Advertisements

Kaboom – Script That Automates The Penetration Test

Kaboom is a script that automates the penetration test. It performs several tasks for each phases of pentest:

  • Information gathering [nmap-unicornscan]
    • TCP scan
    • UDP scan
  • Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
    It tests several services:

    • smb
    • ssh
    • snmp
    • smtp
    • ftp
    • tftp
    • ms-sql
    • mysql
    • rdp
    • http
    • https
    • and more…It finds the CVEs and then searchs them on exploit-db or Metasploit db.
  • Exploitation [hydra]
    • brute force ssh

Usage

It supports two mode:

  • Interactive mode:
    kaboom [ENTER] …and the script does the rest
  • NON-interactive mode:
    kaboom <results_path> <nic> <target_ip> [-s or –shutdown]

If you use the shutdown option, it will shutdown the machine at the end of tasks.

If you want see this help:
kaboom -h (or –help)

Directory Hierarchy

It saves the results of commands in this way:

Disclaimer

Author assume no liability and are not responsible for any misuse or damage caused by this program.

It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Advertisements
Advertisements
Advertisements
Advertisements
%d bloggers like this: