Kaboom - Automatic Pentest

kaboom is a script that automates the penetration test. It performs several tasks for each phase of pentest:
  1. Information gathering [nmap-unicornscan]
    • TCP scan
    • UDP scan
  2. Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
    It tests several services:
    • smb
    • ssh
    • snmp
    • smtp
    • ftp
    • tftp
    • ms-sql
    • mysql
    • rdp
    • http
    • https
    • and more...
    It finds the CVEs and then searchs them on exploit-db or Metasploit db.
  3. Exploitation [hydra]
    • brute force ssh

kaboom supports two mode:
  • Interactive mode:
    kaboom [ENTER] ...and the script does the rest
  • NON-interactive mode:
    kaboom <results_path> <nic> <target_ip> [-s or --shutdown]
If you use the shutdown option, kaboom will shutdown the machine at the end of tasks.
If you want see this help:
kaboom -h (or --help)

Directory Hierarchy
kaboom saves the results of commands in this way:

Kaboom - Automatic Pentest Kaboom - Automatic Pentest Reviewed by Zion3R on 5:27 PM Rating: 5