
Infection Monkey – An automated pentest tool - adulau
https://github.com/guardicore/monkey
======
operatorequals
Given a huge network (or multiple) this thing can do wonders on continuous
network auditing. Yet, there should be some security switches, such as
complete agent uninstalling, really secure communications with CnC (paranoid
mode and above), and no persistent backdoors. Those things can introduce new
vulns to the network.

After all, it is only meant to automate the classic identify-> try exploit
loop. Good for me.

------
jaequery
what does this have that tools like metasploit, nessus, or openvas doesn't do?

most of pentest tools are all about the libraries of tests they can perform.

this to me looks like a glorified nmap unless i'm mistaken.

------
thorwaway1351
I would be more careful in pentesting any infrastructure than letting a worm
run loose on it.

There is a list of exploits this code is testing. Why not run the tests
yourself instead of using each target as a launching point?

Unless you're testing 100k servers and don't have the horsepower to drive the
tests, how could this be any faster?

------
empath75
So basically this is a worm?

~~~
ofri
This is an attack simulation tool. It can be executed from its C&C server but
also from other machines in your network. By that you can simulate different
scenarios like: what would have happen if my web server is compromised; or
what if someone steal credential of a member of the IT team

------
delapot
what would it take to turn this into a malicious tool?

~~~
tekromancr
Like many things, using it maliciously

