KALI LINUX II
Welcome to the second part of our two-part series on Kali Linux. In the first part of this series, we introduced Kali Linux, how to download and install it (you can view the article here). In the second part of this series, we would provide a brief list of the most used Kali tools, what they do, and the basic commands for starting these tools.
Before we begin, a brief introduction to Kali. Kali Linux is a Debian-based Linux operating system aimed at advanced Penetration Testing and Security Auditing. Kali contains hundreds of tools geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics, and Reverse Engineering.
With the introduction taken care of, we’d consider some of the most used tools on Kali Linux.
Let’s login!
- Nmap – As Kali Linux is a hacking and penetration testing operating system, it is a no-brainer we have Nmap. Nmap (Network Mapper) is one of the most used tools on Kali Linux. It is used to discover hosts and services on a computer network by sending packets and analyzing the responses. In simpler terms, it is used to perform reconnaissance on a network, to gain insights on the hosts on the network, the IP Addresses/range, OS detection, open ports and many more. This should by default come installed with your Kali Linux installation. However, if your Kali Linux installation does not have Nmap, here is the command to download it – apt-get install nmap.
2. Wireshark - Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development. This tool basically allows you to eavesdrop on a network and monitor the traffic being transmitted between applications/hosts and servers. It is the most popular network analyzer and sniffing tool and it comes pre-installed with Kali Linux. Here is the command to download it – apt-get install wireshark.
3. Metasploit Framework – We cannot talk about Kali Linux without talking about Metasploit! This is the most popular penetration testing framework available. It comes in two versions – open-source (free to download and install) and the professional version. This framework gives penetration testers the tools to discover vulnerabilities on networks, exploit them and assess the security posture of the network. Metasploit should come pre-installed with your Kali Linux. however, if your installation does not have Metasploit, you would have to download and install PostgreSQL, as Metasploit depends on it for database connections. Here is the command to download and install Postgresql – apt-get install postgresql, upon the successful installation of postgresql, we install Metasploit with the following commands:
- curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \
- chmod 755 msfinstall && \
- ./msfinstall
4. Nessus – Nessus is a widely-used tool for vulnerability assessments for both infrastructure, web and mobile applications. This tool is used to find vulnerabilities existing on a host or application that a potential attacker may take advantage of. If you have a host connected to a network, Nessus can scan the host for vulnerabilities and determine the potential target surface area. It also has a very detailed reporting feature that gives you the option of exporting the vulnerability assessment scans as a CSV or HTML file. Unfortunately, this tool is not free, however, it comes with a 7-day free trial from its official website.
5. Burp Suite Scanner – This is arguably the most popular web application security analysis tool. It was developed by Portswigger and provides a very intuitive GUI for running security scans. It is used as a proxy, so all the requests from the browser with the proxy pass through it. As requests pass through it, we can manipulate and replay these requests. Like Nessus, this application is licensed, however, it comes with a community edition; which is basically a stripped-down version of the licensed application. Here is the command to install the community edition of Burp Suite - apt-get install Burpsuite.
6. APKTool – This is one of the popular tools for reverse engineering android applications. This tool gives testers the ability to decompile an apk. Here is the command to install APKTool – apt-get install apktool.
7. John the ripper – This tool is a great solution for cracking passwords. It makes use of popular brute force techniques like dictionary attacks or custom wordlist attacks. John the rupper can be installed by entering the "apt-get install john" command.
8. SQLMap – This tool like the name implies was designed around SQL, specifically, for SQL injection attacks. It basically automates the process of performing an SQL injection attack. It goes a step further than other SQL injection tools, as it automatically detects the database configured for an application i.e. the tester just provides the URL of the application to be tested. Here are the commands to install SQLMap:
- wget 'https://github.com/sqlmapproject/sqlmap/tarball/master' --output-document=sqlmap.tar
- tar -xvf sqlmap.tar.gz
- cd sqlmapproject-sqlmap-6b7c3a2/
- python sqlmap.py –version
9. Netcat – This is a networking tool like nmap. It is used to perform actions like port scanning, port listening, or port redirection. Here is the command to install Netcat – apt-get install netcat.
10. Nikto – This is CLI (Command Line Interface) tool used to identify vulnerabilities on webservers. It scans for dangerous files/CGIs, outdated server software and server configuration items. Here is the command to install Nikto – apt-get install nikto.
