What is Kali Linux? If you’ve ever wanted to crack your Wi-FI password or hack your website to find security vulnerabilites you should be familiar with Kali Linux.
Developed in March, 2013 by Mati Aharoni (Offensive Security), Kali Linux it’s a Debian based OS (Linux) packed with almost all penetration testing & security auditing tools. Kali comes with a custom kernel, patched for injection and more than 600 pre installed tools which can help you to find your computer security weaknesses.
Kali it’s developed in secure environment, supports both ARMEL and ARMHF systems which means Kali can run in single board computers like Rasperry PI or BeagleBone Black and it’s completely customizable.
Most popular tools and what are used for?
It’s hard to list & explain all Kali tools but we’ll try to mention most powerful ones.
1. Metasploit – Referring as a hacking framework, Metasploit can be used for developing, testing and executing various exploits against remote target machines. Learn how to use Metasploit.
2. Aircrack-ng – Also referring as a best Wi-FI (Wireless) cracking tool, using Aircrack-ng you will be able to crack WEP & WPA-PSK keys.
3. THC Hydra – is the most popular password cracker tool, using dictionary or brute-force attacks this tool can crack Email (POP3, IMAP etc), Databases, LDAP, SMB, VNC & SSH passwords.
4. Social Engineer Toolkit (SET) – the tool which ‘attack humans’ more than computer systems, used to send emails, java applications, website links, etc injected with malicious code.
5. Reaver – is the most simplest Wi-Fi cracking tool for WPS enabled routers, if the router has its default pin code, Reaver will crack it within 10 seconds.
6. BeEF – or Browser Exploitation Framework is specially designed to attack peoples browsers, if you access an XSS vulnerable site connected with BeEF, the attacker owns your browser, attacker can install plugins, open new pages, redirect you to malware infected url etc.
7. Wireshark – it’s a network analysis tool, referred as a network sniffer can be used to examine every network packet, often used to sniff passwords and other sensitive data.
8. Nmap – most important thing while hacking is knowing your road, Nmap known as network mapper is used to scan systems or networks, using this tool, you will be able to scan open ports, running services, NetBIOS, system OS and a lot of other information.
9. Hashcat – using custom word list or brute force attack technique, this tool can crack almost any kind of hash, it works with CPU & GPU.
10. SQLmap – using this tool you can detect SQL injectable websites and inject malicious code to them, extract database data or access to site files.
How do we use Kali Linux?
To start your advanced penetration testing and ethical hacking adventure, please follow steps below.
Download Kali Linux only from official download page: https://www.kali.org/downloads/
Select ISO image according to your CPU architecture.
After saving ISO image, you should check file SHA-256 fingerprint and compare it with SHA-256 in official download page to verify image integrity.
Kali Linux can be installed in physical computer and virtual machines.
To install in physical computer you need to make a bootable usb or cd using downloaded ISO image, this can be done easily using Rufus (download).
Now we can continue installing Kali.
After installing (few minutes later), you will be able to boot for the first time:
So, there you have it, a quick brief on What is Kali Linux, Most Powerful Tools and How do we use it?
Now that you are done installing, you can begin your penetration testing and ethical hacking. Thanks for reading and don’t hesitate to use the comment section to give your opinion!