Use infected monkeys to automate penetration testing operations

You can download this article in PDF format via the link below to support us.Download the guide in PDF formatClose

As a system administrator or cloud administrator, figuring out the security of your environment can be very challenging. This is usually because your company has installed a large number of systems and the complex networks involved.

Infected monkey is Open source This tool can simplify your work and answer questions such as “how secure is the cloud?” With Infection Monkey, you can simulate multiple security attacks on the cloud environment on the web interface, such as credential theft, network attacks and many other simulations.

You will also get detailed reports on scans and vulnerabilities found, and of course also provide advice on how to protect the environment.

All you need to do is install Infection Monkey on the Inbian host, access it on the Web UI, configure the type of attack to be simulated, and then let Monkeys work while having a cup of coffee.

In this tutorial, we will install Infection Monkey on Ubuntu 18.04. Please follow the steps below:

Download and install Infection Monkey on Ubuntu

  • Registered at Infected Monkey download page Obtain the .deb file.
  • Download the .deb file to your server from the link that will be shared to your email.
  • Make sure your Ubuntu system is updated.
$ sudo apt update && sudo apt upgrade -y
  • Use the following command to install the .deb file: apt install <file.deb> Install all dependencies required to run the system
$ sudo apt install ./monkey-island-debian.deb

This will install Infection Monkey on Ubuntu, including the required dependencies.

After successful installation, you will receive a notification that you can pass https://<server-ip>:5000/

$ sudo apt install ./monkey-island-debian.deb
....
Generating csr in /var/monkey/monkey_island/cc/server.csr...
Generating certificate in /var/monkey/monkey_island/cc/server.crt...
Signature ok
subject=C = GB, ST = London, L = London, O = Global Security, OU = Monkey Department, CN = monkey.com
Getting Private key
2+0 records in
2+0 records out
2048 bytes (2.0 kB, 2.0 KiB) copied, 0.000205939 s, 9.9 MB/s
Starting services...

Monkey Island installation ended.
The server should be accessible soon via https://<server_ip>:5000/
To check the Island's status, run 'sudo service monkey-island status'
  • Allow port 5000 through the firewall
sudo ufw allow 5000/tcp
  • You can now use https: // : 5000 access server

When accessing for the first time, you will need to create a username and password.

Infected monkey

Then you need to select “Configure monkey‘Option.

Infect monkey1

Select the type of simulation you want to run, then submit

Infect monkey2

You can also configure network options in the Network tab, such as scan range or entire subnet. You can also configure subnets that are assumed to be segmented. Using this option, Infection Monkey will try to see if the devices in the segmented subnet can communicate.

Infect monkey network settings

Now go to the left pane and click Running monkey. This is where the fun begins. There are two options in this tab.

  1. Run on Monkey Island Server-This will start Monkey on the server, and all exploits will be concentrated on the Monkey server.
  2. Run on the computer of your choice – This allows you to run a script on the client server, which sends the report to the Monkey server.

You can also choose to run both at the same time to test on both the monkey server and the client server.

When you choose ‘Run on the machine of your choice‘You will need to select the type of client computer on which the script will be run, and the network interface of the Monkey server that the client computer will use to connect/send statistics and reports.

Infected Monkey 2

Copy the provided script and run it on the terminal of the client computer.

You can now go to Infection map Tab to view the simulation progress. First, you will only see connections to the host running the script, but as the test continues, you will be able to see more hosts connected to the simulation in the network.

Infect monkey4

In small networks, scanning takes less time, and few devices will be seen in the scan:

Infected Monkey Network

If your network is large, you will have to wait longer (minutes or hours) and you will get the following broader scan view:

Screenshots for 2020 12 20 11 13 52

After scanning on all devices, you will be able to get the report at: Safety report label.

You can check the number of devices found in the scan and whether any vulnerabilities were found.

Infected monkey reportInfected monkey net report

You can further navigate to Zero Trust Report Get more reports about the scan.

Infected Monkey Zero Trust Report

wrap up

As we have seen, the infected monkey is obviously a convenient tool used by system/cloud administrators, which can easily grasp the security status of the environment.

Check out the following interesting tools on our website:

Use Beats to forward server logs and metrics to Elasticsearch

Faraday-penetration testing IDE and vulnerability management platform

You can download this article in PDF format via the link below to support us.Download the guide in PDF formatClose

Sidebar