License

Copyright (c) Guardicore Ltd

See the LICENSE file for license rights and limitations (GPLv3).

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].