What is Kali Linux | Kali Linux Hacking Tutorials | Ethical Hacking Training | Edureka Rewind

edureka! · Beginner ·🔐 Cybersecurity ·2y ago

Key Takeaways

Covers Kali Linux basics and features for ethical hacking

Full Transcript

a security focused operating system is a hacker's best friend as it helps them to detect the weaknesses in computer systems or computer networks it's time to pass the archaic Windows versus Linux discussion and switch over to some Advanced operating systems dedicated to pen testing and ethical hacking hey guys I'm archana from edureka and I welcome you to this session on Kali Linux a leading Linux distribution and penetration testing and ethical hacking so guys without any delay let's go ahead and take a look at topics that we will be talking about today so we will Begin by having a brief discussion on history of Kali Linux then we'll explore different installation options offered by Kali Linux and also discuss step-by-step procedure on how to install Kali Linux on operating system and finally once we installed Kali Linux successfully on operating system we'll explore different Kali Linux tools to understand how powerful Kali Linux can be so I hope agenda was clear to you guys let's get started then so whether you want to pursue a career in information security or you're already working as a security professional or if you're just interested in the specific field for fun or decent Linux distro that suits your purpose is always a must well currently there are countless Linux distorts meant for various purposes in this session we will be discussing one of the top Linux distribution meant for ethical hacking which is Kali Linux so let's get started there Kali Linux is the industry's leading Linux distribution and penetration testing and ethical hacking it is a distribution that offers tons and tons of hacking and penetration tools and software by default it's widely recognized in all part of the world even among Windows users who may not know even what linuxes are using Kali Linux these days but guys while to be precise color Linux was developed by offensive security as rewrite of backtrack now you might be wondering what backtrack is Right backtrack was a Linux distribution that focused on security it was used for digital forensics and penetration testing its first version was released on May 26 2006 and in the subsequent years different versions of backtrack were released with updates and advanced features and finally on March 2013 Defensive security team rebuilt entire backtrack architecture around Debian distribution and released it under name Kali Linux so that's how Kali Linux came into existence so guys now you know how color Linux was introduced to this world but the question is why should you choose Kali Linux when you have other choices like parrot backbox black Arc and many more let me list out few reasons as to why Kali Linux is the best first and foremost Kali Linux offers more than 600 penetration testing tools from various fields of security and forensics secondly it offers multi-language support although penetration tools tend to be written in English Color includes multilingual support this way more users can operate in their native language and locate the tools they need for the job that they want to do on Kali Linux moving on Kali Linux is actually built in Secure environment actually Kali theme is made up of small group of individuals those are the only ones who can commit packages and interact with repositories all of which is done using multiple secure protocols so basically it is built on a secure environment and moving on one of the Striking feature of Kali Linux is that it supports wireless devices it is built in such a way that it supports as many wireless devices as it possibly can this way it runs properly on wide variety of hardware and is compatible with numerous USB and other wireless devices very easily kala Linux like backtrack is completely free of charge and always will be you will never ever have to pay to use Kali Linux and finally Kali Linux offers you customization option so if you're not comfortable with current Kali Linux features you can customize color Linux the way you want so guys I guess the reasons which we just discussed are an FAU to start using colored Linux right let's proceed then so apart from all the benefits which we discussed earlier Kali Linux offers different installation options one way of installing Kali Linux is by making a Kali bootable USB drive this is one of the fastest way of installing Kali Linux and most favorable as well it's favorable because it's non-destructive so if you're using USB to install then no changes are need to be made to your host systems hard drive right so it's non-destrictive it's portable you can carry USB wherever you go and it's easy to install and lastly it's potentially persistent you can configure your color Linux live USB drive to have persistent storage so that data you collect is saved across different reboots so suppose you have installed it and you've performed something and you have some data which is stored if you want to use that data for next time as well you can use persistent storage option with live USB installation process moving on there is color Linux hard disk install installing color Linux on your computer using a hard disk is an easy process but you should make sure that your computer has compatible Hardware with color Linux so that the process of installation goes on very smoothly you can also install Kali Linux alongside your operating system as dual boot it could be Windows or Mac but you should exercise caution during setup process so that installation of Kali Linux don't mess up with your actual host operating system which is Windows or Mac you can use virtualization software such as VMware or virtualbox to install Kali Linux as well as for this session I'll show you how to install color Linux on VMware guys apart from these you can also set up color Linux on arm devices arm usually refers to Advanced risk machines like Raspberry Pi qubit truck trim slice and many more so if you want to know more about how to use Kali Linux on these arm devices and are different many other installation options you can actually explore them in the official Kali Linux website documentation so go ahead guys just don't stick to one way of installing it explore different way of installing it and start using it so guys that's it with the theory part of the session let's go ahead and install Kali Linux and explore different tools so guys if you want to install Kali Linux the first thing you should do is download ISO file or image of Kali Linux for that you need to go to official Kali Linux website which is www.kali.org and under that there's downloads under download you have download color Linux options just click on that as you can see It'll take you to a page where you can see different download options so let's explore this page it says Kali Linux 64-bit 32-bit so basically if you click on this torrent or HTTP link it will download an ISO file for you suppose if you want to learn how to install Kali Linux from step one till last step then it's better that you install ISO file and start installing Kali Linux using that ISO file but if you want to skip the entire process just want to use the image or start using Kali Linux then you can go for this option it says color Linux 64-bit VM for VMware and or 32-bit VMware or 64-bit virtualbox and 32-bit virtualbox since we're already learning let's just use ISO file and learn how to install Linux using ISO file so minus 64-bit so I'm just clicking on color next 64-bit I've already downloaded it so you can either Download torrent version of it or HTTP version of it so yeah I'm going to skip that part so I hope you can download without any problems okay then make sure you are using either virtualbox or VMware I'm using VMware here so let me go to my VMware yeah here it is VMware box station Pro so as you can see on my VMware I already have a color index and metasploitable 2 as well yeah anyway on VMware if you have installed ISO file then if you want to install Kali Linux then you can click on create a new virtual machine option and start installing it from beginner and suppose if you have installed an image which is suitable for VMware or virtualbox in this case VMware then you can just click on open a virtual machine here and attach the image as you can see it is a displayable image if I click on that and click on open then the image will be installed here well I'm just showing you how to do it if you have downloaded the image anyway since we have installed ISO file and extracted it let's use create a new virtual machine option here so let's go for typical the difference here between typical and custom is that typical it skips most of the steps so after installing we can make additional settings but if you want to make all the settings before installation itself then you can use custom here but let's use typical click on next and here it says install disk image file ISO option it mentions you so browse I have it in my local disk D so here it is color next pause this is the version so if you're wondering if this is ISO file or not let me just click on properties and show you that it is an ISO file as you can see it is an ISO file here so yeah so just click on that and click on open and click on next it says select Our Guest operating system I want it to be Linux so Linux distribution and make sure you click on Linux kernel whichever it does if you're using 32-bit 10 32 well minus 64 bits so I'm just clicking on that and click on next here we go just give it a name let's say Kali and where I want to store it it says on the username documents virtual machine Kali yeah sure and then click on next so well you can assign memory Hall let's say 40 GB well if you want to design lesser than that you can go ahead and design lesser than that you can always make changes later so next thing it's it are stored virtual disk as a single file or split virtual disk into multiple files I want to choose store virtual disk as a single file so that I won't face problem again with my hard disk later on just don't want all the files to be like half the files to be on the one distribution and other have to be another distribution and all that so let's just select store virtual disk as a single file here and click on next this so before you click on finish you can just review whatever you've done it's the right now memory 768 MB we can always change that and the network adapter is not yeah well you haven't customized of Hardware yeah but just okay then let's just adjust it before only click on customize Hardware so guys here as for the memory it totally depends on what you're using colored mix for if you're using for heavy scanning or interacting with other web application penetration websites like press Portable 2 and all you might have to assign more memory otherwise your Kali Linux system will be very slow let me just design um 2GB here yeah that sounds fine enough and as for the processors you can always retain it one and as for the number of code processors I'm assigning two if you have already attached ISO file and network adapter here we are using only color Linux suppose if you are using meta's plot table 2 it's basically another virtual machine which has applications with vulnerabilities if you want to perform web application penetration testing so in that case if you use Nat option both your metas portable 2 and your Kali Linux will get same IP address as your host machine if you use Nat option here so instead of that you can use Bridge connection well as for now we'll just use Nat only moving on you can just retain default settings same for the printer and as for the display you can click on accelerated 3D Graphics here and 768 MB is usually the recommended amount of memory that you can use for graphics and click on close so you can see the changes have been made here are reflected here as well so click on finish so here we go guys so there are two ways you can power on your Kali Linux which we just set up in virtual machine you can click here power on this virtual machine option or you have this option here we'll just click this so like I said earlier if you want to make any changes you can just click on edit virtual machine settings here and change the memory or the hard disk processors or the display setting anything you want so let's say I'm satisfied with the current settings I've made and I'm going to click on power this virtual machine so guys as we discussed earlier we have discussed different installation options right as you can see you have live Mode live mode with persistence live USB mode with encrypted persistence as well most of the time you might see the install option here and click on that but when you click on that it will take your command line interface so basically you should interact with Kali operating system using command line interface which probably may not be a good option if you're just a beginner in Kali Linux so always go for graphical install here and click on enter so it will start mounting storage devices here it is on the installation page it's asking for the language that you want to use like I said Kali supports multiple languages and suppose if you want to use your native language you can go ahead and use it let's retain English for this demo purpose so yeah English and click enter it says it's short list of locations based on the language you selected let's say United States and American English I'm just retaining the default settings here so it will start detecting ISO file and load installation component here as you can see it says load installer components from CD so guys entire installation process might take about six to seven minutes it's detecting Network Hardware so if you have successfully completed the first step and second step it should take you to this page it's basically the host name it's asking for so let's just retain it as Kali only now if you want to give anything else you can do that and just click on continue and next thing it does is it asks you for a domain name let's say you have set of virtual machines and if you're using all virtual machines together and if you want to assign a domain name for all these virtual machines you can go ahead and do that as for now I'm just leaving it blank and click on continue well since you have set up the username you will have to set up root password as well right so let's just give it a something you can give whatever you want and make sure you've given the right one and the second time as well and click on continue here so the best thing is it even asks for the date and time settings as well if you have made any error here you can always go and set your date in time after your Kali Linux is installed and booted up so let's just say Eastern let's say Eastern I'm just using that and click on continue it says config in the clock it's detecting partition this partition well basically disk partition is nothing that it's just you want to retain your entire virtual machine or color Linux on use an entire disk or if you want to partition half this for some other purpose and all that you can just always go ahead with guided use entire disk option click continue and then it says manually select the device so this is the virtual machine 42.9 GB VMware where the storage partition will be done so I'm gonna click on enter yeah like I said I want all partitions to be done in one file so click it says if you're short then you can just go ahead and click enter or continue so that the partition is done continue and it's asking if you want to write the changes to disk whenever some changes are made definitely yes so click on yes and continue so it will start partition and install the virtual machine it's gonna take a while so I'm gonna return to you guys once the installation is done here so yeah guys it took a while but it's asking for the next step let's configure the packet manager so basically it's asking whenever there's an update of your Kali Linux image if you want to do it immediately as in automatically or if you want to specify updates as well so let me just say no and click on continue it says configuring the packet manager installing packet manager and configuring and after installing packet manager and configuring it says install grub bootloader on a hard disk yeah to install it was fast then it's asking if you wanted to install grub bootloader to the master boot record or not basically whether you want to use your master boot record or not let's just say yes and continue it says enter device manually this is the one which you want to use continue and the installation of grub bootloader will continue it shouldn't take fast and it says finishing the installation so finally guys it says installation is complete so it's time to boot your new system make sure to remove the installation media so like I said if you've used USB or hard disk or anything of that sort this is the time that you'll have to remove but right now you're not using anything so let's just say continue once the installation is complete properly it should take you to this name so if you remember you've given username and password during the installation process but if you're logging in for the first time basically just give it as root otherwise you'll get an error later on you can change your username password so yeah guys here we go so this is your Kali Linux page as in the home page as you can see under applications you have different kind of applications you have information gathering you have vulnerability analysis web application analysis where you perform web application penetration testing password attack that's if you want to know the password of a login page or any website or us as such and database assessment tools as well then you have wireless attacks tools which you can use to perform Wireless attacks the most popular one is your aircrack NG and you have sniffing and spoofing if you want to change your Mac address and all that you can use so we have mac changer here today we'll be exploring Mac changer and you have exploitation tools such as proxy chains and forensic tools as well then you have social engineering tools as well and different kind of system Services then the most popular one is you have beef start and beef stop so guys I hope at this point you should be able to install Kali Linux without any errors well if you face any kind of Errors while installing or if the image is not proper or any kind of Errors you can post them in the comment section will definitely get back to you so yeah now that we know how to install Kali Linux on VMware the procedure is very similar on virtualbox as well so you don't have to worry about it but I suggest that once you get to know how to install from Step One the last step go ahead and use color Linux images which are there for virtual machine and virtualbox which which you saw in the official website earlier so yeah let's get to exploring different tools here so as for today we'll be exploring about four to five tools let me go back to slides now so guys the first step of ethical hacking or web application penetration testing is anonymity imagine if a pen tester or a hacker if it didn't take any steps to anonymize himself he would certainly get caught by firewalls or digital forensic investigators or Internet service provider logging Checkers Etc right it's definitely not good so there are different tools or services that you can use to anonymize yourself as for the basics you can use set of proxies you can use Virtual private Network and some kind of IP address so as I said earlier first step of ethical hacking is keeping yourself Anonymous and you can use proxies VPN some kind of IP address or Tor but mostly there are two popular ways you can do that you can use proxy chains which I showed you earlier in different kind of tools offered by color Linux so basically proxy chain adds up numerous proxies and it will use a service called Tor to deliver you anonymity so that it will become more difficult to pinpoint your actual IP address and secondly This Server is called Anon surf it is a really good script that was first made by parrot security but now it's been edited so that it will work in color Linux as well so what I want to say here is that it's not by default installed in color Linux but that's not a problem as at all you can clone it using git so it is an easy and effective way to remain anonymous on your Kali Linux system let's explore and answer of more let's go back to color Linux let me just click on the Firefox here so like I said earlier guys it's not there by default before that let's just go back to Applications here so under applications with it C proxy chain right under post exploitation we have proxy chains like I said proxy chain is offered by color Linux so it's installed by default but compared to a non-surf it's quite complex so let's just go with Anon serve today so yeah let me go to Firefox and search for a non-self you search for a non-surf in the web server and it's most probably almost all the time it's the first link that you find so click on that it's the GitHub link and if you scroll down here it says clone and download you will have to copy this link Ctrl C sorry about that guys yeah and let's just go back to terminal in the terminal you'll have to use git and before you ask get is by default install in Kali Linux so you have clone and copy the one which you just as in paste the one which you just copied and click well it says destination path curly and on surf is already there that's because I've already installed so just click LS and you can find color Linux folder here here it is so just open the folder and on soft and enter and Under LS and you'll have to check for the files under Kali and answer you have a file which says shell basically it's a shell script to install an unserve so what should you just install it installer dot yes H and just click on enter I'm not gonna do is pick it's gonna take a while so if you just do that it's gonna install an on surf on your Kali Linux so let me clear the stuff and CD go back so guys now an answer is properly installed so if you want to make sure if it is properly installed or not just say an answer of start well I made a mistake and on surf and start so like I said earlier guys and on surf offers Anonymous mode through Tor well if you're wondering what Taurus it protects you by bouncing your Communications around a distributed network of relays which are run by volunteers all around the world so basically what it does is it prevents somebody from watching your internet connection from learning what sites you're visiting and it also prevents the sites you visit from learning about your physical location if you're using proxy chains you will have to install doors completely and start linking proxy chains with tar so that they work together but the good thing with an answer is that you don't have to install door so as you can see it says store is not running so it's starting it for you so an answer basically is dot star for you by itself so if you want to know all the commands under an answer just type for help command so as you can see it's a service or script which is released by Paris security so as you can see it is parrot and yeah you basically have all the commands which are self-explanatory right it's a start once you use this option it start system by anonymity and stop if you want to stop using Anonymous mode restart instead of clicking start and stop again you can just click on restart to start the entire process again change suppose if you want to change your IP address you can just use this change status so once you start and on surf if you want to check the status of anon soft then you can use this option and then there is my IB yeah let's just ignore these two services for now okay so let me try and answer of start again or let me just check the status since I've already started it earlier and on serve SDA to us as you can see let me maximize the screen it's a starting anonymizing overlay Network for TCP yeah it's active since the date and time so we are Ctrl Z and let me clear the stuff for you now let's say I'm going to check the IP which has been assigned to me then and on serve my IP click enter it may take a while but it will show you the IP address which has been assigned to you as you can see it says this is IP address well you can do this number of times now we'll have to get back to Firefox terminal to see where the IP address actually belongs to so you will have to search for check for DNS leaks and your DNS leak test click on that so guys as you can see this is the IP address which has been assigned to me and right now though I'm not a Netherlands it says from Netherlands well you can try this again and again so like I said the first step when you do anything of this sort as in web penetration testing or learning how to hack and all that stuff it's best that you set yourself Anonymous before you start doing things so yeah we've explored our first tool which is an answer though it's not native tool of Kali Linux it's a tool which is usable in Kali Linux so yeah there we go guys now let me get back to terminal well you can do this again let's say an answer start and let me check my IP this time okay let me just use change here haven't changed right change so as you can see it didn't work here because I just started without stopping it before so I've been assigned with the same IP which was there before so change yeah it's forced to change the notes Let Me Clear the stuff for you and my IP as you can see the IP address designed to me is difference then I can go ahead again check for DNS leaks it'll definitely show me different place so yeah guys that's how you set you make yourself Anonymous either you can use proxy chains or an answer while you can always go ahead and use an answer that's basically easy so guys yeah there we go and let me show you one more tool our applications under sniffing and spoofing there's something called Mac changer here right sorry about that yeah Mac changer while the objective of Mac changer is to change or fake an original network cards Hardware Mac address let me delete you again so the main aim here is you will either want to change or fake an original network cards Hardware Mac address but if you ask me it's not as powerful as an answer or proxy chains but you can use it very comfortably with local networks like your office Network or home network or your personal network but if you want to perform very huge scans over Network and all it's not recommended anyway let's see how to change MAC address using Mac changer on Kali Linux so go back to terminal and like I said earlier Mac changer is by default install in Kali Linux so just click Mac changer and help yeah and like I said like I said earlier again the options are self-explanatory so you have different options here you have iPhone 8 to set random as in to change the MAC address and hyphen s which prints the MAC address which you just changed and suppose and what else is there yeah the version print version and exit so yeah well we'll be exploring two to three options here firstly let's just check for the current MAC address for which we'll be using iPhone's command so Mac changer iPhone S oh it says options device yeah we've missed the device so before that let me clear the screen if config so right now it's the network card which my color link is using is ET at 0 so that's my device name let's go back to match change again mag change help and click so yeah here we go so well I think it's not visible to you guys probably right let me clear the screen yeah Mac changer hyphen yes device name was eth zero right click as you can see it shows me two Mac addresses current MAC address and permanent Mac address just remember one thing this permanent Mac address belongs to your network interface card that's et0 which currently the device which we just checked the MAC address for now suppose this Mac address which you can see here it basically specifies us the address of the device which you're using so the first three digits here they belong to manufacturer and these are the things which You're Gonna Change the last three digits so let's say mac changer and iPhone a is the option which you want to use to change the IP address so Mac changer hyphen a and ET at 0. so as you can see this the current MAC address permanent Mac address and the new Mac address that's been assigned is completely different from the current and the permanent Mac address and like I said the first three digits displayed the manufacturer of your device and here by default it will assign you some default manufacturer it says newcombsystems.in now if you want to check if the MAC address has been properly changed or not again use the iPhone S command and click as you can see right now the current MAC address and the permanent Mac address are not same so our current MAC address has been changed and the manufacturer of a current MAC address is newcom systems dotting so there you go guys like I said it's not as powerful as a non-serve or so it won't keep you Anonymous like for the entire network or something but it's good for the local networks such as office networks or home network so you can go ahead and do that so if you want to remove all the changes which you just made the command that you have to use is iPhone G so Mac changer and here I go the iPhone P anyway well not to make mistakes let's just stripe health huh the life in G command is not there at all my life and P it stays written reset to original permanent Hardware map so yeah iPhone P now let me check again by using iPhone S as you can see my current MAC address has been reset to the one actual settings so there you go guys now you know how to use Mac changer to change MAC address whenever you need it so we're finding out the manufacture of network interface card you can find out who actually is using the device so it's important that you remain yourself Anonymous whether you're using a small Network like your home network or office Network or if you're using a huge Network well if it's for huge purposes then you can always go ahead and use Anon Surf and proxy chains so there you go guys we are done with our second tool which is Mac changer in the previous sessions by edureka under cyber security I have used two other applications which are usually burpswich and what was the other one SQL map so if you want to know more about those Services as well you can go ahead and look into the web application security video It's usually the video is all about how to perform an SQL injection and web application penetration testing so basically they're a used SQL map which usually comes here let me just show that to you yeah under web application analysis you can see SQL map here you can use SQL map to find out the vulnerabilities that are present in your application I used application which was made for penetration testing and I found out the vulnerabilities in that application using SQL map and I extracted the information I want so if you want to know more about SQL map you can go ahead and watch the video well I have specified the use of SQL map here as well so yeah there you go then in the same video I've used one more tool called bobswick it's basically a graphical tool for testing web application security it has multiple purposes so as again it's tool which is by default installed in Kali Linux so you can just click on Bob switch here which should open up let's explore different features over there as well so it says I accept and yeah let me just click on temporary project and next yeah I'm gonna use default settings because I'm not going to show you how to use it if you want to know how to use it like I said you can again refer to the previous video I called application security by edureka there you will know how to use SQL map as well as proxy so as you can see it has different options here and the main purpose of it is proxy that is it operates as a web proxy server or interceptive proxy so basically what it does is it sits as a man in middle between the browser and the destination web server this allows interception inspection and modification of traffic that is passing it between your browser and your destination web server and and there we go proxy we just explored it under that HTTP is option which you can use to set a proxy and there's something called a scanner here right yeah scanner it's a web application security scanner it's used for performing automated vulnerability scans on web applications so if you have any application that's vulnerable if you perform a scan on it it will show you all the vulnerable point in that application so that you can exploit those vulnerabilities and start hacking or malicious attack on the application then there's an intruder it performs automated tasks on destination and there's repeater it's a simple tool that can be used to manually test an application while it can be used to modify requests to the server you can resend them and observe the results yeah there's a sequencer then there's decoder it's a tool for transforming encoded data into its canonical form or the vice versa that's transforming raw data into various encoded and Hast forms and then there is compare it's usually a tool for performing a comparison with basically a visual difference between any two items of data while you have many other options as well like extender and alerts and all such so basically this is how you can use bobswick for your different purposes let's move on to our next tool yeah I want to close it s so guys up to this point we have explored an answer and Mac changer as to how to set yourself Anonymous while you're doing hacking or web application penetration testing and the next thing we explored was burpswich I showed you a different services that are available on the bobswick and what you can do using them and I've just mentioned SQL map as well if you want to know more like I said earlier you can refer to application security video by a director under cyber security playlist now moving on the next step in ethical hacking is that as a ethical hacker you should know who you are attacking right so before attacking you should gather information about the target like IP address or other information about website like different kind of websites or the IP address of the website and as such well there is one popular tool using which you can gather information about your target which is nmap it's a very popular tool this is a tool which you must know if you're using Color Linux basically it's a food printing tool so let's just see it in under applications you have it under information gathering as as well and map you can see an eye symbol here yeah and you have it under vulnerability analysis as well it's a food printing tool that gathers all kind of information about Target and by default it's installed in color Linux all you should do is click in map here and enter and it's going to specify you hold a lot of help options here yeah so it says Target specification you can discover all information about host scanning techniques and yeah script scanning again do a detection of operating system and all that so like I said it's a full printing tool that gathers all kind of information about your target they support it basically it's supported in every ethical hacking platform now if we scroll down well if you are a learner if you don't know what nmap is if you're seeing it for the first time if you scroll down it says it's specify two or three examples asking you what to do so as you can see here it says nmap hyphen V command and iPhone a scan name.nmap.r org so basically hyphen a here actually refers to aggressive scanning so if you want on just a top scanning as in just scanning of basic details they can just use nmap and the website name but suppose if you want to get a detailed scanning then you can use iPhone we'll be doing both the stuff today here so guys like I said earlier you can't just go ahead and do what I do it on anywhere any web application there is on the internet well it's definitely illegal right since this is for the educational purpose nmap provides a default website which says scan me as an it's made for the purpose of learning so let's just go back to Firefox it's not open let me open the Firefox yeah scan me.nmap.org org and click yeah this is it guys so you can scan this website any number of times in a day but it says don't scan for 100 times a day or use this site your SSH Brute Force password cracking tool so basically this if you do more than 100 times a day it might not work it says not to hammer on the server too hard basically it means don't use more than 100 times or anything so basically you can scan this website for vulnerabilities or nmap scanning here so let me clear the stuff yeah before that apart from these you can also see multiple other options here well I forgot to say iPhone V is nothing but you can see it says it's basically the war boost or the version number it says wife and V it increases the verbose level or basically it specifies the wobbles which in turn specifies the version number of your operating system or anything as such yeah the Apache server or PHP file anything that your application using if you want to know the version number you can use iPhone V command and as for a I already explained it specifies the aggressive scanning and there's another option suppose if you're using a home network or work Network or school network you have set of IP addresses right so instead of scanning one suppose you want to scan from this range to this range as in you want to scan from this IP address to this IP address particular range then you can specify by using this command here now let me clear the stuff and let me just let's scan the scan me.nmap.org so nmap scan me I'm just removing every option there is I'm just using the basic scan and map.org so guys yeah it took a while but it has returned the scan results as you can see it says the latency it is taken for it to scan the entire website is about yeah this is the latency and it says it took about 93.56 seconds and as you can see it shows that 999 four ports are closed ports here and there are about few ports which are open about four as you can see it says four and here it is this port and both of this ports guys nmap can scan about 65 000 ports by every time you use nmap by default it will scan about thousand ports so that's why it took a while for it to scan the website but like I said guys this is the basic thing this and hacker will definitely not do this because it's a lot of time consuming and why would he need information about all the puts there is so he's gonna Target only on some specific ports that he wants to for that like I said earlier which is nmap iPhone health so let me just and map sorry about that guys like I said he uses this format as in the range of IP addresses to know about the ports or the information he wants so let me go up so here it is the scan results as you can see it says this is the address of the website which is scan me.nmap.r so now if I give this it should specify the website back right so let me copy this stuff say copy and scroll down let me clear the entire thing and map and I'm gonna paste yeah click it's a scan again it's showing the same information so it's working so guys now if you know how powerful and map can be this is just the basic or the scratch of what you can do using nmap so basically using this you can scan any website or you can find information any information that you want about Target so go ahead guys I haven't used if any option which says aggressive scanning so if you're doing this after watching this video then go ahead and use nmap hyphen a and scan me Dot and map if you know how to use it it's quite simple though but as for today's session we won't be discussing THC Hydra we have another tool like I said Medusa it's also a password cracking tool very similar to THC Hydra and it's pre-installed in color Linux so you don't have to install it separately so guys as for today's session I'm using another virtual machine called metasploitable tool let me just show you how to install it so I can just type for metasploitable too and you have this sourceforge.net you can click on that and uh here you get a zip file you can download it and unzip it and store it in the file where you have stored your Kali Linux so yeah once you've done that let's go back to Virtual machines I've already done that and I have meta's portable powered up but before you go ahead and get started just go for the settings part and make sure you have made the network as Bridge connection here so enable Bridge connection and click on OK and same goes to the Kali Linux as well since we have two virtual machines powered up here they might use same IP address because they share the host Network right so we don't want that to happen so we're using Bridge connection here so let's go to my exploitable too let me just maximize the screen for you guys yeah so as you can see I've already rocked it the username and password is msf admin anyway let me just show you again let me just close the machine and power off okay and click on my display audible too so as you can see it's ready and it's asking for login the login address is msf admin and same goes to the password so let me try msf admin and the password msf admin again okay I'm successfully logged in so let me just check for the IP address if config so as you can see right now it's connected to ethernet it doesn't have a proper IP address right as you can see in the second line under ET at 0 network card so we'll have to assign IP address which is in the same range as that of Kali Linux I'm doing this because as you can see when I just started meta's plot it will do I use msf admin to log in and same for the password Here I actually know the password and username but anyway using Kali Linux mid user tool we'll be trying to crack for msf admin password and username so let me go back to color Linux let me maximize the screen and let's check for if configure as well so yeah this has an IP address assigned to it and netmarks is a 255.0 okay let's go ahead and assign the very next IP address which is 192.168.1.2 to matters ploidable too for that let's go to metasploitable doing in here we go and let me maximize the screen okay I'm using this command to assign an IP address if config and the network card for which I want to assign let me just it's right is ET at 0 so eth is 0 and it's 192.168.1.2 which is the very next IP address or it actually you can say that it falls in the same range as that of Kali Linux now if subnet or netmask which is 255.0.0.0 right and click on enter it's asking for the password msf admin and let's try ifconfig again as you can see right now under ET at zero network card and IP address has been assigned in the same submit range as that of Kali Linux well I'm just using this for the demo purposes you can actually download any other kind of different application you have bwab you have damn vulnerable application and any other different kind of application in vulnerable applications which are especially made for penetration testing and you can go ahead and crack passwords because every application of such sort has a login page right so yeah and here we go back to color Linux and let me clear the screen and let's try for Medusa as you can see it's pre-installed tool in color Linux so it has lot of options here and for today's session we'll be using mostly two or three we'll be using iPhone Edge it's the target host name or IP address if you have a set of Target IP addresses that you can use Capital hatch to specify the list of IP addresses and if you want to directly mention the username which is msf admin in our case you can use iPhone's small U if you use capital u you can just specify the file which contains list of usernames that Medusa has to test same goes for iPhone P it's for the password and capital P for the list of passwords and one more thing which we'll be using is iPhone M it's the name of the module that you want to execute like for example Medusa sorry mad exploitable 2 it's an SSH connection right so as we execute the command you'll understand the stuff so before that like I said you can either specify the username directly or you can specify the file name which has a list of usernames I've already created a list I have it stored on my desktop let me show it to you guys it says bewap.test test here and let me open the stuff as you can see right now I just have four names admin root or an msf admin so yeah there's one more command called crunch by color Linux you can use that it creates a list or it creates a word list for you so go ahead and explore it let me close the file and let's go back to terminal here let me clear the screen I hope you guys remember the commands if not it's okay you can always go for the help command so Medusa because I want to specify the IP address of the motorsportable 2 that's 192.168.1.2 if I'm right then iPhone U so let's try with direct username first msf admin is a username right then iPhone capital P let's give the capital as in the username the location root it's in my desktop and bvap Dot text then iPhone capital M SSH connection and iPhone n the port number which is default 22 for any SSH connections and click enter so as you can see it's right now trying for the all password or different username and password combinations so it's trying msf admin with admin msf admin with tour msf admin with root nmsf admin finally with msf admin so since we have specified the target IP address here it will do this permutation in combination until it finds the right set of username and password so let's do the same thing with iPhone new capital u here so instead of giving directly the username let me specify the location I'm going to specify the same location because msf admin itself is the username right desktop and it's pivap dot txt so in the end if you have any other connection except ech you should specifically mention the port here otherwise you can just you don't have to mention it default it's going to take a while actually more than the last previous command because here we actually mentioned the username so it just had to compare username with four passwords but right now it has to compare each word with each other word for example first it Compares admin with all the four Bots which are there in the list second it Compares root with all the four words similarly to or with all the four bars and msf admin with all the four words it does that until it finds an actual match it's almost done so yeah as you can see it says username is msf admin and password is msf admin and success here same thing we got in the previous command as well so that's it guys let me summarize what we have learned today you learned what actually a Kali Linux is and how is it better when compared to other Linux distros and why you should use it then we saw how to install it different installation options as well so while you are installing if you find any error please do post them in the comment section we'll get back to you after that we discussed like four or five different tools right if we discussed the burp Suite we discussed Medusa just now and we'll discussed other three tools so these are just like five out of 600 tools that there are it's a very exciting topic actually so go ahead and explore don't just stop here with five tools go ahead and explore other different tools compare it with other tools on other platforms so go ahead and explore color Linux guys it's a really exciting it's actually a really interesting platform to perform penetration testing and ethical hacking and remember it's only for the educational purposes don't go ahead and do something illegal so this is it guys I hope the session was informative and demo fun so go ahead and explore try new things on Kali Linux and if you face any problem during installation or any step please do let us know we'll get back to you as soon as possible thank you guys

Original Description

🔥𝐄𝐝𝐮𝐫𝐞𝐤𝐚'𝐬 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 𝐄𝐭𝐡𝐢𝐜𝐚𝐥 𝐇𝐚𝐜𝐤𝐢𝐧𝐠 𝐂𝐨𝐮𝐫𝐬𝐞 - 𝐂𝐄𝐇 𝐯𝟏𝟐 : https://www.edureka.co/ceh-ethical-hacking-certification-course This Edureka "What is Kali Linux" tutorial will help you understand basics of Kali Linux. You will also get to learn the features of Kali Linux and option available to install Kali Linux. Below is the list of topics covered in this Kali Linux tutorial: 00:00:00 Introduction 00:00:43 Introduction to Kali Linux 00:01:38 History of Kali Linux 00:02:12 Why use Kali Linux 00:03:48 Kali Linux - Installation Options 🔴 Subscribe to our channel to get video updates. Hit the subscribe button above: https://goo.gl/6ohpTV 📝Feel free to share your comments below.📝 🔴 𝐄𝐝𝐮𝐫𝐞𝐤𝐚 𝐎𝐧𝐥𝐢𝐧𝐞 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐚𝐧𝐝 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬 🔵 DevOps Online Training: http://bit.ly/3VkBRUT 🌕 AWS Online Training: http://bit.ly/3ADYwDY 🔵 React Online Training: http://bit.ly/3Vc4yDw 🌕 Tableau Online Training: http://bit.ly/3guTe6J 🔵 Power BI Online Training: http://bit.ly/3VntjMY 🌕 Selenium Online Training: http://bit.ly/3EVDtis 🔵 PMP Online Training: http://bit.ly/3XugO44 🌕 Salesforce Online Training: http://bit.ly/3OsAXDH 🔵 Cybersecurity Online Training: http://bit.ly/3tXgw8t 🌕 Java Online Training: http://bit.ly/3tRxghg 🔵 Big Data Online Training: http://bit.ly/3EvUqP5 🌕 RPA Online Training: http://bit.ly/3GFHKYB 🔵 Python Online Training: http://bit.ly/3Oubt8M 🌕 Azure Online Training: http://bit.ly/3i4P85F 🔵 GCP Online Training: http://bit.ly/3VkCzS3 🌕 Microservices Online Training: http://bit.ly/3gxYqqv 🔵 Data Science Online Training: http://bit.ly/3V3nLrc 🌕 CEHv12 Online Training: http://bit.ly/3Vhq8Hj 🔵 Angular Online Training: http://bit.ly/3EYcCTe 🔴 𝐄𝐝𝐮𝐫𝐞𝐤𝐚 𝐑𝐨𝐥𝐞-𝐁𝐚𝐬𝐞𝐝 𝐂𝐨𝐮𝐫𝐬𝐞𝐬 🔵 DevOps Engineer Masters Program: http://bit.ly/3Oud9PC 🌕 Cloud Architect Masters Program: http://bit.ly/3OvueZy 🔵 Data Scientist Masters Program: http://bit.ly/3tUAOiT 🌕 Big Data
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from edureka! · edureka! · 0 of 60

← Previous Next →
1 ChatGPT Not Working - 4 Fixes | How To Fix ChatGPT Not Working | Why Is ChatGPT Not Working |Edureka
ChatGPT Not Working - 4 Fixes | How To Fix ChatGPT Not Working | Why Is ChatGPT Not Working |Edureka
edureka!
2 Advanced Java script Tutorial | JavaScript Training | JavaScript Programming | Edureka Rewind
Advanced Java script Tutorial | JavaScript Training | JavaScript Programming | Edureka Rewind
edureka!
3 Java script interview question and answers | Java script training | Edureka Rewind
Java script interview question and answers | Java script training | Edureka Rewind
edureka!
4 OpenAI API Tutorial using Python | How to use OpenAI GPT-3 API - Ada Babbage Curie Davinci | Edureka
OpenAI API Tutorial using Python | How to use OpenAI GPT-3 API - Ada Babbage Curie Davinci | Edureka
edureka!
5 What is Unsupervised Learning ? | Unsupervised Learning Algorithms| Machine Learning | Edureka
What is Unsupervised Learning ? | Unsupervised Learning Algorithms| Machine Learning | Edureka
edureka!
6 Top 10 Applications of Machine Learning in 2023 | Machine Learning  Training | Edureka Rewind - 7
Top 10 Applications of Machine Learning in 2023 | Machine Learning Training | Edureka Rewind - 7
edureka!
7 Machine Learning Engineer Career Path in 2023  | Machine Learning Tutorial | Edureka Rewind - 6
Machine Learning Engineer Career Path in 2023 | Machine Learning Tutorial | Edureka Rewind - 6
edureka!
8 10 Must Have Machine Learning Engineer Skills That Will Get You Hired   | Edureka Rewind - 7
10 Must Have Machine Learning Engineer Skills That Will Get You Hired | Edureka Rewind - 7
edureka!
9 Data Structures in Python | Data Structures and Algorithms in Python | Edureka | Python Live - 5
Data Structures in Python | Data Structures and Algorithms in Python | Edureka | Python Live - 5
edureka!
10 Python Lists | List in Python | Python Training  | Edureka  Rewind
Python Lists | List in Python | Python Training | Edureka Rewind
edureka!
11 Predictive Analysis Using Python | Learn to Build Predictive Models | Python Training | Edureka
Predictive Analysis Using Python | Learn to Build Predictive Models | Python Training | Edureka
edureka!
12 Machine Learning Tutorial | Machine Learning Algorithm | Machine Learning Engineer Program | Edureka
Machine Learning Tutorial | Machine Learning Algorithm | Machine Learning Engineer Program | Edureka
edureka!
13 How to use Pandas in Python | Python Pandas Tutorial  | Python Tutorial  |  Edureka  Rewind
How to use Pandas in Python | Python Pandas Tutorial | Python Tutorial | Edureka Rewind
edureka!
14 Parameters in Tableau | Tableau Parameters Examples | Tableau Tutorial  | Edureka Rewind
Parameters in Tableau | Tableau Parameters Examples | Tableau Tutorial | Edureka Rewind
edureka!
15 Top 10 Reasons to Learn Tableau in 2023  | Tableau Certification | Tableau | Edureka Rewind
Top 10 Reasons to Learn Tableau in 2023 | Tableau Certification | Tableau | Edureka Rewind
edureka!
16 Tableau Developer Roles & Responsibilities | Become A Tableau Developer | Tableau | Edureka Rewind
Tableau Developer Roles & Responsibilities | Become A Tableau Developer | Tableau | Edureka Rewind
edureka!
17 Deep Learning With Python | Deep Learning Tutorial For Beginners | Edureka  Rewind
Deep Learning With Python | Deep Learning Tutorial For Beginners | Edureka Rewind
edureka!
18 Realtime Object Detection  | Object Detection with TensorFlow | Edureka | Deep Learning Rewind - 2
Realtime Object Detection | Object Detection with TensorFlow | Edureka | Deep Learning Rewind - 2
edureka!
19 Top 20 Tableau Tips and Tricks in 20 Minutes | Tableau Tutorial | Tableau Training  | Edureka Rewind
Top 20 Tableau Tips and Tricks in 20 Minutes | Tableau Tutorial | Tableau Training | Edureka Rewind
edureka!
20 Climate Change Prediction using Time Series | Python Projects | Edureka | DS Rewind -  5
Climate Change Prediction using Time Series | Python Projects | Edureka | DS Rewind - 5
edureka!
21 ReactJS Installation Tutorial | ReactJS Installation On Windows | ReactJS Tutorial | Edureka Rewind
ReactJS Installation Tutorial | ReactJS Installation On Windows | ReactJS Tutorial | Edureka Rewind
edureka!
22 Phases in Cybersecurity  | Cybersecurity Training | Edureka | Cybersecurity Rewind - 2
Phases in Cybersecurity | Cybersecurity Training | Edureka | Cybersecurity Rewind - 2
edureka!
23 What Is React | ReactJS Tutorial for Beginners | ReactJS Training | Edureka Rewind
What Is React | ReactJS Tutorial for Beginners | ReactJS Training | Edureka Rewind
edureka!
24 Cybersecurity Frameworks Tutorial | Cybersecurity Training | Edureka | Cybersecurity Rewind- 2
Cybersecurity Frameworks Tutorial | Cybersecurity Training | Edureka | Cybersecurity Rewind- 2
edureka!
25 React vs Angular 4  | Angular 2 vs React | React & Angular | ReactJS Training | Edureka Rewind - 5
React vs Angular 4 | Angular 2 vs React | React & Angular | ReactJS Training | Edureka Rewind - 5
edureka!
26 ReactJS Components Life-Cycle Tutorial  | React Tutorial for Beginners  | Edureka Rewind
ReactJS Components Life-Cycle Tutorial | React Tutorial for Beginners | Edureka Rewind
edureka!
27 Ethical Hacking using Kali Linux | Ethical Hacking Tutorial | Edureka | Cybersecurity Rewind - 3
Ethical Hacking using Kali Linux | Ethical Hacking Tutorial | Edureka | Cybersecurity Rewind - 3
edureka!
28 Types Of Artificial Intelligence | Artificial Intelligence Explained | What is AI? | Edureka
Types Of Artificial Intelligence | Artificial Intelligence Explained | What is AI? | Edureka
edureka!
29 Top 10 Applications Of Artificial Intelligence in 2023 | Artificial Intelligence| Edureka Rewind
Top 10 Applications Of Artificial Intelligence in 2023 | Artificial Intelligence| Edureka Rewind
edureka!
30 The Future of AI | How will Artificial Intelligence Change the World in 2023? | Edureka Rewind
The Future of AI | How will Artificial Intelligence Change the World in 2023? | Edureka Rewind
edureka!
31 What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginners | Edureka Rewind
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginners | Edureka Rewind
edureka!
32 Google Cloud IAM | Identity & Access Management on GCP  | Edureka | GCP Rewind - 5
Google Cloud IAM | Identity & Access Management on GCP | Edureka | GCP Rewind - 5
edureka!
33 Google Cloud AI Platform Tutorial | Google Cloud AI Platform   | GCP Training | Edureka Rewind
Google Cloud AI Platform Tutorial | Google Cloud AI Platform | GCP Training | Edureka Rewind
edureka!
34 Projects in Google Cloud Platform  | GCP Project Structure  | GCP Training | Edureka Rewind
Projects in Google Cloud Platform | GCP Project Structure | GCP Training | Edureka Rewind
edureka!
35 How to Become a Data Scientist | Data Scientist Skills | Data Science Training  | Edureka Rewind - 3
How to Become a Data Scientist | Data Scientist Skills | Data Science Training | Edureka Rewind - 3
edureka!
36 Agglomerative and Divisive Hierarchical Clustering Explained | Data Science Training | Edureka Live
Agglomerative and Divisive Hierarchical Clustering Explained | Data Science Training | Edureka Live
edureka!
37 Climate Change Prediction using Time Series | Python Projects | Edureka | DS Rewind -  5
Climate Change Prediction using Time Series | Python Projects | Edureka | DS Rewind - 5
edureka!
38 Data Science Project - Covid-19 Data Analysis | Python Training | Edureka | DS Rewind - 6
Data Science Project - Covid-19 Data Analysis | Python Training | Edureka | DS Rewind - 6
edureka!
39 What is Honeycode? | Introduction to Honeycode | Edureka
What is Honeycode? | Introduction to Honeycode | Edureka
edureka!
40 Difference between Amazon AWS and Google Cloud | GCP Training Google Cloud | Edureka Live
Difference between Amazon AWS and Google Cloud | GCP Training Google Cloud | Edureka Live
edureka!
41 DevOps Lifecycle | Introduction To DevOps | DevOps Tools | What is DevOps? | Edureka Rewind
DevOps Lifecycle | Introduction To DevOps | DevOps Tools | What is DevOps? | Edureka Rewind
edureka!
42 Introduction to DevOps | DevOps Tutorial for Beginners | DevOps Tools | DevOps | Edureka Rewind
Introduction to DevOps | DevOps Tutorial for Beginners | DevOps Tools | DevOps | Edureka Rewind
edureka!
43 How to Create Login System using Python | Python Programming Tutorial | Edureka Rewind
How to Create Login System using Python | Python Programming Tutorial | Edureka Rewind
edureka!
44 Python Developer | How to become Python Developer | Python Tutorial  | Edureka Rewind
Python Developer | How to become Python Developer | Python Tutorial | Edureka Rewind
edureka!
45 How to become a Data Engineer | Complete Roadmap to become a Data Engineer| Data Engineer |  Edureka
How to become a Data Engineer | Complete Roadmap to become a Data Engineer| Data Engineer | Edureka
edureka!
46 Azure Data Engineer Certification [DP 203] | How to Become Azure Data Engineer [2023] | Edureka
Azure Data Engineer Certification [DP 203] | How to Become Azure Data Engineer [2023] | Edureka
edureka!
47 Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Program  | Edureka Rewind
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Program | Edureka Rewind
edureka!
48 DevOps Engineer day-to-day Activities | DevOps Engineer Responsibilities | Edureka Rewind
DevOps Engineer day-to-day Activities | DevOps Engineer Responsibilities | Edureka Rewind
edureka!
49 How to Become a DevOps Engineer?  | DevOps Engineer Roadmap | Edureka | DevOps Rewind
How to Become a DevOps Engineer? | DevOps Engineer Roadmap | Edureka | DevOps Rewind
edureka!
50 How to Become a Data Engineer? | Data Engineering Training | Edureka
How to Become a Data Engineer? | Data Engineering Training | Edureka
edureka!
51 How To Become A Big Data Engineer? | Big Data Engineer Roadmap | Edureka Rewind
How To Become A Big Data Engineer? | Big Data Engineer Roadmap | Edureka Rewind
edureka!
52 Python Integration for Power BI and Predictive Analytics | Power BI Training | Edureka
Python Integration for Power BI and Predictive Analytics | Power BI Training | Edureka
edureka!
53 Power BI KPI Indicators Tutorial | Custom Visuals In Power BI | Power BI Training  | Edureka Rewind
Power BI KPI Indicators Tutorial | Custom Visuals In Power BI | Power BI Training | Edureka Rewind
edureka!
54 Apache HBase Tutorial For Beginners | What is Apache HBase? | Big Data Training | Edureka Rewind
Apache HBase Tutorial For Beginners | What is Apache HBase? | Big Data Training | Edureka Rewind
edureka!
55 Big Data Hadoop Tutorial For Beginners  | Hadoop Training | Big Data Tutorial  | Edureka  Rewind
Big Data Hadoop Tutorial For Beginners | Hadoop Training | Big Data Tutorial | Edureka Rewind
edureka!
56 Big Data Analytics  | Big Data Analytics Use-Cases | Big Data Tutorial | Edureka Rewind
Big Data Analytics | Big Data Analytics Use-Cases | Big Data Tutorial | Edureka Rewind
edureka!
57 What Is Power BI? | Introduction To Microsoft Power BI | Power BI Training  | Edureka  Rewind
What Is Power BI? | Introduction To Microsoft Power BI | Power BI Training | Edureka Rewind
edureka!
58 Triggers in Salesforce | Salesforce Apex Triggers | Salesforce  Tutorial  | Edureka Rewind
Triggers in Salesforce | Salesforce Apex Triggers | Salesforce Tutorial | Edureka Rewind
edureka!
59 How To Become A Salesforce Developer | Salesforce For Beginners| Salesforce Training  Edureka Rewind
How To Become A Salesforce Developer | Salesforce For Beginners| Salesforce Training Edureka Rewind
edureka!
60 Java ArrayList Tutorial | Java ArrayList Examples | Java Tutorial | Edureka Rewind
Java ArrayList Tutorial | Java ArrayList Examples | Java Tutorial | Edureka Rewind
edureka!

Related Reads

Chapters (5)

Introduction
0:43 Introduction to Kali Linux
1:38 History of Kali Linux
2:12 Why use Kali Linux
3:48 Kali Linux - Installation Options
Up next
AI Found ALL Vulnerabilities - Release Delayed!
Pranjal
Watch →