Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded prior to transmission.

Maligno also comes with a client tool, which supports HTTP, HTTPS and encryption capabilities. The client is able to connect to Maligno in order to download an encrypted Metasploit payload. Once the shellcode is received, the client will decode it, decrypt it and inject it in the target machine.

The client-server communications can be configured in a way that allows you to simulate specific C&C communications or targeted attacks. In other words, the tool can be used as part of adversary replication engagements.

Are you new to Maligno? Check Maligno Video Series with examples and tutorials.

Changelog: Adversary replication functionality improvements. POST and HEAD method support added, new client profile added, server multithreading support added, perpetual shell mode added, client static HTTP(S) proxy support added, documentation and stability improvements.

Important: Configuration files or profiles made for Maligno v1.x are not compatible with Maligno v2.0.