This post has been requested by more than 40 times for a part two on my recent article by more than 500+ people discussing about: How To Hack wifi WPA2-PSK using KALI LINUX. – https://go.shr.lc/33m0JUm So, i have written a part two of that article for all with the basic introduction about kali linux.
And today we will focus on Where to download Kali linux? How to use it? What are the most famous tools for using it? What is kali Linux used for?
Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing.
1. What is Kali Linux?
Kali contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company. all introduction by: kali.org
Is Kali Linux illegal?
Kali Linux is just a tool. It is illegal when you use a tool for hacking and not when you install it for useful purposes like learning or teaching or using it in the way to fortify your software or your network. … It is not illegal to install any Operating System which is available for download and is properly licensed.
What is penetration testing? – (FOR NOOBS)
Penetration testing helps developers to understand their Softwares, CMS’s, Back-ends, Codes & Projects better. Penetration helps developers to know the vulnerabilities and Bug’s in their projects and softwares. – short defination.
A penetration test, colloquially known as a pen test, pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system. Not to be confused with a vulnerability assessment.The test is performed to identify both weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system’s features and data, as well as strengths. enabling a full risk assessment to be completed.
The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal. A penetration test target may be a white box (which provides background and system information) or black box (which provides only basic or no information except the company name). A gray box penetration test is a combination of the two (where limited knowledge of the target is shared with the auditor). A penetration test can help determine whether a system is vulnerable to attack if the defenses were sufficient, and which defenses (if any) the test defeated. – wikipedia.
- More than 600 penetration testing tools included: After reviewing every tool that was included in BackTrack, we eliminated a great number of tools that either simply did not work or which duplicated other tools that provided the same or similar functionality. Details on what’s included are on the Kali Tools site.
- Free (as in beer) and always will be: Kali Linux, like BackTrack, is completely free of charge and always will be. You will never, ever have to pay for Kali Linux.
- Open source Git tree: We are committed to the open source development model and our development tree is available for all to see. All of the source code which goes into Kali Linux is available for anyone who wants to tweak or rebuild packages to suit their specific needs.
- FHS compliant: Kali adheres to the Filesystem Hierarchy Standard, allowing Linux users to easily locate binaries, support files, libraries, etc.
- Wide-ranging wireless device support: A regular sticking point with Linux distributions has been supported for wireless interfaces. We have built Kali Linux to support as many wireless devices as we possibly can, allowing it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices.
- Custom kernel, patched for injection: As penetration testers, the development team often needs to do wireless assessments, so our kernel has the latest injection patches included.
- Developed in a secure environment: The Kali Linux team is made up of a small group of individuals who are the only ones trusted to commit packages and interact with the repositories, all of which is done using multiple secure protocols.
- GPG signed packages and repositories: Every package in Kali Linux is signed by each individual developer who built and committed it, and the repositories subsequently sign the packages as well.
- Multi-language support: Although penetration tools tend to be written in English, we have ensured that Kali includes true multilingual support, allowing more users to operate in their native language and locate the tools they need for the job.
- Completely customizable: We thoroughly understand that not everyone will agree with our design decisions, so we have made it as easy as possible for our more adventurous users to customize Kali Linux to their liking, all the way down to the kernel.
- ARMEL and ARMHF support: Since ARM-based single-board systems like the Raspberry Pi and BeagleBone Black, among others, are becoming more and more prevalent and inexpensive, we knew that Kali’s ARM support would need to be as robust as we could manage, with fully working installations for both ARMEL and ARMHF systems. Kali Linux is available on a wide range of ARM devices and has ARM repositories integrated with the mainline distribution so tools for ARM are updated in conjunction with the rest of the distribution.
Kali Linux is specifically tailored to the needs of penetration testing professionals, and therefore all documentation on this site assumes prior knowledge of, and familiarity with, the Linux operating system in general. Please see Should I Use Kali Linux? for more details on what makes Kali unique.
2. How to download Kali Linux in your Sytem?
Go to their official site here and follow the original procedure to download the original files. As i have told you above that libraries and and all modified code is available to all in the git development tree. this code is free of cost and is available to everyone to get their work done by modifying the code as needed. DOWNLOAD KALI LINUX here.
3. Why you shouldn’t download Kali Linux from any Unofficial Source?
Never download Kali Linux images from anywhere other than the official sources. Always be sure to verify the SHA256 checksums of the file you’ve downloaded against our official values. It would be easy for a malicious entity to modify a Kali installation to contain exploits or malware and host it unofficially. Downloads are rate limited to 5 concurrent connections.Kali Linux Organisation
4. Kali Linux Installation Requirements – System
The installation requirements for Kali Linux vary depending on what you would like to install. On the low end, you can set up Kali as a basic Secure Shell (SSH) server with no desktop, using as little as 128 MB of RAM (512 MB recommended) and 2 GB of disk space. On the higher end, if you opt to install the default XFCE4 desktop and the kali-linux-default meta-package, you should really aim for at least 2048 MB of RAM and 20 GB of disk space.
5. Experiments using kali linux – (source)
Nmap or “Network Mapper” is one of the most popular tools on Kali Linux for information gathering. In other words, to get insights about the host, its IP address, OS detection, and similar network security details (like the number of open ports and what they are).
It also offers features for firewall evasion and spoofing.
Lynis is a powerful tool for security auditing, compliance testing, and system hardening. Of course, you can also utilize this for vulnerability detection and penetration testing as well.
It will scan the system according to the components it detects. For example, if it detects Apache – it will run Apache-related tests for pin point information.
WordPress is one of the best open source CMS and this would be the best free WordPress security auditing tool. It’s free but not open source.
If you want to know whether a WordPress blog is vulnerable in some way, WPScan is your friend.
In addition, it also gives you details of the plugins active. Of course, a well-secured blog may not give you a lot of details, but it is still the best tool for WordPress security scans to find potential vulnerabilities.
As i have told you in one of my recent articles how you can Crack almost any WiFi Network and get into it using Airgeddon : Read the full article here.
Aircrack-ng is a collection of tools to assess WiFi network security. It isn’t just limited to monitor and get insights – but it also includes the ability to compromise a network (WEP, WPA 1, and WPA 2).
If you forgot the password of your own WiFi network – you can try using this to regain access. It also includes a variety of wireless attacks with which you can target/monitor a WiFi network to enhance its security.
If you are looking for an interesting tool to crack login/password pairs, Hydra will be one of the best Kali Linux tools that comes pre-installed.
It may not be actively maintained anymore – but it is now on GitHub, so you can contribute working on it as well.
Want to read more tool experiments – Comment below with the process name to get that article individually.