Kali Linux Revealed
Mastering the Penetration Testing Distribution
Kali Linux
Revealed
Mastering the Penetration Testing Distribution
by Raphaël Hertzog, Jim O’Gorman, and Mati Aharoni
Kali Linux Revealed
Copyright © 2017 Raphaël Hertzog, Jim O’Gorman, and Mati Aharoni
This book is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
➨ http://creativecommons.org/licenses/by-sa/3.0/
1. About Kali LinuxA Bit of HistoryRelationship with DebianThe Flow of PackagesManaging the Difference with DebianPurpose and Use CasesMain Kali Linux FeaturesA Live SystemForensics ModeA Custom Linux KernelCompletely CustomizableA Trustable Operating SystemUsable on a Wide Range of ARM DevicesKali Linux PoliciesSingle Root User by DefaultNetwork Services Disabled by DefaultA Curated Collection of ApplicationsSummary2. Getting Started with Kali LinuxDownloading a Kali ISO ImageWhere to DownloadWhat to DownloadVerifying Integrity and AuthenticityCopying the Image on a DVD-ROM or USB KeyBooting a Kali ISO Image in Live ModeOn a Real ComputerIn a Virtual MachineSummary3. Linux FundamentalsWhat Is Linux and What Is It Doing?Driving HardwareUnifying File SystemsManaging ProcessesRights ManagementThe Command LineHow To Get a Command LineCommand Line Basics: Browsing the Directory Tree and Managing FilesThe File SystemThe Filesystem Hierarchy StandardThe User's Home DirectoryUseful CommandsDisplaying and Modifying Text FilesSearching for Files and within FilesManaging ProcessesManaging RightsGetting System Information and LogsDiscovering the HardwareSummary4. Installing Kali LinuxMinimal Installation RequirementsStep by Step Installation on a Hard DrivePlain InstallationInstallation on a Fully Encrypted File SystemUnattended InstallationsPreseeding AnswersCreating a Preseed FileARM InstallationsTroubleshooting InstallationsSummary5. Configuring Kali LinuxConfiguring the NetworkOn the Desktop with NetworkManagerOn the Command Line with IfupdownOn the Command Line with systemd-networkdManaging Unix Users and Unix GroupsCreating User AccountsModifying an Existing Account or PasswordDisabling an AccountManaging Unix GroupsConfiguring ServicesConfiguring a Specific ProgramConfiguring SSH for Remote LoginsConfiguring PostgreSQL DatabasesConfiguring ApacheManaging ServicesSummary6. Helping Yourself and Getting HelpDocumentation SourcesManual PagesInfo DocumentsPackage-Specific DocumentationWebsitesKali Documentation at docs.kali.orgKali Linux CommunitiesWeb Forums on forums.kali.org#kali-linux IRC Channel on FreenodeFiling a Good Bug ReportGeneric RecommendationsWhere to File a Bug ReportHow to File a Bug ReportSummary7. Securing and Monitoring Kali LinuxDefining a Security PolicyPossible Security MeasuresOn a ServerOn a LaptopSecuring Network ServicesFirewall or Packet FilteringNetfilter BehaviorSyntax of iptables and ip6tablesCreating RulesInstalling the Rules at Each BootMonitoring and LoggingMonitoring Logs with logcheckMonitoring Activity in Real TimeDetecting ChangesSummary8. Debian Package ManagementIntroduction to APTRelationship between APT and dpkgUnderstanding the sources.list FileKali RepositoriesBasic Package InteractionInitializing APTInstalling PackagesUpgrading Kali LinuxRemoving and Purging PackagesInspecting PackagesTroubleshootingFrontends: aptitude and synapticAdvanced APT Configuration and UsageConfiguring APTManaging Package PrioritiesWorking with Several DistributionsTracking Automatically Installed PackagesLeveraging Multi-Arch SupportValidating Package AuthenticityPackage Reference: Digging Deeper into the Debian Package SystemThe control FileConfiguration ScriptsChecksums, ConffilesSummary9. Advanced UsageModifying Kali PackagesGetting the SourcesInstalling Build DependenciesMaking ChangesStarting the BuildRecompiling the Linux KernelIntroduction and PrerequisitesGetting the SourcesConfiguring the KernelCompiling and Building the PackageBuilding Custom Kali Live ISO ImagesInstalling Pre-RequisitesBuilding Live Images with Different Desktop EnvironmentsChanging the Set of Installed PackagesUsing Hooks to Tweak the Contents of the ImageAdding Files in the ISO Image or in the Live FilesystemAdding Persistence to the Live ISO with a USB KeyThe Persistence Feature: ExplanationsSetting Up Unencrypted Persistence on a USB KeySetting Up Encrypted Persistence on a USB KeyUsing Multiple Persistence StoresSummarySummary Tips for Modifying Kali PackagesSummary Tips for Recompiling the Linux KernelSummary Tips for Building Custom Kali Live ISO Images10. Kali Linux in the EnterpriseInstalling Kali Linux Over the Network (PXE Boot)Leveraging Configuration ManagementSetting Up SaltStackExecuting Commands on MinionsSalt States and Other FeaturesExtending and Customizing Kali LinuxForking Kali PackagesCreating Configuration PackagesCreating a Package Repository for APTSummary11. Introduction to Security AssessmentsKali Linux in an AssessmentTypes of AssessmentsVulnerability AssessmentCompliance Penetration TestTraditional Penetration TestApplication AssessmentFormalization of the AssessmentTypes of AttacksDenial of ServiceMemory CorruptionWeb VulnerabilitiesPassword AttacksClient-Side AttacksSummary12. Conclusion: The Road AheadKeeping Up with ChangesShowing Off Your Newly Gained KnowledgeGoing FurtherTowards System AdministrationTowards Penetration TestingIndex