The Kali Linux distribution is one of the most used Pentesting operating systems in the world, why? because it is loaded with a massive toolkit which allows you to perform audits and tests on a wide range of systems. This is exactly the reason why we decided to publish the perfect tutorial on using Kali Linux as a security audit tool. Kali Linux is a new distribution of the well known Backtrack series which get replaced by the Kali series the last year.
As you might have searched before there are various tutorials on the internet about how you can use Kali tools to perform security audits and pentests. A lot of these videos show you how a security expert is able to perform an specific attack on a specific device, but they do not show you how to setup such an attack on a target that you want to audit. The Kali linux tutorial will give you insight on how you need to target and audit your desired target.
What do you need to run Kali Linux
There are various ways on how you can use Kali Linux, for this tutorial we have chosen the virtual option of the Kali Linux distro as this is the most effective and managed way to use Kali Linux. We will be running the virtual environment with the VirtualBox application which can be downloaded for free from Oracle.
What do you need to download
As we mentioned above we are going to use the virtual option of the Kali Linux distro, so you will need the following files to make this work. Please install them in the specified order as your internet connection might be interrupted during the installation of the Oracle Virtualbox application.
- Install Virtualbox and the dependencies
- Wait for the installation of VirtualBox to complete
- Once the installation has been completed, download your prefered Kali Linux version from the official website
Once these steps have been completed you can continue to installing Kali Linux
Installing Kali Linux
As you now have installed the VirtualBox application, you will need to run the VirtualBox application and create a new virtual environment with the options that you desire. For our Kali Linux we decided to provide the following options:
- 30GB harddisk space
- NAT network
- 4GB memory
Go ahead and select the downloaded ISO file and follow the full installation guide which is viewed during the installation of Kali Linux.
What kind of network will I operate in
In this Kali tutorial we chose the NAT network option, this means that you will be operating your Kali Linux environment on the same network which your ‘HOST’ is running. This is the computer where the Virtualbox application is installed.
How do I login on Kali Linux
Once the installation is completed you will be able to login to your Kali Linux environment with your provided credentials.
The default password of the Kali Linux system is:
- username: “root”
- password: “toor”
Logged in, and now what?
Now that you have logged in, continue and open the Terminal. Once the terminal is opened we will continue to provide two commands which will update and upgrade your Kali system to the latest version.
Provide the following commands in the Kali Linux environment:
- sudo apt-get update
- sudo apt-get upgrade
Start your audit
Now that you are running the latest version you can enter the next commands which will start the Armitage console for you. The armitage console is a GUI which uses the Metasploit database. The metasploit database is filled with exploits and scripts which you can use to audit your target.
The commands are:
- sudo service postgresql start
- sudo service metasploit start
- sudo armitage
Once you have entered the commands a new screen will open which will hold the Armitage console. In the Armitage console you will be able to scan domains and addresses. Once they have been scanned you will be able to audit them.