June 2014 WMLUG Meeting Kali Linux

Similar documents
Vulnerability Assessment and Penetration Testing

Penetration Testing with Kali Linux

Deciphering The Prominent Security Tools Ofkali Linux

Audience. Pre-Requisites


Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

by Penetration Testing

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

The Security Development Life Cycle

Attack Frameworks and Tools

2016 TÜBİTAK BİLGEM Cyber Security Institute

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Department of Computer Science and Technology, UTU 2014

INFORMATION SECURITY TRAINING CATALOG (2016)

RMAR Technologies Pvt. Ltd.

CRYPTUS DIPLOMA IN IT SECURITY

INFORMATION SECURITY TRAINING CATALOG (2015)

BackTrack 5 tutorial Part I: Information gathering and VA tools

CYBERTRON NETWORK SOLUTIONS

Penetration Testing. Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014

Build Your Own Security Lab

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. abechtsoudis (at) ieee.

Define risk and risk management Describe the components of risk management List and describe vulnerability scanning tools Define penetration testing

Conducting Web Application Pentests. From Scoping to Report For Education Purposes Only

Best IT Security Tools & Software. rewind< & past database.com

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Application Security Testing

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Ethical Hacking Course Layout

Penetration Testing 2014

CEH Version8 Course Outline

Newsletter - September T o o l s W a t c h T e a m NJ OUCHN & MJ SOLER

WEB APPLICATION HACKING. Part 2: Tools of the Trade (and how to use them)

Bust a cap in a web app with OWASP ZAP

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Creation of Pentesting Labs

Open Source Security Tool Overview

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8

!!!!!!!!!!!!!!!!!!!!!!

ANTI-HACKER TOOL KIT. ourth Edition

How To Hack A Nmap Port Scan With A 10 Second Delay On A Network With A Network On A Windows Server (For A Freebie) On A Linux Computer (For Freebie). For A Free Download) On An Ipnet (For

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments

(WAPT) Web Application Penetration Testing

Information Security. Training

VMware: Advanced Security

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Certified Cyber Security Expert V Web Application Development

Web application testing

Kerem Kocaer 2010/04/14

Metasploit Unleashed. Class 2: Information Gathering and Vulnerability Scanning. Georgia Weidman Director of Cyberwarface, Reverse Space

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Network Security. Network Packet Analysis

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Network Penetration Testing

Penetration Testing Workshop

Ethical Hacking as a Professional Penetration Testing Technique

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

DenyAll Detect. Technical documentation 07/27/2015

Penetration Testing - a way for improving our cyber security

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Attack and Penetration Testing 101

Evaluation of Penetration Testing Software. Research

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Summer Training Program CCSE V3.0 Certified Cyber Security Expert Version 3.0

ensuring security the way how we do it

The Incident Response Playbook for Android and ios

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

Kali Linux Cookbook. Willie L. Pritchett David De Smet. Chapter No. 9 "Wireless Attacks"

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

PENTEST. Pentest Services. VoIP & Web.

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

Penetration Testing LAB Setup Guide

Wireless Tools. Training materials for wireless trainers

Ethical Hacking and Attack Tools

Security Considerations White Paper for Cisco Smart Storage 1

Workshop Designed & Powered by TCIL IT, Chandigarh

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Introduction to Network Security Lab 2 - NMap

Course Content: Session 1. Ethics & Hacking

Client logo placeholder XXX REPORT. Page 1 of 37

PKF Avant Edge. Penetration Testing. Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP

Wireless Auditing on a Budget

Tactical Exploitation the other way to pen-test. hdm / valsmith

Cyber Exercises, Small and Large

How to hack a website with Metasploit

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Transcription:

June 2014 WMLUG Meeting Kali Linux "the quieter you become, the more you are able to hear" Patrick TenHoopen

Kali Linux Kali Linux is a free and open source penetration testing Linux distribution designed for IT and security professionals for testing defenses by simulating attacks. Home page: http://www.kali.org/ Downloads: http://www.kali.org/downloads/

Kali Linux Kali Linux is funded by Offensive Security, a security training and penetration testing consulting company. First released on 3/13/2013, it is a complete rebuild of BackTrack Linux resulting in an easier to use tool. It has over 300 penetration testing tools. While BackTrack was based on Ubuntu, Kali is based on Debian. The current version is 1.0.7, released on 5/27/2014. It is available in a live or installable ISO.

About Offensive Security Offensive Security was founded in 2007 with the belief that in order to have the best defense against security attacks, one must take an offensive approach. They practice attacking systems to test defenses and offer training and free tools. They maintain the Exploit Database (http://www.exploit-( db.com/) ) which is an archive of exploits and vulnerable software. They have a free training course titled Metasploit Unleashed that explains how to use Metasploit. It is available at http://www.offensive-security.com/metasploit- unleashed/main_page.

Kali's Top Ten Security Tools 1. aircrack-ng - Aircrack-ng is an 802.11 WEP and WPA-PSK key cracking program. 2. burpsuite - The Burp Suite is a platform for testing security of web apps. 3. hydra - Hydra is a tool for guessing/cracking valid login/password pairs. 4. john - John the Ripper is a password cracker. 5. maltego - Maltego is an open source intelligence gathering and forensics program written in Java that paints a threat picture in a graphical interface by showing relationships between entities in your environment such as people, web sites, Internet infrastructure, documents and files, among other things.

Kali's Top Ten Security Tools 6. metasploit framework - The Metasploit framework is penetration testing software that allows you to complete the testing faster and generate reports of key findings. New exploits are added each day providing you with a tool to find security weak spots before an attacker does. 7. nmap - Nmap ("Network Mapper") is a open source utility for network discovery and security auditing. 8. owasp-zap - OWASP Zed Attack Proxy (ZAP) is a penetration testing tool for finding vulnerabilities in web apps. 9. sqlmap - sqlmap is a penetration testing tool that automates detecting and exploiting SQL injection flaws and taking over database servers. 10.wireshark - Wireshark is a network protocol analyzer.

Tool Categories Information Gathering Maintaining Access Vulnerability Analysis Reverse Engineering Web Applications Stress Testing Password Attacks Hardware Hacking Wireless Attacks Forensics Exploitation Tools Reporting Tools Sniffing/Spoofing System Services

Information Gathering DNS Analysis SNMP Analysis IDS/IPS Identification SSL Analysis Live Host Identification Telephony Analysis Network Scanners Traffic Analysis OS Fingerprinting VoIP Analysis OSINT Analysis VPN Analysis Route Analysis Service Fingerprinting SMB Analysis SMTP Analysis

Vulnerability Analysis Cisco Tools Database Assessment Fuzzing Tools Misc Scanners Open Source Assessment OpenVAS

Web Applications CMS Identification Database Exploitation IDS/IPS Identification Web Application Fuzzers Web Application Proxies Web Crawlers Web Vulnerability Scanners

Password Attacks GPU Tools Offline Attacks Online Attacks Passing the Hash

Wireless Attacks 802.11 Wireless Tools Bluetooth Attacks Other Wireless Tools RFID/NFC Tools NFC Tools RFIDiot ACG RFIDiot FROSCH RFIDiot PCSC Software Defined Radio

Exploitation Tools BeEF XSS Framework Cisco Attacks Exploit Database Exploit Development Tools Metasploit Network Exploitation Social Engineering Toolkit

Sniffing/Spoofing Network Sniffers Network Spoofing Voice and Surveilance VoIP Tools Web Sniffers

Maintaining Access OS Backdoors Tunneling Tools Web Backdoors

Reverse Engineering Debuggers Disassembly Misc RE Tools

Stress Testing Network Stress Testing VoIP Stress Testing Web Stress Testing WLAN Stress Testing

Hardware Hacking Android Tools Arduino Tools

Forensics Anti-Virus Forensics Tools Password Forensic Tools Digital Anti-Forensics PDF Forensic Tools Digital Forensics RAM Forensic Tools Forensic Analysis Tools Forensic Carving Tools Forensic Hashing Tools Forensic Imaging Tools Forensic Suites Network Forensics

Reporting Tools Documentation Evidence Management Media Capture

System Services BeEF Dradis HTTP Metasploit MySQL OpenVas SSH

Demo - nmap Scan a single IP: nmap v A 192.168.1.17 Scan an IP range: nmap v A 192.168.1.1 254

Demo - John the Ripper Download password file word lists (free ones) at http://download.openwall.net/pub/passwords/wordlists/all.gz Scan using built-in word list: john shadow format=crypt Scan using custom word list: john shadow wordlist=/root/john/all format=crypt Press any key to get a status while it is running. Press Ctrl-C to stop and save progress to be resumed using john session.

Demo - johnny johnny is a GUI for John the Ripper

Demo - ophcrack How-To: http://sourceforge.net/p/ophcrack/wiki/ophcrack Howto/ Download free rainbow table files at http://sourceforge.net/tables.php Unzip table file(s) and install into ophcrack (Tables > Import) Obtain password info from a Windows computer using pwdump (can use live Kali), fgdump, etc. fgdump downloadable from http://www.foofus.net/goons/fizzgig/

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information