This is a release with plenty of cool features.
Take the Infection Monkey for a spin inside your network and let us know how it was!
New Features
- The UI can now optionally be password protected. For more information check our wiki and #260
- The Monkey can now run actions after breaching the machine. For now, we've only implemented the option to create a disabled backdoor user. #242
- Export to AWS security hub. The monkey now knows to export security findings to the AWS security hub. #221
- We can now remotely run commands on AWS EC2 instances, giving you more methods to start a simulating breach. #259
- Attack according to host names rather than IPs #189
- We can now carry our own version of traceroute for linux machines #229
- Add option to sleep between scans #240
- The monkey now also pings machines to check if they're alive, possibly bypassing some segmentation rules #243
- We have an experimental new attack. An MS-SQL exploiter that brute forces authentication and uses xp_cmdshell to attack. #147
We also improved our deployment, making it easier for developers to set up their own instance of the Monkey (#225 and #227 )