Infection Monkey
Infection Monkey is an open-source security tool designed to test data center resilience against perimeter breaches and internal server infections. The tool consists of two main components: - Monkey: An agent that infects machines and propagates across the network using various methods - Monkey Island: A centralized server that controls the Monkey agents and provides visualization of their progress The system operates by deploying the Monkey agent, which attempts to spread laterally through the network infrastructure, simulating how an actual breach might propagate within an organization's data center environment. All activities and results are reported back to the Monkey Island server for analysis and visualization. The tool helps organizations identify vulnerabilities in their network segmentation, access controls, and internal security measures by demonstrating potential attack paths that malicious actors could exploit.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A specification/framework for extending default C2 communication channels in Cobalt Strike
A PoC tool for generating Excel files with embedded macros without using Excel.
A tool for interacting with Exchange servers remotely and exploiting client-side Outlook features.
A standalone man-in-the-middle attack framework used for phishing login credentials and bypassing 2-factor authentication.
A set of YARA rules for identifying files containing sensitive information
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
Collection of penetration testing scripts for AWS with a focus on reconnaissance.
A front-end JavaScript toolkit for creating DNS rebinding attacks
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.