Have you ever wondered, do my Security Controls really work?

Infection Monkey

If you are one of those who implement security controls, and you cling to the idea that your network is secure just because you have them, without really verifying them, you don’t have the budget for a penetration test and you want to avoid seeing the following message…

Infection Monkey

You are in the right place! Continue reading…


What is Infection Monkey?

Infection Monkey is an open source breach and attack simulation (BAS) tool that assesses the security of environments. Developed by Guardicore

What does Infection Monkey offer?

When to use it?

Does this mean that Infection Monkey is a Vulnerability scanner?

Infection Monkey

Absolutely NO


Infection Monkey works in the same way as a real attacker would, starting from a random location in the network and propagating from there, while looking for all possible paths of exploitation.

How does it work?

Infection Monkey works in a client-server architecture in which the main server, known as Island Server, receives, processes and graphs all the information received by the Infection Monkey agent, which performs the network scanning process, vulnerability identification, vulnerability exploitation, lateral movements, persistence and simulation of information exfiltration.


Infection Monkey generates 3 types of reports:



Do you have any advice? If so, feel free to let us know below in the comments.


Leave a Reply

Your email address will not be published. Required fields are marked *