kaboom: automates the penetration test

kaboom is a script that automates the penetration test. It performs several tasks for each phase of pentest:

  1. Information gathering [nmap-unicornscan]
    • TCP scan
    • UDP scan
  2. Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
    It tests several services:

    • smb
    • ssh
    • snmp
    • smtp
    • ftp
    • tftp
    • ms-sql
    • mysql
    • rdp
    • http
    • https
    • and more…

    It finds the CVEs and then searches them on exploit-db or Metasploit db.

  3. Exploitation [hydra]
    • brute force ssh

Directory Hierarchy

It saves the results of commands in this way:


git clone https://github.com/Leviathan36/kaboom.git


It supports two modes:

  • Interactive mode:
    kaboom [ENTER] ...and the script does the rest

  • NON-interactive mode:
    kaboom <results_path> <nic> <target_ip> [-s or --shutdown]

If you use the shutdown option, kaboom will shut down the machine at the end of tasks.

If you want to see this help:

kaboom -h (or --help)

Copyright (C) 2018 Leviathan36

Source: https://github.com/Leviathan36/