What is Infection Monkey?

The Infection Monkey is an open-source security tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self-propagate across a data center and reports success to a centralized Monkey Island server.

COMPTIA Pentest+ Study Notes

The Complete Practical Web Application Penetration Testing Course

The Infection Monkey is comprised of two parts:

  • Monkey – A tool that infects other machines and propagates to them.
  • Monkey Island – A dedicated server to control and visualize the Infection Monkey’s progress inside the data center.

The Infection Monkey uses the following techniques and exploits to propagate to other machines.

  • Multiple propagation techniques:
    • Predefined passwords
    • Common logical exploits
    • Password stealing using Mimikatz
  • Multiple exploit methods:
    • SSH
    • SMB
    • WMI
    • Log4Shell
    • Zerologon
    • and more, see our documentation hub for more information.

Installing and Configuring Infection Monkey

Installation on Windows OS

After downloading the executable, simply:

  1. Follow the steps to complete the installation.
  2. Run the Infection Monkey by clicking on the desktop shortcut.

After installation, you can locate the installation directory using the below path:

`C:\Program Files\Infection Monkey\monkey_island\cc\server_config.json

For more instructions on configuring logging levels and adding a certificate, check the documentation here.

Installation on Linux OS

After downloading the image, assign the appropriate permissions using the below command:

chmod u+x InfectionMonkey-v2.3.0.AppImage

Start Monkey Island by running the Infection Monkey AppImage package


If you get errors related to FUSE, you may need to install FUSE 2.X first:

sudo apt update
sudo apt install libfuse2

Access the Monkey Island web UI by pointing your browser at https://localhost:5000.https://localhost:5000.

How Does Infection Monkey Work?

After installing Infection Monkey you can find out your security vulnerabilities by infecting a random machine with Infection Monkey. Examine for various situations, such as stolen credentials, hacked computers, and other security weaknesses.

Each compromised machine in your network is given a unique remediation recommendation in a comprehensive report generated by the Infection Monkey assessment.

Infection Monkey Uses Adversary Emulation

A cybersecurity protection method called adversary emulation uses the tactics, methods, and procedures (TTPs) of actual attackers. In advanced penetration testing or purple team exercises, an enemy emulation plan is typically done by a real human, which might be costly and need additional resources. Once configured, Infection Monkey handles it automatically and without charge.

How often should you run security assessments with Infection Monkey?

You can execute your real-world enemy emulation plan daily, if desired, once you have it adjusted to your preference. Because Infection Monkey is free, you may check for vulnerabilities without needing to pay for cybersecurity services to simulate an opponent.

Video Walkthrough | Infection Monkey Explained

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles