Maligno v2.0 - Metasploit Payload Server
Maligno is an open source penetration testing tool written in Python
that serves Metasploit payloads. It generates shellcode with msfvenom
and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES
and encoded prior to transmission.
Maligno also comes with a client tool, which supports HTTP, HTTPS and
encryption capabilities. The client is able to connect to Maligno in
order to download an encrypted Metasploit payload. Once the shellcode is
received, the client will decode it, decrypt it and inject it in the
target machine.
The client-server communications can be configured in a way that
allows you to simulate specific C&C communications or targeted
attacks. In other words, the tool can be used as part of adversary
replication engagements.
Are you new to Maligno? Check Maligno Video Series with examples and tutorials.
Changelog: Adversary replication functionality improvements. POST and
HEAD method support added, new client profile added, server
multithreading support added, perpetual shell mode added, client static
HTTP(S) proxy support added, documentation and stability improvements.
Important: Configuration files or profiles made for Maligno v1.x are not compatible with Maligno v2.0.
Maligno v2.0 - Metasploit Payload Server
Reviewed by Zion3R
on
12:05 AM
Rating: