kaboom is a sript that automates the penetration test. It performs several tasks for each phases of pentest:
-
Information gathering [nmap-unicornscan]
- TCP scan
- UDP scan
-
Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
It tests several services:- smb
- ssh
- snmp
- smtp
- ftp
- tftp
- ms-sql
- mysql
- rdp
- http
- https
- and more...
It finds the CVEs and then searchs them on exploit-db or Metasploit db.
-
Exploitation [hydra]
- brute force ssh
kaboom supports two mode:
- Interactive mode:
kaboom [ENTER] ...and the script does the rest
- NON-interactive mode:
kaboom <results_path> <nic> <target_ip> [-s or --shutdown]
If you use the shutdown option, kaboom will shutdown the machine at the end of tasks.
If you want see this help:
kaboom -h (or --help)
kaboom saves the results of commands in this way:
Author assume no liability and are not responsible for any misuse or damage caused by this program.
kaboom is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
kaboom is released under GPLv3 license. See LICENSE for more details.