🛠Security Tool Cheatsheet
Alex Morgan — Senior Penetration Tester
What is Kali Linux?
Kali Linux is a Debian-based penetration testing platform equipped with numerous tools designed for various cybersecurity tasks, including penetration testing, security research, computer forensics, and reverse engineering.
Installation
Kali Linux can be installed in various ways: as a full operating system, in a virtual machine, or on a USB drive. Follow the official documentation for the best practice:
1. Download the ISO from the official site.
2. Create a bootable USB with a tool like Rufus or Etcher.
3. Boot from the USB and follow the installation instructions.
Basic Syntax
The basic syntax used in Kali Linux commands generally comprises one or more options followed by the target or operation specification.
Discovery
1. Network Scanning with Nmap
nmap -sP 192.168.1.0/24
This command performs a ping scan on the local network.
2. Discover Open Ports
nmap -sS -p- 192.168.1.100
This scans all ports on the specified IP using SYN scan.
Scanning
1. Vulnerability Scanning
nikto -h http://targetsite.com
This runs a web server vulnerability scan against the target site.
2. Service Version Detection
nmap -sV -p 22,80,443 192.168.1.100
This command checks the versions of the services running on specified ports.
Exploitation
1. Metasploit Framework
msfconsole
Launch the Metasploit console for managing various exploits and payloads.
Analysis
1. Log Analysis with Logwatch
logwatch --detail high --mailto admin@example.com
This command generates a detailed log report sent to the specified email.
Evasion
1. Bypassing Windows Defender
echo 'malicious code' > payload.exe
This creates an executable that may be less detectable.
Reporting
1. Generating Reports with Metasploit
db_export -f xml -a report.xml
This command exports the Metasploit database to an XML report.
Quick Reference Table
| Flag | Description |
|---|---|
| -sP | Ping scan |
| -sS | SYN scan |
| -sV | Service version detection |
Pro Tips
- Always use -oN with Nmap to save output for analysis.
- Leverage the searchsploit command for quick exploit searching.
- Utilize tmux for managing multiple terminal sessions.
Real-World Examples
Analyzing a recent penetration test, a well-structured approach using Nmap followed by exploitation through Metasploit yielded a comprehensive understanding of the target environment.