Security report

The Infection Monkey’s Security Report provides you with actionable recommendations and insight into an attacker’s view of your network. You can download a PDF of an example report here:

The report is split into three main categories:


The overview section of the report provides high-level information about the Infection Monkey’s execution and main security findings.

High-level information

This section shows general information about the Infection Monkey’s execution, including which machine the infection originated from and how long the breach simulation took.


Used credentials

This section shows which credentials were used for brute-forcing.

Used Credentials

Exploits and targets

This section shows which exploits were attempted in this simulation and which targets the Infection Monkey scanned and tried to exploit.

Exploits and Targets

Security findings

This section highlights the most important security threats and issues discovered during the attack.

Threats and issues


This section contains recommendations for improving your security, including actionable mitigation steps.

Machine-related recommendations

Machine-related recommendations

The network from the Monkey’s eyes

This section contains the infection map and summary tables on servers the Infection Monkey found.

Network infection map

This section shows the network map and a breakdown of how many machines the Infection Monkey breached.

Network map

Scanned servers

This section shows the attack surface the Infection Monkey discovered.

Scanned servers

Exploits and post-breach actions

This section shows which exploits and post-beach actions the Infection Monkey performed during the simulation.

Exploits and PBAs

Stolen credentials

This section shows which credentials the Infection Monkey was able to steal from breached machines during this simulation.

Stolen creds