💾 Archived View for dioskouroi.xyz › thread › 24988227 captured on 2020-11-07 at 00:44:43. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Get Started with Infection Monkey, Open Source Security Tool

Author: morchen

Score: 52

Comments: 8

Date: 2020-11-04 11:54:06

Web Link

________________________________________________________________________________

raesene9 wrote at 2020-11-04 15:44:29:

I'm always slightly dubious of full automated penetration testing tools, particulary ones that state things like

"It is non-intrusive, with no impact on your network." (from

https://www.guardicore.com/infectionmonkey/

)

Having a quick look at the site some of the modules it can use are brute-force password guessers which could cause account lockouts quite easily, depending on how they're used.

Also in my moderately long experience of pentesting (~15 years) even quite innocuous seeming actions can negatively impact systems under review (I've knocked over whole networks with standard port scanning, taken out a website with a ' character in a login box, seen another website taken out by being spidered etc)

This isn't to knock this tool in particular, just expressing a general wariness of tooling which claims to be able to fully automate a process and do so with zero risk.

corty wrote at 2020-11-04 17:15:29:

Agreed, testing is never without risk. The risk however is smaller than the one presented by an attacker in such a scenario. If you are running such a house of cards, you need to know now. Avoiding toppling it over in pentesting just leads to more problems being overlooked.

Customers in this case need to realize that some pain is in their best interest. If the dentist cannot drill, he cannot help.

raesene9 wrote at 2020-11-04 18:09:35:

As a pentester, you may be surprised at how many companies do not see things that way :)

Of course, everyone _should_ have a robust environment which can withstand any testing.

However, particular where a tool like this is intended to run constantly in an environment, I think the Ops teams would want to know whether there was a risk of an outage due to its use.

Hitton wrote at 2020-11-04 14:20:37:

I'm confused. It says:

The Monkey, is a proprietary tool that infects random machines in the target environment and propagates to them.

Is the Monkey different thing than Infection Monkey or is it actually not open source? Or is the term "proprietary" used only as buzzword?

thinkmassive wrote at 2020-11-04 14:41:07:

Looks like it’s licensed under GPL v3. Here’s the repo:

https://github.com/guardicore/monkey

It sounds like it’s self contained, because according to the FAQ:

“The Infection Monkey does not require internet access to function.”

My guess is the author of the Swimm article got confused or mis-stated the proprietary aspect. Perhaps they were thinking of a paid GuardiCore tool with additional functionality.

nyellin wrote at 2020-11-04 14:40:14:

It is open source to the best of my knowledge. (I know one of the developers at Guardicore which develops it.)

nyellin wrote at 2020-11-04 21:00:48:

If this is the type of thing that interests you, it's worth pointing out that Guardicore is hiring a team lead to manage the open source project:

https://www.guardicore.com/company/careers/?id=AE.71F

navotgil wrote at 2020-11-04 19:12:57:

Thanks, very interesting