Welcome to STXLUG Livestream

7-20-19

Topic: Kali Linux Introduction

Tutorial

Training

You can take the official Penetration Testing with Kali Linux course and become and Offensive Security Certified Professional. The people who work on Kali Linux setup this course. And the OSCP is an industry recognized certification.

Learn more here: https://www.kali.org/penetration-testing-with-kali-linux/

Downloads

There are various versions of Kali Linux available to download. Chose one that best fits your scenario and use case. There are virtual machine images too if you prefer that.

Learn more here: https://www.kali.org/downloads/

Boot Options

  • Live

This option boots directly into Kali Linux and you can use like any other Live Linux environment.

  • Live (Forensic Mode)

This is the same as the Live environment but the difference is that in this mode Kali doen’t do anything to the host system. So Kali doesn’t mount the computers hard drive. This is a good mode to use when you don’t want to leave a trace of Kali behind.

  • Live USB Persistence/Encrypted Persistence

In this mode you can save files and settings onto the LiveUSB environment. This is useful if you want to continue using Kali on the same USB device. There are 2 options, the non-encrypted option or the encrypted option.

Setting up a non-priviledged user

By default Kali Linux runs as root. Even the most skilled hackers know that this is not a good idea. Why? Well because if you screw up something you will screw it up system wide. So it’s a good idea to setup a non-priviledged user.

Start by creating a new user.

adduser KaliNoob

Then add this user to the sudo users group.

usermod -aG sudo KaliNoob

Extra Software

Meta packages help you get more software in Kali. Sometimes you don’t need a full blown installation of Kali with all the available tools. You can grab the Metapackages to install a set of tools for a specific job.

For example, you can install the password cracking tools with the following command.

apt-get install kali-linux-pwtools

Extra hardware

  1. Wireless antennas You’re going to need a wireless card or adapter that can do wireless monitor mode and packet injection. In my experience wireless cards that have the Atheros chipset are the best supported under any Linux distrobution. Check out this article on the best wireless adapters for 2019. Or check out Hak5 Wifi Pineapple https://shop.hak5.org/products/wifi-pineapple
  1. Bluetooth antennas Just like with wireless adapaters, if you want to do some Bluetooth hacking you will need compatible Bluetooth adapaters.

Bash Aliases

Setting up aliases will save you a bunch of time and make your life so much easier.

Let’s setup an alias for the easy and often used command ls. Let’s say we always want ls to show the files in a list, give file details in human readable form, and show hidden files. The command for that will be

ls -lha

To aliase this command simply add this to you .bash_aliases file.

alias ls='ls -lha'

Now everytime you type ls it will actually be running ls -lha

Final thoughts

Kali linux is a great start to learn penetration testing. It’s probably one of the most recognized Linux distrobutions. But Kali in my opinion should only be used as a tool, not a full blown operating system.

Thanks

Thanks to everyone who joined in and I hope you have a great weekend!

Buy me a coffee!