Getting Started
Using the Infection Monkey
After deploying the Monkey Island in your environment, navigate to https://<server-ip>:5000.
First-time setup
On your first login, you’ll be asked to set up a username and password for the Monkey Island server. See this page for more details.
Run the Monkey
To get the Infection Monkey running as fast as possible, click Run Monkey. Optionally, you can configure the Monkey before you continue by clicking Configuration (see how to configure the monkey).
To run the monkey, select one of the following options:
- Click Run on C&C Server to run the Infection Monkey on the Monkey Island server. This simulates an attacker trying to propagate through local network from Monkey Island machine.
- Click Run on machine of your choice to download and execute the Infection Monkey on a machine of your choice. Then follow the instructions and execute the generated command on the machine of your choice. This simulates an attacker who has breached one of your servers. The Monkey will map all accessible machines and their open services and try to steal credentials and use its exploits to propagate.
If you’re running in an AWS cloud environment, check out Usage -> Integrations for information about how Monkey integrates with AWS.
Infection Map
Next, click Infection Map to see the Infection Monkey in action.
At first, the infection map will look like this:
Within a few minutes, the Infection Monkey should be able to find and attack accessible machines.
As the Infection Monkey continues, the map should be filled with accessible and “hacked” machines. Once all the Infection Monkeys have finished propagating, click Reports to see the reports. See Infection Monkey Reports for more info.
Congratulations, you finished first successful execution of the Infection Monkey! 🎉 To thoroughly test your network, you can run the Infection Monkey from different starting locations using different configurations.