Have you tested your network with a hack and attack simulator? Your business probably uses a fairly large number of systems on your network, and you are probably the administrator maintaining those systems. One question you may often ask yourself is, “How secure are our servers and desktops?” Or maybe you are the cloud admin of the company. How secure is this cloud?
Did you find the answer to this question?
With Infection Monkey, you might finally be able to get those answers.
With Infection Monkey, you can simulate credential theft, machine hacking, and other security flaws using a user-friendly web interface.
Infection Monkey is free, open source and includes features such as:
- Continuous comprehensive testing
- Generating a report
- Attacker visualization
- Scalable to meet your needs
We have already mentioned this tool before:
8 cyber attack simulation tools to improve security
Infection Monkey can be deployed on-premises or on your cloud platform (such as Azure, AWS, and Google Cloud).
No matter where you deploy it, you can use the attack simulation tool.
I’m going to show you the process of installing Infection Monkey on a Debian server to simulate a local network.
What do you need
To deploy Infection Monkey on your network, you need a working Debian server and root access on that machine.
You will also need a .deb installation file, which you can access after registering on the Infection Monkey download page:
How to install Infection Monkey
The installation is actually pretty straightforward.
After you’ve downloaded the installer file, open a terminal window, switch to root user, change to the directory where the .deb file is located, and enter the command:
dpkg -i monkey-island-debian.deb
The above command might give you an error. Fear not, we can fix this with the command:
apt install -f
The apt command will fix all dependencies and then complete the installation.
How to access Infection Monkey
After installation is complete, open your web browser and point to https: // SERVER_IP: 5000 (where SERVER_IP is the IP address of the host server).
You will be greeted by the login window!
All you have to do here is enter your username and password. Enter your information and click “Let’s Go”. You will be logged into the Infection Monkey system, where you can set up and run your first attack simulation.
Click Configure Monkey. In the window that appears, go through the tabs and enable / disable any of the attacks that you want to simulate on your network or cloud:
After setting up the attack, click “Submit” to save. Then click “Run Monkey” in the left navigation bar and then click Run on a machine of your choice! In the window that appears, select the type of machine you will test:
Under the machine type selection, you will be presented with a command to start. Copy this command and then paste it into the terminal on the machine you want to test. The test will run. While running the test, click on the Infection Map entry in the left navigation bar to see the machine under test.
Testing will take a while, so let Infection Monkey do the work while you do other admin tasks. When testing is complete, you can view the Infection Map to see the results.
Note. If you’re curious, you can always view the interactive Infection Map while the test is running.
And that’s all it takes to install and use Infection Monkey to scan your network for known vulnerabilities and exploits.
Try this system and see what it shows – you may be surprised at the results.
And not in a good way. 🙂