Network Pivoting and Post Exploitation Framework.
Fhdawn is the maalik client.
|Stealth||Runs in background, Only writes hidden plaintext file to disk.|
|Auto Admin||Attempts to become Administrator by impersonating Windows Defender.|
|Execute / list / delete files and Browse||Full access to all files. Browse the system remotley.|
|Windows Defender Exclusions||Add Windows Defender Exclusions.|
|Network Pivoting||Forwards a Port to another Host on the network to forward exploit traffic onto it.|
|Enable / Disable Firewall||Enable or Disable Windows Firewall, Use full for pivoting scenarios. Firewall is automatically turned off during Pivot attack.|
|Network Scanner||Discover Hosts in the subnet.|
|Port Scanner||Scans discovered hosts for common ports.|
|MS17-10 Network Scanner||Scans the network for Hosts vulnerable to MS17-10, The Eternal Blue.|
|Automatic Eternal Blue||Automatically runs metasploit using rc file to potentially exploit Port 445.|
|Reverse Shell||Stable Reverse Shell, Commands executed as
|File upload / download||Upload or Download Files.|
|Reflective DLL Injection||Reflective DLL Injection into any process.|
|Screenshot||Take screenshot (
|SAM Dump||Dumps SAM and SYSTEM files to disk, Downloads and dumps them using
Note (This is incomplete, And was completed in a different project, I may update this in the future.
Executes 'Payloads' in Memory using Reflective DLL Injection.
The Payload is a 32 bit Reflective DLL, That carries out tasks after successful Injection.
DLL output is written to a TEXT file named
output.png which is used to smuggle output back to server, And also give the DLL Payload commands.
|(DPS) Reverse Shell||Netcat Reverse shell.|
|(DPS) Administrator Prompt Trigger||Forcefully attempt to Execute an Application as Administrator.|
|(DPS) Chrome Password Recovery||Dumps Saved Google Chrome passwords. (Does not work on latest version)|
|(DPS) In Memory Meterpreter||Execute Metasploit C Shellcode.|
|(DPS) Keystroke logging||Log keystrokes.|
|(DPS) Capture Mic Input||Record Mic.|
|(DPS) Registry Persistence||Add any application to startup using registry keys.|
These are cmd commands that are useful in a post exploit situation. Not listed here.
Do not clone the repository.
cd maalik sudo chmod +x install.sh sudo ./install.sh
This Project is active in developement. There may be Errors and bugs that I may have missed. If you find any, Or you have an idea or suggestion. Please submit here.
If you have used maalik in a video or blog, Please Contact me.
The Developer is not responsible for any misuse of Damage caused by the program. This is created only to innovate NetSec and YOU. 👈
Help me with my future projects. Thank you. Donate with Crypto