Figure 1.1 Kali Linux’s Applications Menu
These tasks and activities include:
• Information Gathering: Collecting data about the target network and its structure, identify-
ing computers, their operating systems, and the services that they run. Identifying poten-
tially sensitive parts of the information system. Extracting all sorts of listings from running
directory services.
• Vulnerability Analysis: Quickly testing whether a local or remote system is affected by a
number of known vulnerabilities or insecure configurations. Vulnerability scanners use
databases containing thousands of signatures to identify potential vulnerabilities.
• Web Application Analysis: Identifying misconfigurations and security weaknesses in web
applications. It is crucial to identify and mitigate these issues given that the public avail-
ability of these applications makes them ideal targets for attackers.
6
Kali Linux Revealed
• Database Assessment: From SQL injection to attacking credentials, database attacks are a
common vector for attackers. Tools that test for attack vectors ranging from SQL injection
to data extraction and analysis can be found here.
• Password Attacks: Authentication systems are always a go-to attack vector. Many useful
tools can be found here, from online password attack tools to offline attacks against the
encryption or hashing systems.
• Wireless Attacks: The pervasive nature of wireless networks means that they will always
be a commonly attacked vector. With its wide range of support for multiple wireless cards,
Kali is an obvious choice for attacks against multiple types of wireless networks.
• Reverse Engineering: Reverse engineering is an activity with many purposes. In support
of offensive activities, it is one of the primary methods for vulnerability identification and
exploit development. On the defensive side, it is used to analyze malware employed in tar-
geted attacks. In this capacity, the goal is to identify the capabilities of a given piece of
tradecraft.
• Exploitation Tools: Exploiting, or taking advantage of a (formerly identified) vulnerability,
allows you to gain control of a remote machine (or device). This access can then be used
for further privilege escalation attacks, either locally on the compromised machine, or on
other machines accessible on its local network. This category contains a number of tools
and utilities that simplify the process of writing your own exploits.
• Sniffing & Spoofing: Gaining access to the data as they travel across the network is often ad-
vantageous for an attacker. Here you can find spoofing tools that allow you to impersonate
a legitimate user as well as sniffing tools that allow you to capture and analyze data right
off the wire. When used together, these tools can be very powerful.
• Post Exploitation: Once you have gained access to a system, you will often want to maintain
that level of access or extend control by laterally moving across the network. Tools that
assist in these goals are found here.
• Forensics: Forensic Linux live boot environments have been very popular for years now.
Kali contains a large number of popular Linux-based forensic tools allowing you to do ev-
erything from initial triage, to data imaging, to full analysis and case management.
• Reporting Tools: A penetration test is only complete once the findings have been reported.
This category contains tools to help collate the data collected from information-gathering
tools, discover non-obvious relationships, and bring everything together in various reports.
• Social Engineering Tools: When the technical side is well-secured, there is often the possi-
bility of exploiting human behavior as an attack vector. Given the right influence, people
can frequently be induced to take actions that compromise the security of the environment.
Did the USB key that the secretary just plugged in contain a harmless PDF? Or was it also a
Trojan horse that installed a backdoor? Was the banking website the accountant just logged
into the expected website or a perfect copy used for phishing purposes? This category con-
tains tools that aid in these types of attacks.
7
Chapter 1 — About Kali Linux
|
