Kaboom: Automated pentest script

Kaboom is an automation for penetration testing. Performs many tasks for the first two phases of the test: gathering information and assessing vulnerability. All the information collected is stored hierarchically, which is very simple to search (the same in the case of multiple targets).

Specifications

  • Customization (see above)
  • Multi-target specification
  • You can specify up to 254 hosts (C-class network)
  • New CLI
  • More powerful Nmap scan
  • Better directory hierarchy
  • Automatic research of Metasploit module associated with CVE code found
  • Recognition of services exposed on non-canonical ports (ex: http on 7000)
  • Print out and save credentials found

Details

Kaboom performs several tasks:
  1. Information Gathering
    • Port scan (Nmap)
    • Web resources enumeration (Dirb)
  2. Vulnerability assessment
    • Web vulnerability assessment (Nobody - Dirb)
    • Vulnerability assessment (Nmap - Metasploit)
    • automatically research ( - Metasploit)
    • Dictionary Attacks (Hydra)
      • SSH
      • POP3
      • IMAP
      • RDP

Use

Kaboom can be used in two ways:

kaboom [ENTER], and the does the rest

  • NON-interactive mode:

If you want to see help:

kaboom -h (or –help)

Hierarchy

 

Download the program from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).