Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.

Published byMaud Wiggins Modified over 8 years ago

Similar presentations

Presentation on theme: "Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion."— Presentation transcript:

1 Kali Linux BY BLAZE STERLING

2 Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion

3 What is Kali Linux?  Advanced penetration testing and security auditing linux distribution  300+ build in penetration testing tools  Free / Open source  FHS (File Hierarchy Standard) compliant  Secure development environment  Spin off of Backtrack

4 Using Kali Linux  Install to hard disk  10 GB disk space  USB / CD-DVD  Live USB Install  2GB capacity  Win32 Disk Imager  Android 2.1 + devices  5 GB free space  Network install  Virtual Machine  Run in side another OS

5 Included Kali Tools  Information Gathering  Dnsdict6  Nmap  Urlcrazy  IDS/IPS (Intrusion Detection/Protection System)  Fragrouter  Network Scanners  Dnmap  Netdiscover  Traffic Analysis  intrace

6 Included tools continued  Vulnerability Analysis  Cisco tools  Yersinia  Web Vulnerability Scanner  ProxyStrike  Cadaver  Wireless Attacks  Bluelog  Spooftooph  Wireless Tools  Aircrack

7 Information Gathering Tools DNSDICT6  Finds all sub-domains of a website or web server  Enumerates all IPv4 and IPv6 addresses to extract dumps  Sub-domains  IP information  Powerful for extracting sub domains that are restricted  Tutorials Online  Google  Youtube

8 Information Gathering Tools NMap  Security Scanner  Gordon Lyon  Discovers hosts and services on a computer network and creates a map of the network  Special Packets  Analyzes reponses  Host discovery  Service discovery  Operating system detections

9 IDP / IPS Fragrouter  Intercepts, Modifies, and rewrites traffic destined for a specified host  Routes network traffic in a way that eludes IDS  Uses  Test IDS timeout and reassembly  Test TCP/IP scrubbing  Test firewalls  Evade Passive OS fingerprinting

10 Network Scanners DNMap  Framework for distributing nmap scans among many clients  Client/Server architecture  Server knows what to do  Clients do it  Clients work when server is offline  Real time statistics of the clients and their targets  Scans very large networks quickly

11 Traffic Analysis Intrace  Works along the same lines as Fragrouter  Enumerates IP hops exploiting TCP connections to display the path of packets over the network  Network reconnaissance  Who is connected to who  Firewall bypassing

12 Vulnerability Analysis Cisco Auditing Tool  Perl script that scans cisco routers for common vulnerabilities  Default passwords, usernames  Easy to guess names and passwords  IOS bug history  Hijack a router  Test router security  Password  username

13 Web Vulnerability Scanner ProxyStrike  Active web application proxy designed to find vulnerabilities while browsing a web application  Mainly javascript  Sql injection and XSS plugins  Listens to port 8008 and analyzes all the parameters of applications running in the port for vulnerabilities

14 Wireless Attacks Bluelog  Bluetooth scanner and logger with optional web front-end designed for site surveys and traffic monitoring  One of the only ones with a UI  Find devices with Bluetooth enabled  Records logs of all traffic over Bluetooth

15 Wireless Tools Aircrack  802.11 WEP and WPA-PSK key cracking program that can recover keys once enough data packets have been captured  Steal internet  Gain unauthorized network access  One of the fastest network key cracking softwares

16 Conclusion  Security focused Linux Distribution  300+ security tools  Spin off of popular backtrack  Multiple ways to run  Hard drive  USB / Live CD  Virtual Machine  Detailed Look at some tools  To many to cover them all

17 References  http://www.hackingloops.com/2013/03/dnsdict6-hack-tool-tutorial- know-your-backtrack.html http://www.hackingloops.com/2013/03/dnsdict6-hack-tool-tutorial- know-your-backtrack.html  http://www.kali.org/official-documentation/ http://www.kali.org/official-documentation/  http://zer0byte.com/2013/03/19/kali-linux-complete-tools-list- installation-screen-shots/ http://zer0byte.com/2013/03/19/kali-linux-complete-tools-list- installation-screen-shots/  http://en.wikipedia.org/wiki/Nmap http://en.wikipedia.org/wiki/Nmap  http://www.monkey.org/~dugsong/fragroute/ http://www.monkey.org/~dugsong/fragroute/  http://santoshdudhade.blogspot.com/2012/10/cisco-auditing-tool- v1-perl-script.html http://santoshdudhade.blogspot.com/2012/10/cisco-auditing-tool- v1-perl-script.html

Download ppt "Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
Hacking Web Server Defiana Arnaldy, M.Si 0818 0296 4763.

Hacking Web Server Defiana Arnaldy, M.Si
Linux Deploy This application is open source software for quick and easy installation of the operating system (OS) GNU/Linux on your Android device. The.

Linux Deploy This application is open source software for quick and easy installation of the operating system (OS) GNU/Linux on your Android device. The.
Hands-on Networking Fundamentals

Hands-on Networking Fundamentals
1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.

1 The SpaceWire Internet Tunnel and the Advantages It Provides For Spacecraft Integration Stuart Mills, Steve Parkes Space Technology Centre University.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
2013Dr. Ali Rodan 1 Handout 1 Fundamentals of the Internet.

2013Dr. Ali Rodan 1 Handout 1 Fundamentals of the Internet.
Packets and Protocols Recognizing Attacks with the protocol analyzer.

Packets and Protocols Recognizing Attacks with the protocol analyzer.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.

1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
What is FORENSICS? Why do we need Network Forensics?

What is FORENSICS? Why do we need Network Forensics?

Similar presentations

Ads by Google