Infection Monkey alternatives

Looking for an alternative tool to replace Infection Monkey? During the review of Infection Monkey we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. arpag (automatic exploiting tool)
  2. AutoSploit (automated host exploitation)
  3. Leviathan Framework (mass audit toolkit)

These tools are ranked as the best alternatives to Infection Monkey.

Alternatives (by score)

64

arpag

Introduction

Tools like arpag can help with automating penetration tests and security assessments. By testing automatically for a set of exploits, the remaining time can be spend in other areas.

Project details

arpag is written in Python.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Penetration testing
  • Security awareness
  • Service exploitation

arpag review

88

AutoSploit

Introduction

AutoSploit attempts to automate the exploitation of remote hosts for security assessments. Targets can be collected automatically or manually provided. Automatic sources include Censys, Shodan, and Zoomeye.

Project details

AutoSploit is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 3000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Service exploitation
    • System exploitation

    AutoSploit review

    60

    Leviathan Framework

    Introduction

    Leviathan is a security tool to provide a wide range of services including service discovery, brute force, SQL injection detection, and exploit capabilities. The primary reason to use this tool is to do massive scans on many systems at once. For example to include a huge network range, country-wide scan, or even full internet scan.

    Project details

    Leviathan Framework is written in Python.

    Strengths and weaknesses

    • + More than 500 contributors
    • + The source code of this software is available

      Typical usage

      • Penetration testing
      • Security assessment
      • Service exploitation

      Leviathan Framework review

      60

      ShellPop

      Introduction

      During a penetration test, you might have an opportunity to gain shell access to a system. This tool helps with crafting the required type of reverse or bind shell for the task. PopShell also helps with encoding, staging, or switching between different protocols.

      Project details

      ShellPop is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Penetration testing

        ShellPop review

        74

        Vulnreport

        Introduction

        Vulnreport is a platform to deal with penetration test results. The tool formats them and provides actionable findings reports. The platform is strong in focusing on automation, to reduce the time spent by engineers.

        Project details

        Vulnreport is written in Ruby.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Security reviews
          • Vulnerability management
          • Vulnerability scanning

          Vulnreport review

          85

          BeEF

          Introduction

          BeEF is used by penetration testers to assess the security of a system by leveraging the web browser. This makes the tool different to many other tools, as it ignores the security on network or system level. It uses command modules from within the web browser to perform requested attacks against the system.

          Project details

          74

          Metasploit Framework

          Introduction

          Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

          Project details

          Metasploit Framework is written in Ruby.

          Strengths and weaknesses

          • + More than 400 contributors
          • + More than 9000 stars
          • + Many maintainers
          • + The source code of this software is available
          • + Supported by a large company
          • + Well-known tool

            Typical usage

            • Penetration testing
            • Security assessment
            • Vulnerability scanning

            Metasploit Framework review

            60

            Pupy

            Introduction

            Pupy is an open source remote administration and post-exploitation tool. It is mainly written in Python and works Androi, Linux, macOS, and Windows.

            Project details

            Pupy is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available

              Typical usage

              • Penetration testing
              • Security assessment

              Pupy review

              64

              RouterSploit

              Introduction

              RouterSploit is a framework to exploit embedded devices such as cameras and routers. It can be used during penetration testing to test the security of a wide variety of devices. RouterSploit comes with several modules to scan and exploit the devices. The tool helps in all steps, like from credential testing to deploying a payload to perform an exploitation attempt.

              Project details

              RouterSploit is written in Python.

              Strengths and weaknesses

              • + More than 50 contributors
              • + More than 6000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Penetration testing
                • Self-assessment
                • Software testing
                • Vulnerability scanning

                RouterSploit review

                60

                Ruler

                Introduction

                The main aim for this tool is abusing the client-side Outlook features and gain a shell remotely.

                Project details

                Ruler is written in Golang.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Penetration testing
                  • Security assessment

                  Ruler review

                  81

                  sqlmap

                  Introduction

                  The sqlmap is a well-known tool with an amazing number of GitHub stars (10,000+). It is used by many security professionals around the world to test the security of both web applications and the database that stores the data.

                  Project details

                  74

                  Cuckoo Sandbox (cuckoo)

                  Introduction

                  In a matter of seconds, Cuckoo Sandbox provides detailed results on what a file does within an isolated environment. This helps with malware analysis and understanding what it exactly tries to achieve. Further analysis can be done, based on the previous actions that were done.

                  Cuckoo Sandbox was created by Claudio Guarnieri as part of the Google Summer of Code project in 2010.

                  Project details

                  Cuckoo Sandbox is written in Python.

                  Strengths and weaknesses

                  • + More than 2000 GitHub stars
                  • + The source code of this software is available
                  • - Many provided pull requests are still open
                  • - Many reported issues are still open

                  Typical usage

                  • Digital forensics
                  • Malware analysis

                  Cuckoo Sandbox review

                  Some relevant tool missing as an alternative to Infection Monkey? Please contact us with your suggestion.