How to Build a Portable Hacking Station with a Raspberry Pi and Kali Linux


Cracking Wi-Fi passwords, spoofing accounts, and testing networks for exploits is all fun enough, but if you want to take the show on the road, you’ll want an easily portable rig. Enter Kali Linux and the Raspberry Pi.

This post is part of our Evil Week series at Lifehacker, where we look at the dark side of getting things done. Sometimes evil is justified, and other times, knowing evil means knowing how to beat it. Want more? Check out our evil week tag page.

Kali Linux is an operating system built for network penetration testing. You can run it on your laptop to crack nearby Wi-Fi passwords, spoof networks, test for Bluetooth vulnerabilities, and tons of other things. Remember, using this knowledge to break into protected networks will likely get you arrested and charged with a felony—possibly a federal charge of violating the Computer Security Act. You should only use this knowledge for good, for your own learning, and only play with networks you control. We’ve talked pretty extensively about using Kali Linux before, so we won’t go through that here, but check out our guide for an overview of everything you can do with it. All of that applies to the Raspberry Pi version we’ll build here as well.

The Raspberry Pi is a small, credit card sized computer that doesn’t require a lot of power to use. When you combine the Raspberry Pi and Kali Linux together, you get a super-portable network testing machine that you can bring with you anywhere. In this guide, we’ll show you how to get Kali up and running on the Raspberry Pi with a touch screen. This way, you never need to install Kali Linux on your primary computer.

What You’ll Need

Step One: Install Kali on the Raspberry Pi

Before we do anything, you’ll need to download and install the touch screen build of Kali Linux image for the Raspberry Pi. It’s just like installing any other Raspberry Pi operating system, which we’ve walked through in detail here, but here’s the short version:

How to Install Kali to Your SD Card in Windows

  1. Download the Kali Linux Raspberry Pi image for your hardware (Model B/B+ users should grab the TFT version, Raspberry Pi 2 should grab the Pi 2 version) and unzip the .img file inside. Note: If you’re not using the touch screen display, download the regular version of Kali Linux for the Raspberry Pi.
  2. Download Win32DiskImager and unzip the application (.exe file) inside.
  3. Insert your SD card into your Windows PC using a card reader.
  4. Open Win32DiskImager.exe, the application you just downloaded, by double-clicking on it. If you’re running Windows 7 or 8, right click on it and choose “Run as Administrator” instead.
  5. If your SD card isn’t automatically detected by the application, click on the drop-down menu at the top right (labeled “Device”) and choose it from the list.
  6. In the image file section of the application, click the little folder icon and choose the Raspbian .img file you just downloaded.
  7. Click the Write button and wait for Win32DiskImager to do its thing. When it finishes, you can safely eject your SD card and insert it into your Raspberry Pi.

How to Install Kali to Your SD Card in OS X

  1. Download the Kali Linux Raspberry Pi image for your hardware (Model B/B+ users should grab the TFT version, Raspberry Pi 2 should grab the Pi 2 version) and unzip the .img file inside. Note: If you’re not using the touch screen display, download the regular version of Kali Linux for the Raspberry Pi.
  2. Download RPi-sd card builder (be sure to pick the appropriate version for your installed version of OS X) and unzip the application.
  3. Insert your SD card into your Mac using a card reader.
  4. Open RPi-sd card builder. You’ll immediately be asked to choose a Raspbian image. Choose the .img file you downloaded earlier.
  5. You’ll be asked if your SD card is connected. Since we inserted it earlier, it is, so go ahead and click Continue. You’ll be presented with SD card options. If you only have one inserted, you won’t see anything else in the list and it’ll be checked. If not, just check only the card you want to use and click OK.
  6. Enter your administrator password and click OK.
  7. You’ll be asked if the SD card was ejected. This is supposed to happen, as the application needs to unmount it so it can perform a direct copy. Double-check that your SD card is no longer available in the Finder. DO NOT remove it from your USB port. When you’re sure, click Continue.
  8. RPi-sd card builder finishes prepping your SD card, safely eject it and insert it into your Raspberry Pi unit.

Step Two: Hook Up the Display

The Raspberry Pi has a GPIO (general-purpose input/output) that the touch screen fits into. On your Raspberry Pi, it’s the set of pins in the corner—it should be pretty obvious how it fits together. Go ahead and click your display into the Raspberry Pi.

Step Three: Plug Everything In and Power On

With the display attached, it’s time to plug everything else in. Plug the Wi-Fi adapter and the keyboard into the USB ports. Then, plug the Pi into your battery pack.

The startup process can be a bit slow and clunky here, so don’t worry if it takes a little while. First, you’ll see a white screen for a little while before the boot process starts up. Eventually, you’re greeted by a login screen.

If you’re using a Raspberry Pi 2, you’ll need to go through some setup stuff here to get the screen working. If you’re using the B+, skip to the next step.

The Raspberry Pi 2 currently requires some extra steps to get the screen working. When you initially boot it up, you’re greeted by a sad, white screen. Thankfully, it’s not too troublesome to get the screen working. Unfortunately, you’ll need either an HDMI monitor to attach the Pi to, or you’ll need to login over SSH to get through this part. Go ahead and connect either of those and boot up the Pi now.

  1. You’ll see a username and password prompt from the command line on your Raspberry Pi. Type in the username root and password toor.
  2. Start by mounting the boot partition. Type in mount /dev/mmcblk0p1 /boot and press Enter.
  3. Next, you’ll download and install Adafruit’s setup software. Type in wget http://adafruit-download.s3.amazonaws.com/adafruit_pitft_kernel_1.20150420-1.tar.gz and press Enter.
  4. Type in tar xf adafruit_pitft_kernel_1.20150420-1.tar.gz and press Enter to extract that file.
  5. Type in cd adafruit_pitft_kernel_1.20150420-1 and press Enter.
  6. Type in ./install.sh and press Enter. This will take a while. When it’s finished, it’ll ask you to reboot. Say yes and wait for the reboot.
  7. Type in git clone https://github.com/adafruit/Adafruit-PiTFT-Helper.git and press Enter to download Adafruit’s screen software.
  8. Okay, now you need to mount the boot disk again. Type in mount /dev/mmcblk0p1 /boot and press Enter.
  9. Type in cd Adafruit-PiTFT-Helper and press Enter.
  10. Type in ./adafruit-pitft-helper -u /root/ -t 28r and press Enter. This configures your display.
  11. Now you’ll need to fix some issues with the boot screen only showing a blinking cursor. Type in sudo apt-get install xserver-xorg-video-fbdev and press Enter.
  12. Once that’s complete, type in cd /usr/share/X11/xorg.conf.d/ and press Enter.
  13. Finally, type in nano 99-fbdev.conf and press Enter. This will open a text file. You’ll need to copy the following bit of code into the file:

Section “Device”
Identifier “myfb”
Driver “fbdev”
Option “fbdev” “/dev/fb1”
EndSection

When you’re done, press Ctrl+X to save and exit.

That should do it. Go ahead and type reboot and press Enter to restart your Pi with a working screen.

Step Four: Log In and Enable Your Wi-Fi Card

Now it’s time to log in and enable the Wi-Fi card so you can actually use the tools inside of Kali Linux. The Raspberry Pi will automatically recognize your Wi-Fi card, but you’ll still need to login to your network. First thing first, we need to launch the Kali Linux graphic user interface and make sure everything’s working:

  1. You’ll see a username and password prompt from the command line on your Raspberry Pi. Type in the username root and password toor (we’ll change this later on).
  2. Type in startx and press Enter to boot up the graphic interface for Kali. This can take a little while to load on the Pi.
  3. You can now navigate your Pi with the touch screen and your keyboard. Tap the small Terminal icon on the dock in the bottom to open up the command line.
  4. To set up your Wi-Fi card, type nano /etc/network/interfaces into the command line and press Enter to load up the configuration file for your Wi-Fi settings.
  5. Add the following lines to the text file you just opened, substituting your network information in:

auto wlan0
iface wlan0 inet dhcp
wpa-ssid “your network name”
wpa-psk “the network password”

When you’re finished, press Ctrl+X to save and exit. Your Wi-Fi card should now work (though you may have to reboot first).

Step Five: Change Your Password

Before you do anything else, you should really change the root password of your device (lest someone else with similar hacking skills gain control of it). Thankfully, it’s easy.

  1. While you’re still in the command line (if you aren’t, go ahead and just tap the Terminal icon in Kali to reopen it), type in passwd and press Enter.
  2. Type in your new password twice.
  3. It’s also good to reconfigure your OpenSSH server now so it’s not set as the default. Type in dpkg-reconfigure openssh-server and press Enter.

Now your little portable system is set up and secure.

What You Can Do With This Device

From here, what you do with your little portable hacking station is up to you. You can use the touch screen on the Pi for basic navigation and run any program in Kali Linux you want. If you don’t know where to start, here are a few ideas:

The world is your oyster. Hack responsibly, everyone.

Source

Kali Linux Virtualbox Pentest Lab

The cornerstone to learning how to penetration test and hack is to have your own lab set up. In this scenario we will set up our own Kali Linux Virtualbox lab. If you are serious about learning then it is the very first thing you should do. The reason being is that once you get your lab set up you will be able to start running sample tests to see how they work. Every pentester has one, and reading about how to conduct penetration tests won’t get you anywhere; you will actually need to get your hands dirty.

Initially we are going to quickly put together the most rudimentary network that you can use to learn and sharpen your skills. Simplicity is key. Eventually you can add new machines to attack after we initially get set up together. The idea here is that we don’t want to become overwhelmed, so starting small and expanding is the way to go.

For now we are going to start with three machines: Kali Linux (which will be our attacking platform), Metasploitable 2 and OWASP WebGoat. We want to create a network where we have one platform for penetration testing, one platform that was built to be vulnerable and one web application that was built to be vulnerable.

Kali Linux Virtualbox

Kali Linux if you don’t know is the gold standard open source penetration testing operating system created by Offensive Security. Operating systems don’t make the penetration tester, but if you are serious, Kali Linux was developed solely for this purpose and will make your life a whole lot easier. Many of the tools are built right into it.

Metasploitable 2

Metasploitable 2 is a vulnerable Ubuntu Linux operating system created by the Rapid7 Metasploit Team that was designed for training purposes just like this. This will make it much easier for us to find vulnerabilities in the target machine and will allow us to get some good experience in penetration testing. We will also be much less frustrated at the beginning because we weren’t able to find any issues right away.

webgoat

WebGoat is a project created by OWASP and is in the same vein as Metasploitable 2. The difference is that it allows us to test our skills out on a web application instead of an operating system. It is an amazing application because there are lessons within it and it allows you to run the tests right in the application as well. This will allow us to broaden our skills and be more ready to meet the demands of the increasing need of pentesters that can work on web apps.

After we are done our virtual network will look something like this (note that this is just an example as everyone’s network is unique):

Lab Network Design

As you can see this is very simple but is all we need for right now. As stated earlier, as our skills improve so will our network.

This tutorial is going to focus on setting up this virtual lab using VirtualBox because it is free and anyone can set it up this way. There are also many other tutorials you should be able to find with a quick Google search on how to install virtual machines on any operating system or virtual setup that you might be using.

The first thing we need to do here is download VirtualBox. You can pick this Oracle product up here: https://www.virtualbox.org/wiki/Downloads

After you have installed VirtualBox we need to create a DHCP server and network within VirtualBox that we will use later.

Browse to where you have virtual box installed at the command line and type: vboxmanage dhcpserver add –netname mydhcpnetwork –ip 10.10.10.1 –netmask 255.255.255.0 –lowerip 10.10.10.2 –upperip 10.10.10.10 –enable

(Note: If you are on windows you have to append the extension “vboxmanage.exe”)

This gives us a DHCP server and 9 other IPs to play with. However, you can increase the number to whatever you like.

Now that you have VirtualBox installed we need to install our platforms (Kali Linux, Metasploitable, OWASP WebGoat).

Kali Linux

You can get your Kali Linux virtual machine from https://www.kali.org/downloads/ I suggest torrenting the download over the direct download as it is faster and I’ve had instances where the direct download was corrupted. If you’ve never torrented just go with the direct download and hope it works. When this finishes make sure that the Sha1sum matches what you see on the Kali Linux webpage. You can check this by:

Microsoft’s tool: http://www.microsoft.com/en-us/download/details.aspx?id=11533

For Mac simply type in the terminal: openssl sha1

Linux: sha1sum

Going forward you should always check for SHA or MD5 hashes and compare those to what they should be, as this is a prudent step to prevent malware on your computer.

The first thing we will want to do after verifying our hash is to install Kali Linux on VirtualBox. Click on New.

New Virtualbox

You can make the name of it anything you want, but will need to select Linux as the “Type”. The version you choose will either be Debian (32 bit) or Debian (64 bit) depending on what version of the Kali Linux OS you downloaded. For this example I downloaded the 32-bit version.

Name and Operating System

Set your memory size. While 512 is the default and you may get away with this, it is possible that you’ll get into some trouble later running certain applications so I suggest you increase it to something higher. Nothing is worse than being right in the middle of something and your Linux platform freezes. However, the beauty of VirtualBox is that you can go back into the settings and simply readjust this at any time.

Memory Size

We will be creating a virtual hard drive so select that and click Create.

Create a virtual hard drive now

For this example we will be using the VirtualBox Disk Image.

VirtualBox Disk Image

We want a Dynamically allocated hard drive for this example.

Dynamically allocated

For the size you probably want to increase it to at least 15GB. I’ve had issues with the installation when going with the standard size of 8GB.

hard drive size

Now that we have created our new Kali Linux virtual machine we need to configure it, so select settings and then Storage.

settings

storage

We now need to add the ISO that we previously downloaded. We do that by highlighting the area you see selected below. At first this should say “Empty”. After “Empty” is highlighted you then need to click the CD where you see the arrow below and browse/select where you have your ISO located.

For Adapter 1 we will be using the DHCP server and network that we created earlier for our internal VirtualBox network.

kalidhcpnetwork

We also need our Kali Linux platform to reach the Internet, so for that we will be using Adapter 2. Attach it to NAT and then hit OK.

NATkalisetup9b

Highlight and now start your new virtual machine.

kalisetup9b

You could actually use Live below and boot right into the system, but I suggest that you actually install Kali Linux on to the virtual machine. Choose the Install or Graphical Install below and follow the steps.

kalisetup11

Depending on how you are installing your system and what version of the install you are using, you may encounter the following error when starting up the install:

If you get this error go back to settings, System, Processor and select “Enable PAE/NX”.

kalipae

During the setup you will be asked to configure the network as well. Because we created two adapters you will see something like eth0 and eth1 below. What you will need to do here is select the interface that allows you out to the Internet. In my case this is the NAT interface we created earlier and is eth1.

ethernetcontroller

After logging into your fresh Kali Linux install the first thing you will want to do is verify that you can reach the internet by opening up your web browser. If you cannot browse the web you need to enable DHCP from your command prompt with: dhclient -v

Now that everything has been set up properly we need to update Kali Linux so that we KNOW that we have the most recent distribution and tools. You can do that with the following at the command prompt: apt-get update && apt-get upgrade

Metasploitable:

Installing your vulnerable Metasploitable 2 operating system is very similar to how you installed Kali, just with fewer steps.

To start you will need to download the files from here: https://information.rapid7.com/metasploitable-download.html

Again, create a new virtual machine:

metasploitable1

Again, set your memory size.

metasploitable2

This is slightly different than the Kali Linux setup because we will be using an existing virtual hard drive as you can see below. Just select where you see the arrow and then browse to where you saved the highlighted file.

metasploitable3

Like we did for the Kali Linux setup we will need to click on settings once again. We need to make a modification in the network section as we did for our Kali Linux platform.

Metasploitable2dhcpnetwork

Start your new Metasploitable 2 virtual machine.

Metasploitable5

The Default username and password after you run your machine will be:

Username: msfadmin
Password: msfadmin

OWASP WebGoat

To get the latest version of WebGoat just go to https://github.com/WebGoat/WebGoat-Legacy/releases and download the latest release at the bottom of the page.

To get started on this you will have to have the Java Platform installed on your computer first if you don’t already. You can get that here: http://www.oracle.com/technetwork/java/javase/downloads/index.html

You also need Apache Tomcat for this as well. You can find a stable release here: http://tomcat.apache.org/whichversion.html

Copy the latest version of WebGoat to your working directory and in your terminal type: java -jar WebGoat-6.0.1-war.exec.jar
(note that depending on which version of WebGoat you get at the time of reading this it could be slightly different)

To get to the login screen browse to http://localhost:8080/WebGoat with your web browser. On the login screen you will see both the guest login and admin login and password. After you log in you will be able to see all of the lesson plans:

WebGoatlogin

If you installed all three of these platforms then you have plenty to get you started on your journey of learning how to hack in to the information security and pentesting space.

This network is now the perfect venue for a student like yourself to test out their skills and techniques without the fear of permanently damaging or destroying your own network/systems, or someone else’s for that matter.

I’ve provided some bonus content that will help you customize this pentest lab to start the DHCP server every time, create a share drive to share files between the lab and your computer, enabling sound, securing your kali linux virtualbox machine and few other things.

Click Here to Download

Source

Derivatives/Census/Kali – Debian Wiki

Kali Linux

Kali Logo

Kali Linux is a security auditing operating system and toolkit that aims to be the most advanced and versatile penetration testing distribution ever created. Kali Linux incorporates more than 300 penetration testing and security auditing programs with a Linux operating system, delivering an all-in-one solution that enables IT administrators and security professionals to test the effectiveness of risk mitigation strategies. Kali Linux offers a smoother, easier penetration testing experience, making it more accessible to IT generalists as well as security specialists.

All the programs packaged with the operating system were evaluated for suitability and effectiveness before being included. They include Metasploit for network penetration testing, Nmap for port and vulnerability scanning, Wireshark for monitoring network traffic, and Aircrack-ng for testing the security of wireless networks.

deb [arch=i386,amd64,armel,armhf,arm64] https://http.kali.org/kali kali-dev main contrib non-free deb [arch=i386,amd64,armel,armhf,arm64] https://http.kali.org/kali kali-dev main/debian-installer deb-src https://http.kali.org/kali kali-dev main contrib non-free deb [arch=i386,amd64,armel,armhf,arm64] https://http.kali.org/kali kali-rolling main contrib non-free deb [arch=i386,amd64,armel,armhf,arm64] https://http.kali.org/kali kali-rolling main/debian-installer deb-src https://http.kali.org/kali kali-rolling main contrib non-free deb [arch=i386,amd64,armel,armhf,arm64] https://http.kali.org/kali kali-bleeding-edge main contrib non-free deb-src https://http.kali.org/kali kali-bleeding-edge main contrib non-free

Last updated 2019-01-07 20:10:06

Source

Install Kali Linux Using Docker

Install Kali Linux Using Docker

Kali Linux Docker

Docker is a great alternative to virtualization, especially in the case of Linux if you don’t need a GUI. Most of the popular Kali Linux pentest tools are command-line based and don’t require a GUI, which makes Docker an excellent alternative. If you’re running Docker on Linux or macOS, it requires less resources than a full blown virtual machine. You can still run it on Windows, but it will use more overhead than Linux and macOS. Offensive Security has created a kalilinux/kali-linux-docker bare bones image, which is what we’ll use to get started.

Install Kali Linux Using Docker

This article assumes you already have Docker installed and running. You can find more information at Docker.com.

Run the following commands to pull the most recent Kali Linux Docker Image, create the Docker Container and start /bin/bash in that container:

docker pull kalilinux/kali-linux-docker
docker run -ti kalilinux/kali-linux-docker /bin/bash

Update Kali Linux

After running the commands above, you’ll be at the /bin/bash prompt. You’ll want to run the following commands to update the Kali packages:

apt update
apt full-upgrade
apt autoremove
apt clean

Install Kali Metapackages

Since the image we used above is bare bones, you’ll want to install some Kali Metapackages to get the tools you need. Kali keeps a list of common Metapackages here: https://www.kali.org/news/kali-linux-metapackages/.

Let’s get started by installing these common Metapackages:

apt install kali-linux-top10
apt install kali-linux-wireless
apt install man-db
apt install exploitdb

Create Local Docker Image After Updates Install

Once you get your updates and packages installed, you’ll want to create a local Docker image.

Type exit to exit the /bin/bash shell.

To get a list of all your Docker containers, run this command:

docker ps -a

Copy the CONTAINER ID, which will look similar to this: 0dd01659d8dd

Now we’ll want to run to create a Docker imaged names my-kali (change it to what you want):

docker commit CONTAINER_ID my-kali

Depending on what you installed, this step could take a while.

Docker Persistance

You’ll probably want to save the data in the /root and /var/lib/postgresql directories so that you can save any data in those directories if your container is deleted.

To start a new Kali Docker container using the image we just created, you’ll want to use this command:

docker run -ti –rm –mount src=kali-root,dst=/root –mount src=kali-postgres,dst=/var/lib/postgresql my-kali

  • This will create (or re-use them if they’re already created) two volumes named kali-root and kali-postgres and map them to the created container.
  • The –rm switch makes Docker delete the container once you exit the shell. This is preferred so that you don’t waste storage on a bunch of stopped containers.

You can put this command into a script to run so that you don’t have to type the whole thing every time you want to start your Docker container.

Docker Cleanup

Use the following command to delete all stopped containers:

docker container prune

You can use docker rm CONTAINER_ID to delete individual containers.

Source

How To Use Armitage On Kali Linux To Hack Windows Machine


Hi Friends Today I Will Tell You How To Use Armitage On Kali Linux To Hack Windows Machine..So Let’s Start ..First You Must Know What Is Armitage??

Network Exploitation

Computer network exploitation (CNE) is a technique through which computer networks are used to infiltrate target computers’ networks to extract and gather intelligence data. It enables the exploitation of the individual computers and computer networks of an external organization or country in order to collect any sensitive or confidential data, which is typically kept hidden and protected from the general public.

what is armitage?

In simple term,armitage is the GUI of the metasploit framework. Armitage is a scriptable red team collaboration tool. It has a server component to allow a team of hackers to share their accesses to compromised hosts. It’s also possible to write bots that connect to this team server and extend Armitage with scripts written in a language called Cortana.

To start Armitage in Kali Linux, open a terminal and type:

armitage

Then accept the default values:

You will probably get a popup asking to start metasploit, click yes

you should now see the following:

Dont worry about the connection refused it just takes a while to load.

Now armitage will boot up if it asks you for the attack computer IP enter your IP Address.
Navigate to the Hosts tab > Nmap Scan > Quick Scan (OS Detect)

From here armitage will scan a range or a sigle IP Address of your choice then present it in the black window. Right click the target and click Scan

When the scan is complete expand the exploit > windows > smb and double click the ms08_67_netapi

This will bring up an attack confirmation window check the details and click launch

Confirmation of a successful exploit will look like this:

You can now right click the target and perform multiple commands

here is an example of the Interact “remote command shell

Source

Install Windows Subsystem for Linux (WSL) on Windows 10

  • 07/23/2018
  • 2 minutes to read

In this article

Install the Windows Subsystem for Linux

Before installing any Linux distros for WSL, you must ensure that the “Windows Subsystem for Linux” optional feature is enabled:

  1. Open PowerShell as Administrator and run:

    Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

  2. Restart your computer when prompted.

Install your Linux Distribution of Choice

To download and install your preferred distro(s), you have three choices:

Windows 10 Fall Creators Update and later: Install from the Microsoft Store

This section is for Windows build 16215 or later. Follow these steps to check your build.

  1. Open the Microsoft Store and choose your favorite Linux distribution.

    View of Linux distros in the Microsoft Store

    The following links will open the Microsoft store page for each distribution:

  2. From the distro’s page, select “Get”

    View of Linux distros in the Microsoft store

Complete initialization of your distro

Now that your Linux distro is installed, you must initialize your new distro instance once, before it can be used.

Troubleshooting:

Below are related errors and suggested fixes. Refer to the WSL troubleshooting page for other common errors and their solutions.

  • Installation failed with error 0x80070003

    • The Windows Subsystem for Linux only runs on your system drive (usually this is your C: drive). Make sure that distros are stored on your system drive:
    • Open Settings -> Storage -> More Storage Settings: Change where new content is saved Picture of system settings to install apps on C: drive
  • WslRegisterDistribution failed with error 0x8007019e

  • The Windows Subsystem for Linux optional component is not enabled:

  • Open Control Panel -> Programs and Features -> Turn Windows Feature on or off -> Check Windows Subsystem for Linux or using the PowerShell cmdlet mentioned at the begining of this article.

Source

Kali Linux – An Ethical Hacker’s Cookbook

More Information

Learn
  • Learn how to install, set up and customize Kali for pentesting on multiple platforms
  • Pentest routers and embedded devices
  • Get insights into fiddling around with software-defined radio
  • Pwn and escalate through a corporate network
  • Write good quality security reports
  • Explore digital forensics and memory analysis with Kali Linux
About

Many organizations have been affected by recent cyber events. At the current rate of hacking, it has become more important than ever to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2018.4 / 2019), in addition to covering the core functionalities.

The book will get you off to a strong start by introducing you to the installation and configuration of Kali Linux, which will help you to perform your tests. You will also learn how to plan attack strategies and perform web application exploitation using tools such as Burp and JexBoss. As you progress, you will get to grips with performing network exploitation using Metasploit, Sparta, and Wireshark. The book will also help you delve into the technique of carrying out wireless and password attacks using tools such as Patator, John the Ripper, and airoscript-ng. Later chapters will draw focus to the wide range of tools that help in forensics investigations and incident response mechanisms. As you wrap up the concluding chapters, you will learn to create an optimum quality pentest report.

By the end of this book, you will be equipped with the knowledge you need to conduct advanced penetration testing, thanks to the book’s crisp and task-oriented recipes.

Features
  • Practical recipes to conduct effective penetration testing using the latest version of Kali Linux
  • Leverage tools like Metasploit, Wireshark, Nmap, and more to detect vulnerabilities with ease
  • Confidently perform networking and application attacks using task-oriented recipes
Page Count 472
Course Length 14 hours 9 minutes
ISBN 9781789952308
Date Of Publication 29 Mar 2019

Authors

Himanshu Sharma

Himanshu Sharma has been active in the field of bug bounty since 2009, and has been listed in Apple, Google, Microsoft, Facebook, Adobe, Uber, AT&T, Avira, and many more with hall of fame listings as proof. He has been a speaker at multiple international conferences, including Botconf ’13, Confidence 2018, RSA Asia Pacific and Japan ’18, and Hack In The Box 2019. He also spoke at the IEEE conference in California and Malaysia, as well as for TedX. Currently, he is the cofounder of BugsBounty, a crowd-sourced security platform for ethical hackers and companies interested in cyber services. He has also authored the following books: Kali Linux – An Ethical Hacker’s Cookbook, and Hands-On Red Team Tactics.

Frequently bought together:

Source

Deploy Kali Linux on Google Cloud

Configure Kali Linux

Step 1

Open Kali Linux OVA in Virtual Box.

Login to Kali Linux with the username: root, password: toor

Change the root password

Step 2

Enable SSH with the following command:

apt-get install openssh-server

Configure OpenSSH service:

Open config file: nano /etc/ssh/sshd_config

Change #PermitRootLogin prohibit-password to PermitRootLogin yes
(save file)

Enable SSH service: update-rc.d ssh enable 2 3 4 5

Step 3

Configure anything else you would like such as VNC or any other tools. Make sure you set your VM’s system resources such as CPU and RAM, these will translate directly to Google Compute Engine.

Shut down your Kali Linux VM.

Upload Kali Linux Image to Google Cloud

Step 1

First we must create a Google Cloud Storage bucket to upload the instance to.

To do this, run the following command:

gsutil mb gs://ImageStore/

*Feel free to name your bucket anything you want.

Step 2

Now all we have to do is upload the image into the bucket. To do this we first need to navigate where your VirtualBox image is. The file should end with the extension .vmdk and you can find the direct path under the General section in your VM info within VirtualBox. In this example my image name is KALI

To upload your image, navigate to the folder containing the image and run the following command:

gsutil cp KALI.vmdk gs://ImageStore/KALI.vmdk

Now, just sit back and wait for the file copy to finish.

Source

Learning Kali Linux – Welcome

Unlock the full course today

Join today to access over 15,000 courses taught by industry experts or purchase this course individually.

Course Info

  • Duration: 2h 31m 49s
  • Skill Level: Beginner
  • Released: March 24, 2016
  • Viewers: 58,503

Learn the most in-demand business, tech and creative skills from industry experts.

  • Overview
  • Transcripts
  • View Offline
  • Course details

    Kali Linux is a flavor of Linux targeted at digital forensics experts and penetration (pen) testers. It includes over 400 pen-testing programs, and it is the primary tool used by ethical hackers. Using Kali Linux, certified ethical hackers can test networks on their organizations’ behalves, to see if they’re vulnerable to outside attacks.

    This course will give prospective ethical hackers a short overview of the tools in Kali Linux. Cybersecurity expert Malcolm Shore shows how to set up a virtual environment for testing, configure Kali Linux, and install toolsets for information gathering, vulnerability assessment, password and hash cracking, and target exploitation.

    Because businesses are connected, they are also exposed. Vulnerability testing helps organizations limit that exposure. This course will help you explore the careers, techniques, and tools behind ethical hacking—one of the most competitive and sought-after IT security skills.

    Instructor

    • Malcolm Shore is a cybersecurity expert who spent ten years as a director at New Zealand’s GCSB.

      Dr. Shore was the principal security officer at the Australian National Broadband Network Company and the director of education and community relations for the Australian Information Security Association. He’s currently a technical director at BAE Systems Applied Intelligence, and an educator in the fields of forensics, information warfare, security management, and applied cryptography. He holds a PhD in information security.

      View all courses by Malcolm Shore

  • Welcome

    – [Voiceover] Everyday, we hear of another data breach. Big or small, public or private. In the digital world, business is connected. And that means it’s exposed. I’m Malcolm Shore, and I’ve spent a career helping government and businesses protect their systems. Minimizing the risk of being today’s data breach means testing systems thoroughly, before they go online. And that’s the role of the penetration tester. The tool most commonly used to do this testing is Kali Linux. In this course I’ll explore how we can use Kali Linux to test systems for weaknesses. We’ll look at how to establish a virtual network of systems to use as a learning environment for Kali. And we’ll look at the Kali system and I’ll demonstrate some of the tools provided by Kali for testing system. I’ll start by taking a look at Oracle’s VirtualBox environment. And I’ll build a network of testing target. I’ll then describe to Kali operating system in this extensive set of tools for information gathering and system testing. When you finish this course, you’ll have a great understanding of how to set up a virtual test network, and use it to test systems for vulnerabilities.

    • Introduction Introduction

    Source