Internet Windows Android
Expand
home

Kali linux software overview. Best Kali Linux tools

: penetration testing, a book suitable for use by both novices and already experienced administrators and information security experts for the purpose of auditing the security of IT infrastructure. The book consists of 8 parts, which include 62 chapters with a detailed description of the tools used and testing methods.

The book is a systematic collection that includes translations of English-language resources, books and websites dedicated to the topic. penetration testing and the authors' own experience.

Official description for the book:

Kali Linux is cutting edge Linux distribution kit for penetration testing and security auditing. The information in this book is intended for reference only or penetration testing of our own tei.

To test third party networks, get written permission.

"Penetration testing (jargon Pentest) - a method for assessing the security of computer systems or networks by means of simulating an attacker. "- WiKi.

All responsibility for the implementation of the actions described in the book rests with you. Remember that unlawful actions are subject to liability, including criminal liability.

The book consists of 8 pieces which include 62 chapters... Everything is explained in detail using examples. The book uses the most relevant information to date.

1. General information and installation of Kali Linux

  • What is Kali Linux?
  • How to install Kali Linux: detailed instructions for installing on a computer and in a virtual machine
  • Installing VirtualBox Guest OS Add-ons for Kali Linux 2.0
  • How to install Kali Linux on a USB stick and on an external drive (easy way)
  • 10 best tips for what to do after installing Kali Linux 2.0
  • VMware Tools in Kali Guest
  • How to enable VPN on Kali Linux - resolving the problem of not being able to add VPN
  • Checking and restoring repositories in Kali Linux from the command line
  • How to change the desktop environment in Kali Linux
  • How to add / remove regular (non-root) user in Kali Linux
  • How to reset root password in Kali Linux
  • Restoring GRUB in Kali Linux after upgrading to Windows 10
  • Increasing your anonymity on the Internet with Tor in Kali Linux

2. Overview of Kali Linux tools

  • An overview of the Kali Linux tool sections. Part 1. Brief description of all sections
  • An overview of the Kali Linux tool sections. Part 2. Tools for collecting information
  • Best hacking software
  • Exploit Database from Offensive Security (creators of Kali Linux)

3. Wireless Penetration Testing

  • Best Kali Linux USB Wi-Fi Adapters
  • Hacking Wi-Fi password (WPA / WPA2) using pyrit and cowpatty in Kali Linux
  • Cracking Wifi WPA / WPA2 Passwords Using Reaver
  • Modification of the Reaver fork - t6x - to use the Pixie Dust attack
  • Cracking WPA2 / WPA passwords with Hashcat in Kali Linux (Wi-Fi password brute-force attack)
  • Wifite mod with Pixiewps support
  • Hacking Wi-Fi networks: tools that didn't make it to Kali Linux
  • Router Scan by Stas'M on Kali Linux (industrial-scale hacking of routers and Wi-Fi)
  • Fixing Wifi_Jammer and Wifi_DoS in WebSploit
  • Wireless stress test with Wifi_Jammer: how to jam Wi-Fi
  • Wireless Stress Test with Wifi_DoS: How to Deliver Wi-Fi

4. Network stress tests

  • Network stress test (website DoS) with SlowHTTPTest in Kali Linux: slowloris, slow body and slow read attacks in one tool
  • Network Stress Test: Website DoS in Kali Linux with GoldenEye
  • Network stress test with Low Orbit Ion Cannon (LOIC)
  • Network stress test: DoS using hping3 and IP spoofing in Kali Linux

5. Analysis of vulnerabilities in web applications

  • WhatWeb tutorial: how to find out the site engine in Kali Linux
  • SQL Injection: A Simple Explanation for Beginners (Part 1)
  • Using SQLMAP on Kali Linux: Hacking Websites and Databases via SQL Injection
  • Hacker plugins for Firefox
  • Scanning for WordPress vulnerabilities: WPScanner and Plecost
  • New version of Plecost 1.0.1 - WordPress vulnerability scanners
  • Working with W3af in Kali Linux
  • ZAProxy: Web Application Penetration Testing
  • How to run Metasploit Framework in Kali Linux 2.0
  • How to run Metasploit Framework in Kali Linux 1.1
  • Metasploit Exploitation Framework and searchsploit - how to search and how to use exploits
  • DIRB: Find hidden directories and files on websites
  • Search for admin sites with Kali Linux

6. Analysis of vulnerabilities in operating systems and server software

  • Vulnerability Scan with OpenVAS 8.0
  • Armitage tutorial: automatic search and check for exploits in Kali Linux
  • How to scan Linux for rootkits with rkhunter
  • Linux Security Audit
  • Installing Linux Malware Detect (LMD) on Linux
  • How to FIND Windows password?

7. Scanning networks. Interception of data in networks

  • Emulating a network of multiple computers on one computer
  • How to use the NMAP security scanner on Linux
  • Nmap book in Russian
  • Cracking website password using WireShark (and protecting against it)
  • FTP-Map: identifying software and its version for FTP servers and looking for exploits for them
  • ZMap or How to scan all IPv4 addresses of the world in 45 minutes
  • 8. Attacks on passwords. Brute force
  • Dictionary attack wordlists: passwords, usernames, directories
  • PW-Inspector: we select passwords that match the criteria
  • THC-Hydra: Very Fast Network Login Hacker (Part One)
  • Brute force websites with Hydra (part two of the Hydra tutorial)
  • Crunch - password generator: basic usage and practical examples
  • BruteX: a program for automatic brute-force of all services

JavaScript is disabled in your browser

Hacking with Kali Linux

Why Kali Linux?

With Kali Linux, hacking becomes much easier because you have all the tools (over 300 preinstalled utilities) you need to do it. In addition, you can easily download additional programs. This guide will help you get the hang of it, and you won't notice yourself getting started with hacking.

The problem with newbies

I have been in contact with newbies for a long time. They usually need magic. A simple tool that works under Windows, which can be downloaded by searching in Google and clicking on the first link, and which will do everything automatically, and the user only needs to click on a button. Unfortunately, there are no such tools. Hacking is an art and it takes years of practice to master it. Where do you start? It's okay to have no idea about hacking, but you can't be a complete layman who just has a computer. By a beginner, I mean a user who is not familiar with programming and hacking methodologies, not someone who needs an entire manual just to download a tool. If you want to be a hacker, you have to work hard. So how do you get on this path? If you have already installed Kali Linux,.

Beginning of work

I'm not going to bore you with theory (as if it weren't all theory). My goal is to get you to the point where you can start hacking with Kali Linux as soon as possible. So I'll just tell you what to do. The process is pretty simple:

  • If you do not know what Kali Linux is, go to and get an initial introduction to this system.
  • If you haven't already, open

    Hidden from guests

    And download the Kali Linux ISO file ..

Now the real difficulties begin

If you have no experience with Linux, virtual machines and other such things, installing and running Kali Linux is a little more complicated. You have 2 options:

1. Read the official Kali documentation

From it you will learn what a virtual machine is, how to run an OS from a USB drive, as well as how to create a partition and install 2 OSs on a computer at once. This is what I recommend.

Hidden from guests

.

2. Read my edited version of Kali documentation

The second option is to check out these posts, which are a slightly modified version of the Kali documentation. This will save you a little time as there is a lot of additional information in the official text that you don't need to know ... yet. I give links to them here:

  • Detailed step-by-step guide to installing Kali Linux on VmWare (note: in writing)
Command line interface

If you are really sure you want to become a hacker, it will take some getting used to linux and, in particular, the command line interface. It is often compared to the Windows command line, but the Linux terminal is much better and more efficient. You have to do all the usual tasks on the Linux command line. Use cd to navigate, poweroff to shutdown your computer, and so on.

The site will help you study all the commands.

Hidden from guests

.

The materials on this site will keep you busy for a whole month, but you can move forward gradually. The first few tutorials here are written with the assumption that the reader is not very familiar with the command line.

Several useful commands:

If you don't plan on learning all of the linux commands, here are some helpful things to keep you afloat.

  • The standard username and password are "root" and "toor".
  • Enter "poweroff" into the terminal to turn off the computer.
  • The "apt-get" command can be used to install tools and updates.
  • "Apt-get update" and "apt-get upgrade" will update all programs installed on your machine.
  • "Apt-get dist-upgrade" will install the latest Kali distribution (ie upgrade your OS).
Note: Pressing the Tab key while typing will make Kali complete the words for you. Pressing Tab twice will display all possible endings of the incomplete word. Ctrl + c stops any running tool. Pressing the up arrow shows the last command entered.

Once you've gone through all the steps above and have learned how to work in your new environment, it's time to get started with some real hacking with Kali Linux. I would recommend hacking wifi first, then doing penetration testing, and reading up on denial of service attacks in your spare time. You can find links below.

Today we continue to get acquainted with the operating system created for pentesters. Backtrack, and now Kali linux is of interest to many, but not everyone has experience with Linux systems. In this article I will try to tell you what to do after booting Kali Linux and how to use it.

Running Kali linux

First, let's take a look at the launch of this distribution. There are options depending on whether you are running Kali from a DVD, flash drive, or installed on a hard drive. Launching from DVD may be needed for informational purposes only, since after a reboot the changes are not saved, so I will not dwell on this option. I do not recommend installing Kali as the main system, since this is a very narrowly focused distribution and there is no point in using it on a daily basis. Starting from a flash drive is optimal, since in case of modification (for example, installing updates), all changes are saved and you can run Kali on any computer.

Launching from a USB stick is not much different from launching from a DVD. You need to go to the BIOS of your computer / laptop and put the USB flash drive as the first device in the boot priority list. This list is displayed differently on different computers, so you have to find it yourself. The second option, when starting the computer, call up the list of devices to boot. This is usually done with the F8, F11 or F12 keys. But in any case, the flash drive must be inserted before you turn on the computer / laptop.

Boot options

There are 3 options for booting Kali linux. The first is the regular download, which we use most of all. The next one is safe mode (Failsafe), we use it when we cannot boot in the usual way. The most interesting download mode is Forensic mode. This is a mode for forensic analysis, the essence of the mode is that the operating system does not leave traces on a running computer (for example: it does not mount disks automatically, does not use swapped partitions, etc.). If you do not understand why this is needed, do not go there.

After loading

Kali linux is loaded into the GUI by default, but sometimes a console may appear in front of you and the computer will wait for a command. It's okay, just start the graphical environment with the "startx" command.

If you need to enter a password, then in Kali linux the root user and the password toor are set by default.

It is very important to work with an updated system, so the first thing you should do is update the software. To do this, go to the terminal (Terminal program) and execute 2 commands in turn:

apt-get update
apt-get upgrade

From time to time we will be asked whether we really want to install this or that package - we agree by pressing the Y button.

To make programs work

Many programs that I described in the Kali Linux review require running daemons for their work (in Windows, these are called services), so in Kali they are stopped by default and you can start them from the Kali Linux → System Service menu

Do not forget to connect to the network, fortunately in Kali this is done using the Network manager, which is usually located on the taskbar.

Additional programs can be installed using "Add / Remove Software", it is located in the System Tools menu.

How to work in terminal (console)

Despite the fact that in Kali the graphical environment is made for five-plus, we still have to work with the command line quite often. For this we have the "Terminal" program (although you can install another program for this purpose).

First, install "MC", which is a great command line file manager.

You can install it with the command:

apt-get install mc

Great, now let's talk about the specifics of working in the Linux command line. First, remember the following:

  • Case matters, Folder and folder are not the same!
  • The graphical environment treats folders and files starting with a period (example: .folder) as hidden files.
  • If you start to enter a command and press Tab, the computer will add it if there is only one option or will offer a list of options, if any.
  • The terminal saves the history of your commands, you can scroll through previously typed commands with up and down arrows.
  • To interrupt the execution of a command, you can use the key combination Ctrl-C, Ctrl-D and Ctrl-Z.
  • To get a detailed manual for almost any program, you can use the "man" command, for example man ls will show the manual for the ls command

This is the kind of information that can help a newbie to Linux, but at the same time I assume that you know how to work in the Windows console

Actually, that's all, this information is enough to start working with Kali linux, and read the rest in the following articles.

Offers an already established list of penetration testing programs and utilities. From the menu on the top right, you can see that they are already grouped by purpose in the drop-down menu. Divided into 13 groups by purpose, item 14 - applications for everyday tasks: player, defragmenter, opiskovik, dictionary. In general, everything that makes Kali not just a hacking tool, but also a normal OS for the usual work.

You can expand the list of special utilities:

With each new version, the list in each group is replenished. Let's start in order and with a quick overview. All the same, you will have to consider some on separate examples, and some you will never touch due to "obsolescence". As you expand the groups and subgroups, you will notice that most of them are decorated with the Kali icon. This means that this is a tool that understands only special commands and is launched from a terminal window. Its execution will be expressed as batch. And the first launch is almost always accompanied by a list of command attributes in the form of help.

Information gathering - gathering information

The tools collected here facilitate the collection of data about the selected victim. Basically, here are collected programs that determine the type of device of the victim and the protocols used for connecting to the network. The flagship among the presented tools is Dmitry.

Vulnerability Analysis - analysis for vulnerability

The tools in this section are focused on exposing system vulnerabilities. You start using the utilities from this section after “working” with those that you know from the previous one. Apps are scanned for kodo-bloopers and stress resistance.

Web Applications - web applications

These tools are used to audit and exploit () vulnerabilities in web servers, and you can also find web tools for network services. But not only that. Proxy servers can also be found here. The most popular program on the list is, of course, BurpSuite: Internet traffic proxying and analysis.

Database Assessment

The tools for testing SQL are grouped here.

Password Attacks - password attacks

As the name implies, the main purpose of the utilities is a brute-force attack and offline dictionary selection. There are utilities for extracting passwords from hashes. The brightest representative of the group is John The Riper (John-the-Riper or simply John).

Wireless Attacks - attacks on wireless networks

The utilities from here are for vulnerabilities found in wireless protocols. All the most famous utilities and scripts that will allow us to infiltrate someone else's signal are collected in this directory. Some of them are already outdated, some have a certain potential. But besides, as expected, WiFI hacking, here you can find utilities for working with Bluetooth devices and chips that are sewn to us in supermarkets.

Exploitation Tools - exploit tools

The tools from here are used to exploit system vulnerabilities and analyze the presence of these same vulnerabilities for the selected target. The purpose of these tools is to show how a discovered vulnerability can be exploited. This is where the Metasploit environment lies - it does not require presentation.

Sniffing and Spoofing - Sniffing and Spoofing

These Kali Linux programs are used to manipulate network packets, study protocols, capture these packets and, finally, web spoofing (deceiving the system by inserting data and then capturing the victim's data). Shark - She is Wireshark - the most popular tool in the section.

Post Exploitation - Securing Success

Utilities of the category are used if a hacker has managed to "hook" on a compromised system or network. After all, it is not uncommon for compromised systems to be detected by repeated pinpoint strikes through alternative paths and paths. If the attack succeeds once, the hacker will definitely consolidate the success and trample the constant path to the victim. Section tools are activated inside the victim's application or server.

Reverse Engineering - reverse engineering

As part of this blog with a tricky name, Kali Linux programs are hidden, which are designed to disable debugging and executable programs and utilities. The main purpose of these programs is to analyze how the program works so that it can be copied, corrected, given a slightly different look ... pass off as your own in a week. ). These programs are also successfully used to analyze malicious utilities in order to see firsthand what harm and in what place they do. This means that it will be useful for software developers to find security holes in their programs.

Forensics - assessment

Utilities for monitoring and analyzing network traffic and applications. They are actively used to analyze the operation of the application for the presence of traces of malware or to investigate the sources and places of intrusion of the intruder.

Reporting Tools - reporting tools

These utilities use a technique to collect and display information found during the infiltration process.

System Services - system services

These are the internal utilities of Kali herself. From here services and processes can be shut down and started. Collected into groups BeEF, Dradis, HTTP, Metasploit, MySQL, and SSH.

Read: 550

Returning to the issue of information security, this year the well-known distribution kit specializing in testing information systems for the strength of BackTrack linux returned to the Debian platform and became known as Kali Linux. I don't know why this was done, but it's worth downloading and trying it.

Kali Linux Review

To begin with, Kali Linux is also a "live distribution" and is designed to run from a DVD or flash drive. It can also be installed on the disk of your computer or laptop, but it is contraindicated to make it the main system. The developers state that Kali will normally support the ARM architecture, which will allow it to work on tablets and phones, well, we will check this later when the launch manuals appear on these devices.

The developers claim that Kali Linux is a step up from BackTrack towards stability and a selection of software.

You can download Kali on the official website, it is freely available and perfectly stretches as a torrent file.

Everything in the menu is well thought out, the main "hacking" tools are collected in one place and divided into groups. I'll try to tell you about the composition of Kali linux programs (relevant for version 1.0.4).

Information gathering

This section of the menu combines programs and utilities to collect information about the target infrastructure. With their help, you can accurately determine which nodes and services are running on the network, which operating systems are installed and how the network is protected. This is a very important part of an infrastructure attack, so I'll cover all the submenus in detail.

  • DNS Analysis (12 programs) This section contains programs for analyzing the DNS service, they are useful for studying the attacked infrastructure. For example, DNSmap and Nmap allow you to use DNS servers to map your target infrastructure.
  • The IDS / IPS Indentificator group of programs allows you to identify and counteract intrusion detection systems, which are very popular in the corporate segment and are designed to alert system administrators of an attack on their infrastructure.
  • Live Host Identificator (25 programs and utilities) has collected tools for identifying hosts on the network, these programs allow you to detect and identify computers and other active equipment on the network. This is necessary in order to select the right tools for the attack and determine its vector.
  • Network Scanners is a set of programs that continues to solve the problem of footprinting (English Footprinting, drawing up a map of the security infrastructure - the number of nodes, their roles, types of operating systems, services running on the network, etc.). They help build a network map.
  • OS Fingerprinting has collected almost the same utilities that were in the Network Scanners menu and this is not surprising, since these utilities solve the same problem, but this time we are hinted that they can be used to determine the OS version on the target host.
  • The OSINT Analysis menu is difficult enough to explain, suffice it to say that wikipedia decoded OSINT for me as Open source intelligence (OSINT). One of the intelligence disciplines in American intelligence. It includes the search, selection and collection of information obtained from publicly available sources and its analysis. In the intelligence community, the term "open" refers to the public availability of a source (as opposed to classified and limited use sources), it is not associated with open source or public intelligence. " This menu is intended for traffic analysis and drawing conclusions regarding its composition. For example, CaseFile gives you the ability to quickly add, link and analyze data about the interaction of real people and groups when working on a project or working in the same institution / department. Or, for example, Metagoofil is an information gathering tool designed to extract the metadata of official documents (PDF, DOC, XLS, PPT, DOCX, PPTX, XLSX) belonging to the target company. I hope you understand the meaning of these utilities, if not, they will be useful to you.
  • Route Analisis - has collected all the same utilities for footprinting, there is nothing special to disassemble here - the menu is translated as route analysis.
  • Service fingerprinting is a collection of utilities that will help you identify the services running at the enterprise. Many of the programs were already in the previous menus.
  • SMB Analysis - programs for analyzing Windows network resources.
  • SMTP Analysis - programs for analyzing the traffic of mail clients (specifically, outgoing SMTP traffic).
  • SNMP Analysis - programs for analyzing devices that support the SMTP management protocol, it can be switches, routers, servers, work printers, stations, modem racks, etc.
  • SSL Analysis - analysis of services using SSL (Secure Sockets Layer). As an example: sslcaudit is a tool for automating SSL / TLS client testing for MITM attack resistance.
  • Telefony Analysis and VOIPAnalysis - a menu consisting of 2 programs. Ace. The program is used to search for TFTP servers, which usually contain configurations for VOIP devices. Enumiax helps to get a list of Asterisk users.
  • Traffic Analysis - programs for analyzing network traffic, for example, p0f allows you to listen to traffic passing through the connected network and determine whose traffic it is, how far is this node, what system is on it, etc.
  • VPN Analysis - consists of 1 ike-scan program and it is needed to analyze VPN based on IPSec and collect hashes for further obtaining identification data by brute force (already in another program).

Vulnerability Analysis

This Kali linux menu is used to analyze vulnerabilities and is divided into several groups.

  • Cisco tools - Cisco is a leading hardware vendor in the corporate sector, so there is a separate section for these devices. In this case, the programs presented here allow vulnerabilities in networks built on Cisco hardware and software.
  • Database Assessment - a menu that has collected programs for searching for vulnerabilities in databases. For example, bbqSQL allows you to search for "blind SQL injection" (google it, didn't translate - it takes a long time to explain). And SqlMAP allows you to automatically search for and exploit SQL vulnerabilities.
  • Fuzzing Tools are specific tools. In general, Fuzzing is a program testing technology, when random data is transferred to the program instead of the expected input data. If the program freezes or terminates, it is considered to be a defect in the program, which may lead to the discovery of a vulnerability. It makes no sense to describe utilities and programs here, since this is a separate and very extensive topic.
  • The Misc Scaners section contains scanners that will help you find vulnerabilities in the system. For example, Lynis can scan a Unix system for software vulnerabilities.
  • OpenVAS is a network security scanner that helps monitor the network for vulnerabilities in nodes.

WEB Applications

The section has collected a set of programs for working with WEB applications. It will be useful for those who decided to try web sites for strength.

  • CMS Indentification combines several programs that will help determine which content management system (CMS) is installed on the site. For example, BlindElephant allows you to determine the version of the CMS, this is very useful and allows you to exploit already known vulnerabilities on not updated sites.
  • Database Explotation - tools for attacking the databases on which the sites operate are grouped here. A simple example: bbqsql allows you to automate the use of blind and semi-blind SQL injection.
  • WEB Application Fuzzers is an analogue of programs from the Fuzzing Tools section, but with a focus on WEB resources. Example: WebSlaeyr is a brute-force program, but it can be used to iterate through POST and GET parameters, search for directories and files that are not referenced, etc.
  • WEB Application Proxies - here we see a set of excellent programs that will allow you to work with traffic that goes between the browser and the server. This is needed often enough. Just read about a tool like Burpsuite in detail and you will understand.
  • WEB Crawlers - I found only one suitable value for this expression, and that is "crawler". What has this menu collected in itself? Here are programs and utilities that help you work with the content of Internet pages. For example: CutyCapt allows you to create screenshots (including full size) of site pages, and Dirb is a content scanner, it is often used as an integral part of a script to brute-force pages. The section is interesting, do not be lazy and read the description of each utility.
  • WEB Vulnerability Scanners is a HUGE set of programs that will help you find vulnerabilities on the WEB resource. We have already seen many programs in the previous menus. It makes no sense to describe them, because they solve a very wide range of tasks.

Password attacks

The menu is a fairy tale. Whatever you do, you will have to solve the problem of authentication and authorization. Breaking passwords is what the programs in this menu solve.

  • GPU Tools combines utilities (there are 2 in the menu) that can brute force hashes and WPA keys using both the CPU and the video card. Very useful utilities, although I doubt they will work out of the box when running Kali Linux from a DVD or flash drive.
  • Offline Attack combines a huge number of utilities for selecting login / password pairs, brute force attacks - in a word, brute force attacks on existing hashes and files (which can be done while disconnected from the target infrastructure).
  • The Online Attack menu contains many programs for online brute-force attacks. A simple example is Hydra, which allows you to sort passwords right on the site.
  • Passing The Hash is a very effective attack, the meaning of which boils down to the fact that we receive the victim's password hash and use it (we do not try to recover the password from it, but we use the hash value for authorization) to log in to the remote service. This works in NTLM and LM authentication cases.

Wireless Attack

Here we are offered tools for attacking wireless networks. One of the most popular areas for beginners (I mean the profession of a pentester).

  • Bluetooth tools - utilities for working with the bluethooth data transfer protocol. Many devices today support this standard and these programs can be very useful.
  • Other Wireless tools - Programs and utilities for working with other networks. This means that they can be used to test non-Wi-Fi networks. For example, KillerBee (the names of the utilities start with ZB, for example Zbconvert) allow you to work with the ZigBee specification and the IEEE 802.15.4 standard (if you don't understand, read the Wiki). Ubertooth - utilities for working with the project of the same name, which produces devices for working with bluetooth.
  • RFID / NFC Tools - a large section dedicated to RFID and NFC technologies, for those who do not know - these are smart cards and radio frequency identification technologies. There are just a lot of programs here, so I will not dwell on them in detail. This is a narrow specialization and should be covered in a separate article.
  • Wireless Tools - what any novice "hacker" dreams of, here are collected utilities for hacking Wi-Fi networks. A simple example is Aircrack-ng, which can crack WEP in minutes, easily arrange DOS for any Wi-Fi device and defeat the invincible WPA.

Explotation tools

Utilities and programs for exploiting vulnerabilities. All the programs presented here are needed in order to use the found vulnerability for their own purposes.

  • Beef XSS Fremework - contains the Beef program. It allows you to organize an attack on a remote system using a web browser running on that system.
  • Cisco Attack - we've already seen these programs in past menus. Allows to attack network nodes built on Cisco equipment.
  • Exploit Database - contains searchsploit, which is needed to quickly find an exploit by description.
  • Metasploit is a great framework, contains a huge database of exploits and allows you to quickly and easily use them. Updated regularly.
  • Network Exploitation is a set of programs for exploiting network vulnerabilities. As an example: ikat is designed for security auditing (read hacking) of “browser controlled environments” such as Kiosks, Citrix Terminals, and WebTV. And, for example, Termineter allows you to search for vulnerabilities in smart meters using the C12.18 and C12.19 protocols.
  • Social Engineering toolkit - contains the se-toolkit (Social Engineering Toolkit (SET)), which is used in "social engineering". The program contains a huge arsenal of tools for manipulating the victim's mind. It is for a person that this type of attack is designed. Making people believe, extracting data - these are the tasks that this program solves. Sometimes it is easier to get the information you are looking for from a person than to hack into a server. The topic is very interesting, I recommend reading about it separately.

Sniffing / Spoofing

A section of the menu dedicated to programs with which you can both listen to someone else's traffic and disguise yourself as other nodes. Let's see what is here:

  • Network Sniffers - network sniffers. Allows you to listen to traffic. There are many programs here, each for a specific case.
  • Network Spoofing - Spoofing, a lot of programs. To make it clearer, I will give a couple of examples. DNSChef - DNS proxy, allows you to redirect traffic at the request of the user to another IP. Parasite6 - allows you to redirect traffic in IP v6 networks to your machine (ARP spoofing).
  • Voice and Surveillance - Google translated this for me as "voice and surveillance." Contains the program msgsnarf, it provides interception of chat messages and can work with the messaging formats AOL Instant Messenger, ICQ 2000, IRC, MSN Messenger, Yahoo Messenger.
  • VoIP Tools is a set of utilities for intercepting voice traffic in VoIP applications.
  • WEB Sniffers - programs and utilities that allow you to intercept traffic from browsers. Most of them work as proxies.

Maintaining Access

Translated as "providing access". This section contains software for working with backdoors.

  • OS Backdoors - Contains such programs as: Cymothoa (injects the backdoor code into an existing process), powersploit (contains a selection of MS PowerShell scripts that can be used to organize backdoors), u3-pwd (A utility to replace the standard preinstalled U3 software on flash drives SanDisc and use it to later run your "malicious code").
  • Tunneling Tools - A set of programs and utilities that allow you to create a "tunnel" in an existing connection, thereby masking the traffic passing through it. For example, ptunnel allows you to create a tunnel using ICMP requests and responses (PINGs).
  • WEB Backdoors - Includes two tools Weevely and WeBaCoo. Both serve to control a compromised system using HTTP traffic.

Reverse Engineering

Reverse engineering software. They help to see how the application works in order to restore its source code. Includes various debuggers and disassemblers.

  • Debuggers - a debugger that allows you to search for errors in programs.
  • Disassembly is a disassembler that converts machine code into program text.

Stress testing

A set of programs for a stress test. Allows you to test various infrastructure components under load.

  • Network Stress Testing - Stress tests for the network. The menu contains many useful programs that allow you to load the network. As an example, macof can create a huge number of packets with different MAC addresses on the network; many switches cannot withstand such a load. By the way, some switches with such a "test" can switch to the hub mode and allow "listening" to someone else's traffic.
  • VoIP Stress Testing - There are a couple of programs here to test VoIP under load. As an example - IAXflood allows you to generate traffic over the IAX protocol (Used in VoIP by Asterisk servers).
  • WEB Stress Testing - contains one program thc-ssl-dos, which allows you to load the WEB server by arranging DoS (Denial of Service) for it.
  • We have already seen WLAN Stress testing - Reaver in another section, but mdk3 will allow you to arrange DoS or DDoS for wireless clients.

Hardware Hacking

A set of programs for working with hardware. There are only 2 sections here:

  • Android Tools is a set of programs for working with devices running Android OS. For example apktool is a program for reverse engineering programs for android (* .apk), and dex2jar can help with decompilation of android applications.
  • Arduino tools - contains only 1 program, Arduino is a software and hardware platform, akin to a designer, using the board of the same name (you can make it yourself) you can easily connect it to a PC and write any program. On its basis, you can make a robot, intelligent lighting, smart home, and anything you like.

Forensics

The translator translated Forensics to me as "forensic", and the composition of the programs in this menu hints that they can be used to conduct investigations. So, let's take a look at the groups of programs in this menu.

  • Anti-Virus Forensics Tools and Digital Anti-Forensics - contains only one program, chkrootkit is used to search for backdoors and rootkits.
  • Digital Forensics - contains a number of programs for "investigations", allow you to carry out an examination and get various data from information carriers. As an example, Autopsy is a digital forensics platform and graphical interface for The Sleuth Kit (TSK) and many other programs. In turn, The Sleuth Kit is a set of utilities for deep analysis of digital media during the examination. In a word - feel like Sherlock Holmes. Requires detailed study and deep knowledge.
  • Forensics Carving Tools - File or Data carving is a cyber forensics term, which means extracting information from undifferentiated blocks or RAW Data. I will not translate, it sounds stupid and incomprehensible on ours. In a nutshell, it allows you to take the source (at least a byte disk image, at least a piece of data from RAM) and rip out the desired file from there according to a certain criterion. Example Foremost - The program scans the disk / disk image for a match of predefined hex codes corresponding to the most common file formats. Then he adds them to the catalog, along with a report on where and how much was seized. Pasco allows you to pull history from the Internet Explorer browser. PEV shows information about executable file or library under Windows, etc.
  • Forensics Hashing Tools - Contains 2 programs, md5deep and rahash2. Both are for calculating the hash of files and text values.
  • Forensics Imaging Tools - the menu contains a huge number of programs for working with disk images and processing data recorded on them.
  • Forensics Suites - contains Autopsy and DFF already known to us. These are frameworks for working with various digital forensics tools.
  • Network Forensics - here we see p0f, a utility for identifying an operating system over a network.
  • Password Forensics Tools - Contains chntpw, a Windows password reset program.
  • PDF Forensics Tools - software for analyzing and parsing PDF files.
  • RAM Forensics Tools - programs that allow you to extract information from RAM (its dump).

That's all, we briefly reviewed the composition of Kali Linux 1.0 programs and now we can choose from this assortment those programs that we like best and continue to study.

Did not find an answer to your question? Look at here
Assembler School: Operating System DevelopmentAssembler School: Operating System Development
The Rust language and why you should eat it Rust where to start programmingThe Rust language and why you should eat it Rust where to start programming
ISCSI Theory and Practice Securing an iSCSI SANISCSI Theory and Practice Securing an iSCSI SAN