Top 25 Best Kali Linux Tools for Beginners (Source)

Kali Linux For Beginners

Glen Maxson Center for Learning in Retirement Spring 2019 What is Kali Linux

• Kali Linux, (first released on the 13th March, 2013) which was formally known as BackTrack, developed by the security firm Offensive Security, is a forensic and security-focused distribution based on Debian’s Testing branch. Kali Linux is designed with penetration testing, data recovery and threat detection in mind. • Kali Linux is free, and has 600+ penetration testing tools included. But first a caution and some advice

• Kali Linux isn’t recommended for beginners. Period. This is the first thing you should learn. It is a Linux Distribution geared towards Security Professionals. • During penetration testing, it is crucial to prepare to stay anonymous. Don’t fool yourself by revealing your own identity while hacking, cover it! Kali Install Modes - Basic Differences (source)

1. Live Mode - boots using the USB drive so we run Kali from USB instead of running our main system. This allows us to inspect the system without worrying about locked/running processes. Live mode does not save changes. If you run reports, generate logs or save any data then it will be wiped when you reboot. Changes are not saved. 2. Live Mode (failsafe) - same as above but a bit more robust in case the system fails. Nicer to your devices. 3. Live Mode (forensic) - nothing loads, runs or happens unless it is initiated by you. USB devices do not auto mount and the internal hard drive is not touched. Nothing happens until you make it happen. Very good for professional forensic work. 4. Live USB Persistence - exactly the same as Live Mode but changes will save. Great for generating reports, logs, dumps and saving data. 5. Live USB Encrypted Persistence - same as above but with encryption. Good for professional uses. 6. Install - install Kali Linux as your main system 7. Graphical Install - graphical version of the above Video 8. Install With Speech Synthesis - speech instructions included 9. Advanced Options - includes MemTest and Hardware Detection Tool And a note about Adding Persistence to a Kali Linux “Live” USB Drive Things To Do After Installing Kali Linux (source) Top Things to do after Installing Kali Linux (source)

Video (23 min.) Top Things to do after Installing Kali Linux (source)

Video Top Things to do after Installing Kali Linux (source)

To login you type: nordvpn login To connect you type: nordvpn connect This connects you to NordVPN. To show settings and modify them type: nordvpn settings

Video Top 25 Best Kali Linux Tools For Beginners (source)

ANONYMITY 25. MacChanger Top 25 Best Kali Linux Tools For Beginners (source)

ANONYMITY 24. ProxyChains Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 23. TraceRoute Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 22.WhatWeb Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 21. Whois Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 20. Maltegoce (Maltego Community Edition) Maltegoce is an intelligence gathering tool which aims to discover and collect data about the target (company or personal) and visualizes that collected data into graph for analysis. Before we are using maltegoce, first register an maltego community edition here: https://www.paterva.com/web7/community/community.php Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 20. Maltegoce (Maltego Community Edition) Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 19. NMAP

Network Mapper (NMap) is a tool used for network discovery and security auditing. My favorite option in NMAP is “–script vuln” it tells NMAP to audit the security of each open port on target using NSE. For example: ~$ nmap kali.org --script vuln To view full list of NMAP features, see the help page instead. ~$ nmap --help Top 25 Best Kali Linux Tools For Beginners (source)

INFORMATION GATHERING 18. Dirbuster / Dirb Top 25 Best Kali Linux Tools For Beginners (source)

VULNERABILITY ANALYSIS 17. Nikto Top 25 Best Kali Linux Tools For Beginners (source)

WEB APPLICATION ANALYSIS 16. SQLiv Top 25 Best Kali Linux Tools For Beginners (source)

WEB APPLICATION ANALYSIS 15. BurpSuite Top 25 Best Kali Linux Tools For Beginners (source)

WEB APPLICATION ANALYSIS 14. OWASP-ZAP Top 25 Best Kali Linux Tools For Beginners (source)

WEB APPLICATION ANALYSIS • 13. HTTRACK Httrack is a website / webpage cloner, from a penetration testing perspective, it is mainly used to create a fake website, or phising in attacker server. Run httrack wizard by typing in the terminal : ~$ httrack

You will be prompted, some configuration needed with guidance. Such as, Project name, Base path of the project, set the URL target and the proxy configuration. Top 25 Best Kali Linux Tools For Beginners (source)

WEB APPLICATION ANALYSIS 12. JoomScan & WPScan JoomScan is a Web application analysis tool to scan and analyze Joomla CMS, while WPScan is a WordPress CMS vulnerability scanner. To check what CMS is installed on a target website, you can use either ONLINE CMS Scanner, or using additional tools, “CMSMap”. (https://github.com/Dionach/CMSmap). Once you know the target CMS, whether it is Joomla or WordPress, then you can decide to use JoomsScan or WPScan. Run JoomScan: ~$ joomscan -u victim.com Run WPScan: ~$ wpscan -u victim.com Top 25 Best Kali Linux Tools For Beginners (source)

DATABASE ASSESSMENT 11. SQLMap Top 25 Best Kali Linux Tools For Beginners (source)

PASSWORD ATTACKS 10. Hash-Identifier and findmyhash Hash-identifier is a tool to identify the different types of hashes used to encrypt data and especially passwords. Findmyhash is a tool to crack encrypted passwords or data using online services. For example we got encrypted data: 098f6bcd4621d373cade4e8326 27b4f6. First thing you are going to need to do is identify the hash type. To do that, launch “hash-identifier” in terminal, and input the hash value on it. Top 25 Best Kali Linux Tools For Beginners (source)

PASSWORD ATTACKS 10. Hash-Identifier and findmyhash Top 25 Best Kali Linux Tools For Beginners (source)

PASSWORD ATTACKS 9. Crunch Top 25 Best Kali Linux Tools For Beginners (source)

PASSWORD ATTACKS 8. John The Ripper (OFFLINE PASSWORD CRACKING SERVICE) John The Ripper is one of the most popular password testing and cracking programs as it combines a number of password crackers into one package, auto-detects password hash types, and includes a customization cracker. In Linux, “passwd” file located at /etc/passwd contains all user information. hash SHA encrypted password of each of the users found is stored in /etc/shadow file. Top 25 Best Kali Linux Tools For Beginners (source)

PASSWORD ATTACKS 7. THC Hydra (ONLINE PASSWORD CRACKING SERVICE) • Hydra is the fastest network login cracker which supports numerous attack protocols. THC Hydra supports these protocols: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST, HTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle Listener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT), SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. • For more depth and detail tutorial about hydra visit my previous article titled Crack Web Based Login Page With Hydra in Kali Linux (https://linuxhint.com/crack-web-based-login-page-with-hydra-in-kali-linux/) Top 25 Best Kali Linux Tools For Beginners (source)

WIRELESS ATTACK 6. Aircrack-NG Suite Top 25 Best Kali Linux Tools For Beginners (source)

WIRELESS ATTACK 5. Fluxion

Evil twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. An evil twin is the wireless version of the phishing scam. Top 25 Best Kali Linux Tools For Beginners (source)

EXPLOITATION TOOLS 4. Social Engineering Toolkit (SET) The Social-Engineer Toolkit is an open-source penetration testing framework designed for Social- Engineering. SET has a number of custom attack vectors such as phishing, spear-phishing, malicious USB, mass mail, etc. This toolkit is a free product by Trustedsec.com. To start using SET, type in terminal “seetolkit”. Top 25 Best Kali Linux Tools For Beginners (source)

EXPLOITATION TOOLS 3. METASPLOIT FRAMEWORK • Metasploit Framework initially was intended to be a maintainable framework which automates the process of exploiting rather than manually verifying it. Metasploit is a popular framework through history, it has rich modules aimed at a variety of targets such as Unix, BSD, Apple, Windows, Android, WebServers, etc. Below, is an example usage of metasploit, exploiting Windows OS using popular NSA Exploit EternalBlue and DoublePulsar. • Video Hacking Windows using EternalBlue on MetaSploit Top 25 Best Kali Linux Tools For Beginners (source)

SNIFFING AND SPOOFING 2. WireShark Top 25 Best Kali Linux Tools For Beginners (source)

SNIFFING AND SPOOFING 1. Bettercap • BetterCAP is a powerful and portable utility to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more. BetterCAP is similar in concept as ettercap, but, in my experience comparing both features, Bettercap WON. • Bettercap is able to defeat SSL/TLS, HSTS, HSTS Preloaded. It uses SSLstrip+ and DNS server (dns2proxy) to implement partial HSTS bypass. The SSL/TLS connections are terminated. However, the downstream connection between client and attacker does not use SSL/TLS encryption and remains decrypted. Top 25 Best Kali Linux Tools For Beginners (source)

SNIFFING AND SPOOFING 1. Bettercap The partial HSTS bypass redirects the client from the domain name of the visited web host to a fake domain name by sending HTTP redirection request. The client is then redirected to a domain name with extra ‘w’ in www or web. in the domain name e.g. web.site.com. This way the web host is not considered as a member of HSTS preloaded hosts list and the client can access the web host without SSL/TLS. The fake domain names are then resolved to real and correct IP addresses by the special DNS server, which expects these changes in the domain names. The downside of this attack is that the client has to start the connection over HTTP due to the need of HTTP redirection. Bettercap is pre-installed on Kali Linux. Top 25 Best Kali Linux Tools For Beginners (source)

SNIFFING AND SPOOFING 1. Bettercap Top 25 Best Kali Linux Tools For Beginners (source)

POST EXPLOITATION AND…. THE BEST TOOL IN KALI LINUX! 1. METASPLOIT FRAMEWORK Top 25 Best Kali Linux Tools For Beginners (source)

POST EXPLOITATION AND…. THE BEST TOOL IN KALI LINUX! 1. METASPLOIT FRAMEWORK Should you use Kali Linux? (source)

1. If you jumped straight to that conclusion without reading the rest of the article, either you already have a strong opinion and I don’t have any chance to make you change that or Kali is not yet for you. In that case, you should consider at first a more mainstream distribution like a plain Debian system or Ubuntu. It will still be time later to install the tools you may need in a more case by case basis. Should you use Kali Linux? (source)

2. If you read the article but skipped the parts containing too much technical jargon, Kali is not for you. Kali Linux could be an amazing teaching tool. But if you go that way, you have to be prepared for a steep learning curve. If you’re a very new Linux user starting from zero or if you just want to use your computer without a headache, there are plenty of general purposes and user-friendly distributions to start with. Why not trying Linux Mint or Zorin-OS? Or maybe another Ubuntu- derivative? Should you use Kali Linux? (source)

3. If you read the article, tried the commands I used, followed the links and searched the terms you didn’t understand— well, congratulations. You’re not just one other “script kiddy”. On the opposite, you apparently are ready to spend countless hours and efforts to make your system work, to understand the fundamentals of computer science and to discover the networking internals. That makes you one of the few new Linux users that could benefit from using Kali. But instead of using it directly on your computer, I would suggest first to install some other Debian-based distribution and run Kali Linux in a virtual machine. That way you could practice your skills without sacrificing your other activities. And…

• Always use your Brain when Hacking. Reset Windows 10 Local Password with Kali Linux Live USB (source)

Make a Kali Bootable USB Drive Reset Windows 10 Local Password with Kali Linux Live USB (source)

Boot with Kali Linux USB Once you have a Kali Live USB, plug it into the USB port of your Windows 10 computer and boot from the USB. You may have to press a special key (e.g., Esc, F2, F12, Del, etc.) during bootup to get the computer to boot from the USB instead of its internal hard drive. Reset Windows 10 Local Password with Kali Linux Live USB (source)

Reset Windows 10 Local Password Reset Windows 10 Local Password with Kali Linux Live USB (source)

Reset Windows 10 Local Password BASIC PENETRATION TESTING CONCEPT WITH KALI LINUX (source)

Three main things you can do with Kali Linux based on the targeted system including: WIRELESS NETWORK HACKING WITH KALI LINUX (source) WIRELESS NETWORK HACKING WITH KALI LINUX (source) WIRELESS NETWORK HACKING WITH KALI LINUX (source) WIRELESS NETWORK HACKING WITH KALI LINUX (source) WIRELESS NETWORK HACKING WITH KALI LINUX (source) WEB APPS HACKING WITH KALI LINUX (source)

Actually, if you passionate on this, you can set up your hacking environment by installing DWVA (Damn Vulnerable Web App) into your Kali Linux. It is a PHP/MySQL web application that has bunch of vulnerable hole. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, and help web developers better understand the processes of securing web applications. You can get DWVA for free on Github here: https://github.com/ethicalhack3r/DVWA. WEB APPS HACKING WITH KALI LINUX (source) WEB APPS HACKING WITH KALI LINUX (source) WEB APPS HACKING WITH KALI LINUX (source) WEB APPS HACKING WITH KALI LINUX (source) WEB APPS HACKING WITH KALI LINUX (source)

SQLMap found 2 databases, but only one among them which is containing sensitive data, such as an admin credential account. That is on “trengkab_trg”. After we have found the databases, there is still another step we should do. That is to find the tables and columns and the final step is to dump the data. I won’t show you how here in this section, using this target. At least you know the basic idea on the attack cycle, and using some tools.