Kaboom is a script that automates the penetration test. It performs several tasks for each phases of pentest:

  • Information gathering [nmap-unicornscan]
    • TCP scan
    • UDP scan
  • Vulnerability assessment [nmap-nikto-dirb-searchsploit-msfconsole]
    It tests several services:
    • smb
    • ssh
    • snmp
    • smtp
    • ftp
    • tftp
    • ms-sql
    • mysql
    • rdp
    • http
    • https
    • and more…It finds the CVEs and then searchs them on exploit-db or Metasploit db.
  • Exploitation [hydra]
    • brute force ssh

Also Read : Pftriage : Python Tool & Library To Help Analyse Files During Malware Triage & Analysis


It supports two mode:

  • Interactive mode:
    kaboom [ENTER] …and the script does the rest
  • NON-interactive mode:
    kaboom <results_path> <nic> <target_ip> [-s or –shutdown]

If you use the shutdown option, it will shutdown the machine at the end of tasks.

If you want see this help:
kaboom -h (or –help)

Directory Hierarchy

It saves the results of commands in this way:


Author assume no liability and are not responsible for any misuse or damage caused by this program.

It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.