: penetration testing, a book suitable for use by both beginners and experienced administrators and information security experts for the purpose of conducting an IT infrastructure security audit. The book consists of 8 parts, which include 62 chapters with a detailed description of the tools used and testing techniques.

The book is a systematic collection, including translations of English-language resources, books and websites dedicated to the topic penetration testing and the authors’ own experience.

Official description for the book:

Kali Linux is advanced Linux distribution for penetration testing and security audits. The information in this book is intended for informational purposes only or penetration testing of your own se tey.

To test third party networks, get written permission.

"Penetration testing (jarg: Pentest) - a method for assessing the security of computer systems or networks by simulating an attack by an attacker." - WiKi.

All responsibility for implementing the actions described in the book lies with you. Remember that unlawful actions are subject to liability, including criminal liability.

The book consists of 8 parts, which include 62 chapters. Everything is explained in detail using examples. The book uses the most current information available today.

1. General information and installation of Kali Linux

• What is Kali Linux?
• How to install Kali Linux: detailed instructions for installation on a computer and in a virtual machine
• Installing VirtualBox Guest OS Add-ons for Kali Linux 2.0
• How to install Kali Linux on a USB flash drive and external drive (the easy way)
• Top 10 Tips on What to Do After Installing Kali Linux 2.0
• VMware Tools in Kali Guest
• How to enable VPN on Kali Linux - resolving the problem with the inability to add VPN
• Checking and restoring repositories in Kali Linux from the command line
• How to change desktop environment in Kali Linux
• How to add/remove a regular (non-root) user in Kali Linux
• How to reset root password in Kali Linux
• Restoring GRUB in Kali Linux after upgrading to Windows 10
• Increase your anonymity on the Internet with Tor in Kali Linux

2. Kali Linux Tools Overview

• Overview of Kali Linux tools sections. Part 1. Brief description of all sections
• Overview of Kali Linux tools sections. Part 2: Information Gathering Tools
• The best hacking programs
• Exploit database from Offensive Security (creators of Kali Linux)

3. Wireless penetration testing

• Best Kali Linux Compatible USB Wi-Fi Adapters
• Hack Wi-Fi password (WPA/WPA2) using pyrit and cowpatty in Kali Linux
• Hacking Wifi WPA/WPA2 passwords using Reaver
• Modification of the Reaver fork - t6x - to use the Pixie Dust attack
• Hacking WPA2/WPA passwords using Hashcat in Kali Linux (Wi-Fi password brute-force attack using a mask)
• Wifite mod with Pixiewps support
• Hacking Wi-Fi networks: tools that were not included in Kali Linux
• Router Scan by Stas’M on Kali Linux (hacking routers and Wi-Fi on an industrial scale)
• Repairing Wifi_Jammer and Wifi_DoS in WebSploit
• Wireless network stress test with Wifi_Jammer: how to jam Wi-Fi
• Stress test of a wireless network with Wifi_DoS: how to finish Wi-Fi

4. Network stress tests

• Network stress test (Website DoS) with SlowHTTPTest in Kali Linux: slowloris, slow body and slow read attacks in one tool
• Network Stress Test: Website DoS in Kali Linux with GoldenEye
• Network stress test with Low Orbit Ion Cannon (LOIC)
• Network stress test: DoS using hping3 and IP spoofing in Kali Linux

5. Analysis of vulnerabilities in web applications

• WhatWeb instructions: how to find out the site engine in Kali Linux
• SQL Injection: A Simple Explanation for Beginners (Part 1)
• Using SQLMAP on Kali Linux: Hacking Websites and Databases Using SQL Injections
• Hacker plugins for Firefox
• Scan for WordPress vulnerabilities: WPScanner and Plecost
• New version of Plecost 1.0.1 - software for searching WordPress vulnerabilities
• Working with W3af in Kali Linux
• ZAProxy: Web Application Penetration Testing
• How to Run Metasploit Framework on Kali Linux 2.0
• How to Run Metasploit Framework on Kali Linux 1.1
• Metasploit Exploitation Framework and searchsploit - how to search and how to use exploits
• DIRB: Find hidden directories and files on websites
• Search for admin panels of sites with Kali Linux

6. Analysis of vulnerabilities in operating systems and server software

• Vulnerability scanning with OpenVAS 8.0
• Armitage instructions: automatic search and verification of exploits in Kali Linux
• How to scan Linux for rootkits using rkhunter
• Linux Security Audit
• Installing Linux Malware Detect (LMD) on Linux
• How to FIND out your Windows password?

7. Network scanning. Interception of data in networks

• Emulate a network of several computers on one computer
• How to Use NMAP Security Scanner on Linux
• Book on Nmap in Russian
• Hacking a Website Password Using WireShark (and Protecting Against It)
• FTP-Map: we determine the software and its version for FTP servers and look for exploits for them
• ZMap or How to scan all IPv4 addresses in the world in 45 minutes
• 8. Attacks on passwords. Brute forcing
• Dictionary attack word lists: passwords, usernames, directories
• PW-Inspector: selecting passwords that meet the criteria
• THC-Hydra: A Very Fast Network Login Cracker (Part One)
• Bruteforcing websites with Hydra (part two of Hydra instructions)
• Crunch - Password Generator: Basics of Use and Practical Examples
• BruteX: program for automatic brute force of all services

JavaScript is disabled in your browser

Containing many programs and utilities related to security testing and hacking. The distribution is used to test security and find system vulnerabilities, but can also be used by hackers.

Kali Lunux is a continuation of the development of the BackTrack Linux distribution.

Desktop environment

Kali uses Gnome 3 as its main desktop environment, but with a redesigned interface reminiscent of classic Gnome.

All programs can be accessed through the main menu; security check programs and utilities are divided into categories.

Kali builds are available with the following working environments:

Installation

Installing Kali should not be difficult. All actions are performed through a simple installer.

The distribution can be run in LiveCD mode.

Programs

Kali Lunux contains more than 300 different utilities that can be used to conduct tests, find vulnerabilities, analyze data, sniffing, spoofing, hacking networks and systems, and perform other actions.

Supported Platforms

Platforms supported are 32-bit x86, 64-bit x86, as well as ARM architecture (ARMEL and ARMHF).

Can run on Raspberry Pi (including Raspberry Pi 4), Odroid, Cubox, Beaglebone, Samsung Chromebook.

The distribution can also be installed on some ARM architecture tablets.

The release is intended for experienced users.

You can find documentation on the distribution on the official website. Some articles have been translated into Russian.

Kali Linux distribution releases

Version	Date release	Core
1.0	March 13, 2013
1.0.7	May 27, 2014
2.0	August 11, 2015
2016.1	January 21, 2016
2016.2	August 31, 2016
2017.1	April 25, 2017
2017.2	September 20, 2017
2017.3	November 21, 2017
2018.1	06 February 2018
2018.2	April 30, 2018
2018.3	August 21, 2018
2018.4	October 20, 2018
2019.1	January 19, 2019

Kali Linux is a popular distribution designed for testing the vulnerability of wireless networks and finding passwords for them. Of course, the functionality of the application is not limited to this, since it is simply huge. The software also provides other important options, but we’ll talk about them a little later.

To begin with, we would like to answer the question that often arises among inexperienced users: what is Kali Linux? The software at one time became a real breakthrough in the IT technology industry and is still a favorite of hackers around the world. And this is not at all surprising, because the program is essentially a modern, powerful tool for conducting computer security audits and, accordingly, penetration and hacking. This is if we talk about the purpose of the utility in a nutshell without unclear terms.

Reference: Kali was developed on top of Ubuntu and was first known as BackTrack. The application received its current name in 2013.

And now a few words about what this product is for. If you think that it is only for hacking, then you are undoubtedly mistaken. The software is an excellent assistant in monitoring the network for various errors ⁄ vulnerabilities or unauthorized access from the outside. Everything else is secondary.

Installing Kali Linux

Although the product is a Linux distribution, it can be installed on both Windows and Android devices, which we will discuss further. There is an opinion that this is not so easy to do, and it is partly true. There is a lot of information on the internet, but it is all confusing and not very informative. We will tell you about the installation in a short format. So:

1. Download the distribution image from our website.
2. We launch the image using standard Windows tools or using specialized programs.
3. Run the setup.exe file
4. We follow the instructions; during the installation process, the computer will reboot and offer the choice to boot from Kali Linux.

Kali Linux on Android

Let's now talk about installing the program on Android devices (smartphones ⁄ tablets). This process is a little time-consuming in that you will need to additionally download an emulator application (for example, Limbo PC Emulator). You can find it in the Play Store. This is where your account will be created, your hard drive will be configured, and the system for working with Kali will be launched.

Kali Linux Tools

The software distribution of the system includes such testing tools as:

• – a set of utilities for detecting WiFi networks, intercepting traffic transmitted through them, monitoring WEP and WPA/WPA2-PSK keys;
• Burp Suite is a Java application for searching for vulnerabilities in web applications and websites. Includes several categories: proxy server, spider, intruder, repeater;
• – online password cracker for UNIX platform services, can attack several resources simultaneously;
• John the ripper – a program for auditing and selecting passwords (searching for NTLM hashes, Kerberos, etc.);
• Maltego – software created for analyzing and recording information from databases;
• – designed for creating and using exploits, as well as monitoring system security;
• – a platform for scanning IP networks with a different number of objects, checks the status of ports, nodes and the corresponding special services;
• Sqlmap – designed to find and exploit SQL vulnerabilities, can function on most OSes;
• – a popular and convenient traffic analyzer for Ethernet and other networks.

By the way, most of these programs are console programs (that is, they are launched from the command line).

We have not named all the software tools (it is constantly changing and updated), but from the products listed above we can conclude that Kali Linux is very versatile and functional. By the way, the developers are not asleep and periodically “delight” users with improvements and new versions, even more professional and convenient.

Our review turned out to be quite short, because we can talk about this utility for hours (if not days). We tried to tell you about why the software is interesting and who might need it. Otherwise, we still advise you to decide to test and download Kali Linux in Russian - you can do this for free on our website. We assure you that the software is worthy of your acquaintance!

Kali Linux is a distribution developed by Offensive Security, which has become very popular among those interested in system security and searching for various vulnerabilities.

Below you can download the latest version of Kali Linux for 64-bit and 32-bit systems.

It is also actively used by hackers. The distribution is designed for certain categories of users and specialists in the field of information networks, and therefore is not suitable as the main system for beginners and beginners. Kali Linux was developed on the basis of Debian and uses the Gnome graphical shell as its desktop.

It uses a number of developments designed for digital forensics, and also contains a large number of settings and tools related to network and system security.

The distribution does not represent much value for the average Linux user - it only contains the kernel and basic utilities. However, Kali Linux is valuable precisely because of the abundance of tools and settings for testing system security.
There are a number of features here - for example, the default user in the system is root.

Due to the fact that Kali is based on Debian, you can install applications from available repositories. The distribution can be installed without much difficulty using a simple installer. You can also run the installation from LiveCD.

Kali Linux download links:

Name	Bit depth	Image	Size	Link
Kali Linux 2018.4	64-bit	ISO	2.92 Gb

Kali Linux is intended for testing systems for vulnerabilities, conducting audits, analyzing residual information, and identifying the consequences of attacks by intruders. Contains many utilities for conducting penetration testing: from analyzing web application vulnerabilities to hacking networks and services and securing them in the system.

Kali includes one of the most comprehensive collections of tools for computer security professionals: from tools for testing web applications and penetrating wireless networks, to programs for reading data from RFID identification chips.

Kali Linux comes with a collection of exploits and more than 300 specialized security testing utilities, such as Aircrack, Maltego, SAINT, Kismet, Bluebugger, Btcrack, Btscanner, Nmap, p0f. In addition, the distribution includes tools to speed up the selection of passwords (Multihash CUDA Brute Forcer) and WPA keys (Pyrit) through the use of CUDA and AMD Stream technologies, which allow the use of GPUs of NVIDIA and AMD video cards to perform computing operations. In addition, the distribution includes the metasploit-framework package, which contains Metasploit components and an exploit database. All dependencies necessary to run Metasploit are collected in one package, which simplifies the installation of Metasploit Community / Pro from the Rapid7 website.

All original developments created as part of the distribution are distributed under the GPL license and are available through the public Git repository. A full iso image, 2.8 GB in size, and a stripped-down image based on the Xfce desktop, 1 GB in size, have been prepared for download. Builds are available for x86, x86_64, ARM architectures (armhf and armel, Raspberry Pi, ARM Chromebook, Odroid).

The key change in the new release is the use of a rolling update delivery model, in which versions of programs in the distribution are always kept up to date, and new releases are delivered as they become available, without the need to periodically migrate to new releases of the distribution. System updates are imported from the Debian testing branch, and updates to versions of security testing utilities are released by Kali Linux developers within a few days of the release of a new version. To track new releases of security testing tools, a special web interface, Kali Linux Package Tracker, has been prepared.

Features of the new release:
Like the previous version, the new distribution is multi-platform and supports the following ecosystems: x32, x64
The update affected, first of all, stability.
The distribution is based on the Debian Linux kernel, and the number of drivers for hardware support and Wi-Fi wireless adapters has been significantly increased. The user is offered a choice of desktops based on LXDE, Xfce, MATE, e17 (window manager (WM) for the X11 system in Linux).
Updates: support for rolling distribution (rolling release) mode.
Relevance: monitoring and updating the utilities included in the distribution.
Workspace: new style, menu composition and user interface.
Checking utility versions
- A system for checking versions of the main utilities is integrated into the distribution. They will also be promptly updated as soon as new versions are released.
New design
ARM and NetHunter support
- Kali Linux 2016.2 officially works on Raspberry Pi, Chromebooks, Odroid, etc. The kernel sources are posted in the ARM images section for easier compilation of new drivers.