kaboom is a script that automates the penetration test. It performs several tasks for each phase of pentest:

  1. Information gathering [nmap-unicornscan]
    • TCP scan
    • UDP scan
  2. Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
    It tests several services:
    • smb
    • ssh
    • snmp
    • smtp
    • ftp
    • tftp
    • ms-sql
    • mysql
    • rdp
    • http
    • https
    • and more…It finds the CVEs and then searchs them on exploit-db or Metasploit db.
  3. Exploitation [hydra]
    • brute force ssh

kaboom supports two mode:

  • Interactive mode:
    kaboom [ENTER] …and the script does the rest
  • NON-interactive mode:
    kaboom <results_path> <nic> <target_ip> [-s or –shutdown]

If you use the shutdown option, kaboom will shutdown the machine at the end of tasks.
If you want see this help:
kaboom -h (or –help)

Directory Hierarchy
kaboom saves the results of commands in this way:

Download Kaboom

1 thought on “kaboom-automatic-pentest

  1. Pingback: sitebroker-a-cross-platform-python-based-utility-for-information-gathering-and-penetration-testing-automation - Pentester Club

Leave a Reply

Your email address will not be published. Required fields are marked *