Overview of Tools in Kali Linux

00:00

an overview of the tools in Cali Lennox are learning objectives to learn about the various tools available in Kali Lennox and installing some of these tools that will help you in this course and in your hacking journey.

00:13

So if you see that dragging up on the left hand side of your Cali Vm, you can search for different applications there group very nicely as you can see like number one's information gathering to his vulnerability analysis. Um So they group things very logically and very nicely uh in the Cali Vm.

00:30

So they typically fall these applications fall into either the command line or to a gooey. So I used Windows a lot when I was younger and I'm used to seeing Windows pop up and nice graphical user interfaces and I just preferred that. So when I started my hacking journey

00:47

um the gooey version of N map with Zen Map, I started using that and I was more comfortable with that. But as I got more proficient as a pen tester, I greatly preferred using the command line. So now I like using end map because I can customize my flags and I think it runs a whole lot faster using the command line. So

01:06

I think you'll find as you get more proficient as a pen tester that the command line is going to be something that you gravitate towards.

01:14

So we want to customize our setup and it may be different for you. But I know for me I like using the root user off the bat. Um as we saw before when we installed the Cali VMS uh we had Callie is one of the users, we had cyber ninja, I made my cyber ninja user. Those aren't root users. The root user is actually named route and it was something that can be used for a very, very long time and that's what I learned on. So that's what I prefer is just having the root user there.

01:40

You may need to install software and we're gonna install the beef framework can be used to have that by default, it doesn't have that anymore. So we're gonna become familiar with installing packages.

01:51

We also want to install more than one browser. So firefox is by default in in Cali used to be ice weasel. Now it's firefox. I also like to install chromium um in my Cali VMS just because when we get into web web attacks, some browsers work with like cross site scripting. Maybe firefox will work whereas chromium won't and vice versa.

02:12

Also with browser add ons. I prefer having different browsers. Just because when I use Burp suite you'll see if you have a lot of extensions added and you intercept, you're starting to intercept all that traffic that it creates a lot of traffic having all these extensions. So I like having two different browsers, one with a bunch of extensions and one without

02:30

um you can have things like cookie editors,

02:34

you know, things like Apple Isar, which is a website, technology enumeration uh, and add on for that.

02:44

So we're not kelly B M. And there's that little dragon on the side

02:47

and here's our search bar. So if I do something like N map

02:52

and I click on it,

02:53

you can see that the command line pops up

02:58

now. What I want to do when I'm in the command line is I want to right click and go to preferences

03:02

And behavior and ensure that I have unlimited history clicked here because a lot of these tools have a lot of output and we want to be able to read all that output and not restrict ourselves to 1000 lines. So make sure you have unlimited history there.

03:15

The other thing that you want to do is you want to make sure that your VM is up to date. So you want to do something like pseudo

03:23

act

03:27

update

03:30

and you can see here with this Z S H shell. If I've typed in a command before, it's great out and if I just do the right arrow,

03:39

you can see, it lets me it completes that command so I can type or hit enter now

03:45

enter my password

03:49

and it will update and upgrade for me.

03:53

So I've already updated and upgraded recently. It may take you a while when you do it for the first time.

03:59

So I want to clear the terminal. Just hit clear.

04:02

Now let's install chromium. So I'll do Sudo apt install

04:08

chromium.

04:10

Yeah.

04:11

And that should install the chromium package.

04:18

Some of these packages might take a while. It just really depends.

04:23

So now you can type in chromium.

04:25

Mm

04:26

So as you can see there's tab completion. So if I just do C h C H R O M tab,

04:33

it will do this Chromeos TPM recovery. That's not what I want.

04:38

If I do C H R O M I you I'm almost done with chromium but it hit tab.

04:45

Doesn't do it for me. I hit em chromium pops up. There we go.

04:47

Mm

04:48

So here's chromium, we can use this now. So we have both firefox and chromium and we want to go to

04:56

more tools

04:58

and extensions.

05:00

Now you can see I've already installed Foxy, proxy

05:04

WAP allies er and cookie editor.

05:08

Go ahead and install that in your VM.

05:11

Just go to open chrome web store

05:15

and you know, type in.

05:18

You can click cancel,

05:19

cancel

05:21

type in WAP

05:29

WAP Eliza

05:32

enter

05:34

I spelled that wrong.

05:36

Yeah.

05:38

Yeah

05:39

here we go.

05:41

There's one appetizer

05:43

so you go here for you will say add the extension now if you right click up here

05:49

or click on extensions. I should say these may not be pinned up top. So make sure that when you click on extension you want to be able to get to them easily. Make sure you pin these

06:03

by making sure they're blue.

06:06

All right.

06:11

So I'll clear the terminal again.

06:15

Uh kelly Lennox used to have something called G edit as as a text editor. Now has something called mouse pad. I prefer G Edit. So I'm gonna install that. So Sudo

06:25

apt installed G edit

06:30

and that should install that for me.

06:31

So now I can type G. Edit

06:35

and that will pop up for me.

06:39

And I talked about the root user before if I want to become the root user and create a login for the root user, do Sudo su

06:47

enter

06:48

and now I'm the root user. So now I want to do is create a password for the root user. So do P. A. S. S. W. D.

06:56

Route.

06:58

And I'll take in a new password.

07:00

Yeah.

07:02

And next time you're presented with the log in you can type in route and your password to login as the root user.

07:09

So now I want to install to be framework.

07:13

So do act notice. I don't have to do Sudo now. Apt installed

07:16

beef,

07:18

X. S. S.

07:26

So that a change directory user share

07:30

beef.

07:31

And if I want to list the files LS.

07:35

Space tech, L. A. Or hyphen L. A.

07:40

Listings nicely for me. And I can see there's that

07:44

beef by do beef. Now

07:46

click enter.

07:47

We can see is starting to load

07:50

and I can go to the user interface here right click

07:59

and now let's try to log in.

08:01

Yeah,

08:03

I didn't like that.

08:05

Try it again.

08:07

Yeah.

08:09

So now I've logged in and here's the beef user interface.

08:13

We can talk about beef a little bit later when we start talking about client side attacks and web apps.

08:20

But if you want to

08:24

change the configuration settings of beef, I just did control C to exit or get out of that or stop that program is I want to do G edit, which is what we installed before. Right. Config dot Yeah mo

08:37

now I'm trying to do my tab completion

08:39

and we can see here that we can configure it from our username and or password. If you install this off the bat, it may yell at you because it doesn't like having beef as the username and the password. I changed mine to feed but I like using G. Edit. I find it to be a great text editor

09:01

so I know we just talked about beef but here's our quick quiz question. What is the beef framework? Is it's what's for dinner? What's for dinner? Does it focus on client side browser exploitation or is it the gooey version of end map?

09:13

Uh huh.

09:15

Well you should know this one.

09:20

It focuses on client side browser exploitation and we'll get into this a bit later in our web attacks section.