Is it possible to customize our own exploiters

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform

https://www.guardicore.com/infectionmonkey/

GNU General Public License v3.0

6.55k stars 763 forks source link

Is it possible to customize our own exploiters #4128

Open Colstuwjx opened 3 months ago

Colstuwjx commented 3 months ago

Documentation request

What do you think should be changed? I've seen we've predefined a several exploiters, however, sometimes it may doesn't match the real world requirement, e.g. Redis or Docker has published a CVE which could cause a security issue, but we can't use infection monkey to test these kind of scenarios.

Is it possible to customize our own exploiters so that we can test more kind of CVEs or potential risk cases for our own requirements.

mssalvatore commented 3 months ago

Yes, it is possible. Unfortunately, at the present time the process for building plugins is not documented. The focus of our next release (expected mid-July) is to publish a plugin SDK and documentation to enable users to build their own plugins.

Between now and then, we'd be happy to get you set up and walk you through the process. Please join our slack workspace and drop a comment in #monkey_development. Someone will be happy to help you out.