Maddox

2026-03-28 View on GitHub
PythonAISecurityGemini
Maddox

What is Maddox?

Maddox v4.5 is an advanced ethical hacking assistant leveraging Google Gemini 2.5 Flash.

Designed for Kali Linux, it transforms how you approach pentesting by actively analyzing massive outputs, executing commands directly from the chat, and maintaining a persistent memory of your targets.

Maddox Preview

Core Capabilities

Automated Command Execution

Maddox understands natural language and can directly execute commands for you. Simply type "run nmap -sC -sV against the target" or "launch gobuster against the web" and the AI will validate the required flags and run the tool autonomously within the terminal.

Massive Output Analysis (LinPEAS/WinPEAS)

Taking advantage of its 1M token context window, Maddox can ingest and process gigantic output files. It reads and parses entire linpeas or winpeas output logs continuously, identifying key privilege escalation vectors and security misconfigurations effortlessly.

Step-by-Step Methodologies

If you are stuck, you can ask questions like "where do I start with this machine?" or "how do I become root?". Maddox evaluates the current context and provides actionable methodology steps, cheat sheets, and specific tactics to guide you through the compromise of the system.

Nmap Analysis Example

Persistent Target Memory

Maddox automatically maintains persistent local JSON records for each target IP. It documents what ports are open, which services are running, any credentials found, and specific attack vectors. When you return to a machine a week later, it remembers the entire scope.

Stealth Mode Setup

A dedicated stealth mode (/stealth) forces all AI suggestions to prioritize OPSEC. It slows down Nmap timings (T2), avoids noisy scanners like Nikto, utilizes Tor/Proxychains, and recommends using temporary directories (/dev/shm) for file transfers automatically.

Anti-Hallucination Systems

To prevent the AI from suggesting non-existent command flags, Maddox features a built-in flag validator. Before proposing or executing any command, it extracts the flags and cross-references them against the tool's actual local --help menu, guaranteeing execution stability.