badKarma – Advanced Network Reconnaissance Toolkit For Penetration Testing

badKarma

badKarma – Advanced Network Reconnaissance Toolkit For Penetration Testing

badKarma is a python3 GTK+ network infrastructure penetration testing toolkit.

badKarma aim to help the tester in all the penetration testing phases (information gathering, vulnerability assessment,exploitation,post-exploitation and reporting). It allow the tester to save time by having point-and-click access to their toolkit and interacte with them through GUIs or Terminals, also every task is logged under a sqlite database in order to help during the reporting phase or in a incident response scenario.

Every task’s output is logged under a session file in order to help during reporting phase or in a possible incident response scenario. It is also available a proxy-chains switch that let everything go through proxies, and last but not least, every command can be adjusted before the execution by disabling the “auto-execute” checkbox.

badKarma is licensed under GNU GPL version 3.

 

badKarma

 

 

Database

The database by default is located inside the “/tmp” directory, this means that you have to save it in a different location before rebooting your computer.

It contains all the information gained during the activity, real-time updated, it is used like a session file, and it can be exported or/and imported.

 

database

 

Session file

The Session file is just a sqlite database, it contains all the information gained during the activity, real-time updated it can be exported or/and imported from badKarma’s GUI. By default the database is located inside the “/tmp” directory, this means that you have to save it in a different location before rebooting your computer.

Inside the database there are four tables: hosts, ports, activity log and notes.

 

Session file

 

 

Targets

It is possible to add targets and scan them with nmap and/or masscan from the GUI, some defaults scan profiles are already available as well. It is also possible to import XML scanners result from the main menu.

By default all the scan output are stored inside the “/tmp” directory , then the output is imported in the session file and deleted.

 

target of badkarma

 

 

Extensions

badKarma is modular, the extensions are full-interactive and they allow the penetration tester to tune tasks options, since output is logged under the session file, their output can be exported as a raw txt from the “Logs” tab.

Extensions can be found under the “extension” directory,current available extensions are:

Shell: this is the main module of the toolkit since it allow the tester to execute preconfigured shell tasks. Shell commands are located under the “conf” directory.

Bruter: as the name says, bruter is the brute-force extension. It allow the tester to send a target directly to Hydra and configure the parameters through a GUI.

Screenshot: this extension allow the tester to take a screenshot of possibile http,rdp,rtsp,vnc and x11 servers, the screenshot will be stored in the log database as base64 and can be shown from badKarma.

Browser: just an “open in browser” for http menu item, take it as an example to build your own extensions.

 

Shell

 

 

Setup

install Kali linux dependecies:

# apt install python3-pip python3-gi phantomjs gir1.2-gtk-vnc-2.0 ffmpeg

clone the repository:

$ git clone https://github.com/r3vn/badKarma.git

install python dependecies:

# cd badKarma
# pip3 install -r requirements.txt

Run

$ chmod +x badkarma.py
$ ./badkarma.py

badKarma

 

Download Link

https://github.com/r3vn/badKarma

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Internet Of Things Training in Bhubaneswar

Internet Of Things Training in Bangalore

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Web Penetration Testing Company in Bangalore

Network Penetration Testing – NPT

Network Penetration Testing Service in Bangalore

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


Show Buttons
Hide Buttons