Want to help secure networks? That’s great!
Here are a few short links to help you get started:
You can take a look at our roadmap to see what issues we’re thinking about tackling soon. We are always looking for:
The best way to find weak spots in a network is by attacking it. The Adding Exploits page will help you add exploits.
It’s important to note that the Infection Monkey must be absolutely reliable. Otherwise, no one will use it, so avoid memory corruption exploits unless they’re rock solid and focus on the logical vulns such as Shellshock.
Successfully attacking every server in the network has little value if the Infection Monkey can’t provide recommendations for reducing future risk. Whether it’s explaining how the Infection Monkey used stolen credentials or escaped from locked-down networks, analysis is what helps users translate the Infection Monkey’s activities into actionable next steps for improving security.
We always want to improve the core Infection Monkey code to make it smaller, faster and more reliable. Please share if you have an idea that will help us meet these goals or modularize/improve test coverage.
Every project requires excellent documentation. The Infection Monkey is no different. Please feel free to open pull requests with suggestions, improvements or issues and asking us to document various parts of the Monkey.
The Infection Monkey’s documentation is stored in the