Showing Off Your Newly Gained Knowledge

12.3. Going Further
This book taught you a lot of things that any Kali Linux user should know, but we made some hard
choices to keep it short, and there are many topics that were not covered.
12.3.1. Towards System Administration
If you want to learn more about system administration, then we can only recommend that you
check out the Debian Administrator’s Handbook:
è
https://debian-handbook.info/get/
You will find there, many supplementary chapters covering common Unix services that we have
entirely skipped in this book. And even for chapters that have been reused in the Kali book, you
will find plenty of supplementary tips, notably on the packaging system (which is also covered
more extensively at its lowest level).
The Debian book obviously presents more deeply the Debian community and the way it is orga-
nized. While this knowledge is not vital, it is really useful when you have to interact with Debian
contributors, for example through bug reports.
12.3.2. Towards Penetration Testing
You probably noticed by now that this book did not teach you penetration testing. But the things
you learned are still important. You are now ready to fully exploit the power of Kali Linux, the
best penetration testing framework. And you have the basic Linux skills required to participate
in Offensive Security’s training.
If you feel that you are not yet ready for a paid course, you can start by following the
Metasploit
Unleashed
3
free online training. Metasploit is a very popular penetration testing tool and you
have to know it if you are serious about your plans to learn penetration testing.
The next logical step would then be to follow the
Penetration Testing with Kali Linux
4
online
course leading the path to the famous “Offensive Security Certified Professional” certification.
This online course can be followed at your own pace but the certification is actually a difficult,
24h long, real-word, hands-on penetration test which takes place in an isolated VPN network.
Are you up to the challenge?
3
https://www.offensive-security.com/metasploit-unleashed/
4
https://www.offensive-security.com/courses-and-certifications/
307
Chapter 12 — Conclusion: The Road Ahead

Index
_
.config,
239
.d,
200
.htaccess,
120
/dev,
48
/etc/apt/apt.conf.d/,
200
/etc/apt/preferences,
202
/etc/apt/sources.list,
178
/etc/apt/trusted.gpg.d/,
208
/etc/group,
112
/etc/gshadow,
112
/etc/network/interfaces,
109
/etc/passwd,
112
/etc/salt/minion,
261
/etc/shadow,
112
/etc/ssh/sshd_config,
115
/proc,
48
/sys,
48
/var/lib/dpkg/,
217
/var/www/html/,
118
32-bit CPU,
16
64-bit CPU,
16
A
a2dismod,
118
a2enmod,
118
a2ensite,
119
ACCEPT,
161
account
creation,
112
disable,
113
modification,
113
activity, monitoring,
168
add a user to a group,
112
addgroup,
113
adduser,
112
Advanced Package Tool,
177
aide (Debian package),
170
AllowOverride, Apache directive,
119
,
120
analysis
vulnerability,
6
web application,
6
ansible,
261
Apache,
118
directives,
119
Apache directives,
121
application assessments,
295
applications
collection,
10
menu,
6
applying a patch,
233
apropos,
128
APT,
177
configuration,
200
header display,
191
initial configuration,
84
interfaces,
196
package search,
191
pinning,
202
preferences,
202
apt,
181
apt build-dep,
231
apt dist-upgrade,
185
apt full-upgrade,
185
apt install,
183
apt purge,
186

apt remove,
186
apt search,
191
apt show,
191
apt source,
229
apt update,
181
apt upgrade,
184
apt-cache,
191
apt-cache dumpavail,
192
apt-cache pkgnames,
192
apt-cache policy,
192
apt-cache search,
191
apt-cache show,
191
apt-cdrom,
178
apt-get,
181
apt-get dist-upgrade,
185
apt-get install,
183
apt-get purge,
187
apt-get remove,
186
apt-get update,
181
apt-get upgrade,
184
apt-key,
208
apt-mark auto,
205
apt-mark manual,
205
apt-xapian-index,
192
apt.conf.d/,
200
aptitude,
181
,
196
aptitude dist-upgrade,
185
aptitude full-upgrade,
185
aptitude install,
183
aptitude markauto,
205
aptitude purge,
187
aptitude remove,
186
aptitude safe-upgrade,
184
aptitude search,
191
aptitude show,
191
aptitude unmarkauto,
205
aptitude update,
181
aptitude why,
205
architecture
multi-arch support,
206
ARM installations,
98
assessment
application,
295
black box,
296
formalization,
297
vulnerability,
288
white box,
296
attacks
client side,
301
database,
6
denial of service,
298
memory corruption,
299
password,
7
,
300
types of,
298
web,
300
wireless,
7
auditing, security,
5
authentication
package authentication,
208
AuthName, Apache directive,
120
AuthType, Apache directive,
120
AuthUserFile, Apache directive,
120
automatic installation,
95
automatically installed packages,
205
avalanche effect,
169
axi-cache,
192
B
background process,
57
BackTrack,
XXI
,
2
bash curly brackets,
168
bash trick,
168
bg,
57
BIOS,
24
block device file,
49
boot preseed,
96
boot screen,
67
bootable USB key,
19
bootloader,
85
BOOTP,
258
Breaks, header field,
214
broken dependency,
195
Bruce Schneier,
156
309
Index

brute-force attacks,
300
buffer
overflow,
299
receive buffer,
162
bug report,
134
bugs.kali.org,
138
build dependencies, installation,
231
build options,
234
Build-Depends,
231
building
a custom live ISO image,
241
a package,
236
C
cache, proxy,
84
cat,
56
cd,
52
cdimage.kali.org,
14
,
181
cdrom preseed,
96
certification,
306
chage,
113
chain,
160
changelog file,
271
changelog.Debian.gz,
130
character device file,
49
checksecurity,
171
checksums,
220
chef,
261
chfn,
113
chgrp,
58
chmod,
58
choice
of country,
68
of language,
67
chown,
58
chroot,
245
chsh,
113
client side attacks,
301
cluster, PostgreSQL cluster,
116
,
117
command line,
51
communities,
132
comparison of versions,
190
compilation
of a kernel,
237
compliance penetration test,
292
component (of a repository),
179
conffiles,
220
confidentiality
files,
88
config, debconf script,
220
configuration
creating configuration packages,
269
files,
220
initial configuration of APT,
84
management,
261
network
DHCP,
71
static,
71
of the kernel,
239
program configuration,
114
conflicts,
214
Conflicts, header field,
214
contrib, section,
179
control,
211
control file,
272
control sum,
169
control.tar.gz,
217
copying, ISO image,
19
copyright,
131
copyright file,
271
country selection,
68
cp,
53
createdb,
116
createuser,
116
creation
of a PostgreSQL database,
116
of a PostgreSQL user,
116
of groups,
113
of user accounts,
112
credentials, default,
159
cross-site scripting (XSS),
300
cryptsetup,
248
nuke password,
250
310
Kali Linux Revealed

curly braces,
168
customization of live ISO image,
241
D
database assessment,
6
database server,
115
dch,
232
dd,
22
debconf,
220
debconf-get,
101
debconf-get-selections,
98
debconf-set,
101
DEBEMAIL,
270
DEBFULLNAME,
270
Debian
relationship with Kali Linux,
4
Debian Administrator’s Handbook,
307
Debian Free Software Guidelines,
5
Debian GNU/Linux,
2
Debian Policy,
5
debian-archive-keyring,
208
debian-kernel-handbook,
238
debian/changelog,
232
,
271
debian/control,
272
debian/copyright,
271
debian/patches,
230
debian/rules,
234
,
273
debuild,
237
default passwords,
159
default.target,
122
deletion of a group,
113
delgroup,
113
denial of service,
298
dependency,
212
Depends, header field,
212
desktop environment,
3
choice during build of live ISO,
242
desktop-base,
269
detecting changes on the filesystem,
169
device file,
49
df,
60
dh-make,
270
dh_install,
273
DHCP,
258
dictionary attacks,
300
directives, Apache,
119
,
121
DirectoryIndex, Apache directive,
120
disable an account,
113
disk preseed,
96
Disks (program),
21
diskutil,
23
distribution, Linux,
2
dm-crypt,
89
dmesg,
60
DNAT,
161
dnsmasq,
258
documentation,
128
,
130
download
ISO image,
14
the sources,
229
dpkg,
176
database,
217
dpkg --verify,
169
internal operation,
219
dpkg-buildpackage,
236
dpkg-deb,
236
dpkg-source --commit,
233
drive, USB drive,
19
DROP,
161
dropdb,
116
dropuser,
116
dual boot,
87
E
echo,
54
editor,
56
encrypted partition,
88
encrypted persistence,
248
engineering
reverse,
7
social engineering,
7
Enhances, header field,
214
environment
environment variable,
54
311
Index

ExecCGI, Apache directive,
120
execution modules, salt,
262
execution, right,
57
experimental,
203
Explanation,
204
exploitation tools,
7
F
fail2ban,
158
features,
8
fg,
57
file
confidentiality,
88
configuration files,
220
file system,
49
filesystem
hierarchy,
54
filtering rule,
160
,
163
find,
56
fingerprint,
169
firewall,
159
FollowSymLinks, Apache directive,
120
forensics,
7
mode,
8
formalization of the assessment,
297
format disk,
49
forums,
132
forums.kali.org,
132
FORWARD,
160
free,
60
Freenode,
133
fwbuilder,
166
G
get the sources,
229
getent,
112
git clone,
230
GitHub issues,
148
GNOME,
3
gnome-disk-utility,
21
gnome-system-monitor,
168
GNU
Info,
130
gpasswd,
113
GPG key,
17
graphical.target,
122
grep,
56
group
add a user,
112
change,
113
creation,
113
deletion,
113
of volumes,
89
owner,
57
groupmod,
113
GRUB,
85
gui-apt-key,
210
guided partitioning,
76
H
hardware discovery,
61
heap corruption,
299
history of Kali Linux,
2
HOME,
55
home directory,
55
host, virtual host,
118
htpasswd,
121
HTTP proxy,
84
HTTP server,
118
http.kali.org,
180
HTTPS,
118
Hyper-V,
24
I
ICMP,
162
id,
60
,
113
ifupdown,
109
impersonation,
7
Includes, Apache directive,
120
incompatibilities,
214
Indexes, Apache directive,
120
info,
130
information gathering,
6
initrd preseed,
96
312
Kali Linux Revealed

INPUT,
160
installation,
66
automatic,
95
of build dependencies,
231
on ARM devices,
98
package installation,
182
,
183
troubleshooting,
99
unattended,
95
installer preseeding,
96
integer overflow,
299
Internet Control Message Protocol,
162
ip6tables,
159
,
163
iptables,
159
,
163
IRC channel,
133
isc-dhcp-server,
258
ISO image
authentication,
17
booting,
24
copying,
19
custom build,
241
download,
14
mirrors,
14
variants,
16

Download 11,68 Mb.