2016年9月7日 星期三

Kali Study Diary

2016/9/6
For study how to using Kali to doing penetration test, I'm plan to following the book "Mastering-Kali-Linux-for-Advanced-Penetration-Testing", step by step practice those attacking skill.

first, is build up the Kali Lab environments, I've setup two Kali system, one is running on VirtualBox VM, and the other is on USB for portable.

1. Download Kali system image including VM and USB version from official website.
2. Install Kali VM on my Windows 10 laptop
3. Install Kali bootable USB image on 16G USB flash drive, and config rest of free space to join in persistence environment.

After Kali is installed and running, doing system update as following commands:
#apt-get update
#apt-get upgrade -y
#apt-get dist-upgrade -y

and put those commands in upgrade.sh script file.

Customization make to Kali:
1. Resetting the root password
#passwd root
2. Adding a non-root user
#adduser nonroot
3. Truecrypt is no longer bundled with Kali. Many users recommend use Veracrypt instead. I don't need it right now, so skip it.
4. Installing third-party applications
#apt-get install apt-file
#apt-get install scrub
#apt-get install shutter
#apt-get terminator
5. skip those applications, teamviewer, openoffice, istanbul, gnome-tweak-tool

Management tools of penetration test, classify in Application -> Reporting Tools, such as dradis, magictree and cutycapt etc.