KALI Linux - useful links & commands
-
Note: I've tried to include everything (links & commands) but you have to watch the episodes for context.
Also, these are just introductions to tools & commands. It is up to you to look deeper into each in a Legal & Responsible manner.Ben
Show Host: Mike Rodrick
Show Instructor: Sean Philip Oriyano
- Author/Consultant/Instructor
oriyano.com
Books
My notes day 1 - monday
• Episode 1-4: What is, Installing, Configuring KALI Linux & Overview
- Kali.org
Kali tools list
kali meta packages
Custom images for Rasp Pi, Chromebook & more
Metaspliotable 2
VMWare
Virtual Box
Win 32 disk imager
Boot and run Linux from a USB flash memory stick)
HP USB Key Utility for Windows
• commands
- apt-get update
apt-get upgrade
netstat
netstat -abn• Episode 5: Creating a Lab Environment
- Metasploitable 2 tutorial
pwnos: exploitable os
holynix: exploitable os
twiki: exploitable site
Sauron: exploitable
WINDOWS: exploitable machines from NIST
Microsoft virtual hard drives
• commands
- Note: remove brackets from addresses. ALSO Linux IS case sEnSiTivE
Kali default user = root
Kali default password = toor
metaspliotable default user = msfadmin
metaspliotable default password = msfadmin
ifconfig (in linux)
tcpdump -i eth0 (on meta)
nmap -sS (target ip address) (on kali)
• Episode 6 - 7 : Penetration Testing
- Pentesting Standards & documents
Echosec: location based searching
Open Source Intelligence
INFOSEC open source intelligence
Security tools @ SecTools.org
Paterva/Maltego
hping examples
Five Phases Sean mentions
- recon - (footprinting in CEH, information gathering)
scanning
expliotation
maintiain access
reporting
• Episode 7-9: What is Recon, Uncovering Network Info Parts 1 & 2
- nslookup
set type=any
microsoft.com
-
whois microsoft.com
-
fping -a -g (target start add) (target end add) > hosts.txt
-
fping -a -g (target network/24) > hosts2.txt* (ie 192.168.1.0/24)
-
dnsenum -r itpro.tv
-
dnswalk itpro.tv. (make sure to put the last "dot/period" for fully qualified name.
-
p0f -i eth0 (enter)
open browser, go to a site (itpro) then back to console to see the whole conversation
note: this did not work for some people from vm.
you can try it in Windows from the command line but I recommend installing Kali on a dual or multi bootable system.• Episode 10-12 : Website Recon, Uncovering Network Info parts 1&2
- wget -m -p -E -k -K -np -v www.itpro.tv
-
lbd (site name)
-
theharvester -d Microsoft.com -l 500 -b google
-
urlcrazy -k qwerty -r Microsoft.com
-
metagoofil -d kali.org -t pdf -l 100 -n 25 -o kalipdf -f kalifiles.html*
• Episode 13: What is Network Scanning
- wget -m -p -E -k -K -np -v www.itpro.tv
• Episode 14: Checking for Live Systems
- nmap -sP (net add)
fping again
apt-get install masscan (not installed be default)
masscan "-p1-1024" (add)
unicornscan -i eth0 (add)
netdiscover
• Episode 15: Enumeration
- miranda
msearch (in miranda. looks for uPnP)
dmitry -winsepfb -t 1 (add)
enum4linux (add)r*
• Episode 17-18: Cracking passwords part 1 & 2
- The Hacker Warehouse
tools mentioned
Hydra
cewl*
• Episode 19: After Gaining Access
- dsniff
netcat
nc
cryptcat*
• Episode 20 - 21: Using Sniffers part 1 & 2
- wireshark
etherape
driftnet -i eth0
dsniff
urlsnarf
macof*
• ***Episode 22: Social Engineering Tookit (SEC) ***
- You have to watch the episode*
• Episode 23: Web Applications
- wireshark
etherape
driftnet -i eth0
dsniff
urlsnarf
macof*
• Episode 24 - 27: Web Application Tools parts 1 - 4
- 24 looked at the Kali tools. watch the episode
25 vega, webscarab,
26 nikto, owasp zap, burb suite
27 w3af, GoLismero*
• Episode 28: SQL injection
- You have to watch the episode*
• Episode 29: Wireless Networks
- Talk about wireless, not leaving defaults, misconfiguration, vulnerabilitites, different standards*
• Episode 30: Wireless Attacks & Tools
- Note: Kali in a VM does not automatically see or use your wireless card.
aircrack-ng
bully
cowpatty (pulls stuff from pcap files)
fern Wifi Cracker
kismet
btscanner
bluesnarfer
bluemaho (gui)
redfang*
• Episode 31: Honeypots, IDS's & Firewalls
- firewalk*
• Episode 32: Reports
- You have to watch the episode*
- Author/Consultant/Instructor