Penetration testing (aka “pentesting”) is a great way to uncover vulnerabilities on your network and the attached systems. Pentesting is also known as ethical hacking, which helps explain exactly what it is… using similar tools as those with malicious intent, to try and discover any and all issues that could otherwise allow a hacker to gain access to your network.
Pentesting is essential for businesses that want to ensure their networks are as secure as possible. The big question is where you should start. There are quite a large number of pentesting tools available, many of which are open source and free to use. In fact, you can install any number of these tools on your operating system of choice.
However, there’s a much better way, thanks to Kali Linux.
If you’re not familiar with Kali Linux, it’s a distribution geared specifically for pentesting and it includes several tools for that purpose. You’d be hard-pressed to find an operating system with as many pre-installed tools for ethical hacking.
Although some of these tools do include a fairly steep learning curve to use, the good news is that, thanks to Kali Linux, you don’t have to worry about getting them properly installed and configured. These tools are already there and ready to go.
The pentesting tools in Kali Linux are a mixture of GUI and CLI tools and it might come as a surprise but some of the CLI tools are actually easier than the GUIs. That’s not always the case, but if you’ve ever used the command line, you know that it can often be far more efficient and effective than a GUI.
Learning curve aside, Kali Linux is, hands down, the best pentesting platform on the market. If you’re serious about finding out just how secure your network, website, system, or application is, you’ll want to know Kali Linux.
How to Get Kali Linux
The first thing I want to mention is how to get and install Kali Linux. Since this is a Linux distribution, you can always download an ISO installer image and install the distribution on any spare system you have. Kali Linux is a fairly lightweight distribution, so you should be okay installing it on even older hardware.
Another method (which is the route I tend to prefer) is to download a virtual machine and use it with VMware, VirtualBox, Hyper-V, or QEMU. Just make sure to download the virtual machine that goes with your VM platform of choice.
The reason why I prefer the virtual machine method is that I can run it from any operating system (that supports VMs) and can start, pause, and stop Kali Linux at will.
To run a Kali Linux virtual machine on VirtualBox, follow these steps:
- Make sure to download the VirtualBox virtual machine image.
- Extract the .7z file either from the command line or your GUI file manager.
- Open VirtualBox.
- Click Add.
- Navigate to the newly created kali-linux-XXX-virtualbox-amd64 folder (where XXX is the release number) and double-click the file that ends in .vbox.
- When the VM has been imported, click Finish.
Before you start the VM, select it from the left pane and click Settings. We want to make sure Kali Linux is attached to your LAN, so click Network and, from the Attached to drop-down (Figure 1), select Bridged Adapter.
-
Figure 1: Changing the network from the default NAT to Bridged.
Once you’ve taken care of that, close the Settings and then start the virtual machine. When you finally see the Kali Linux login screen, use the credentials kali/kali.
Your First Pentesting Experience
For this article, we’ll start with something simple. One of the many tools found in Kali Linux is called wpscan, which scans your WordPress deployments for issues.
You’ll find wpscan in the Web Application Analysis menu, labeled wpscan. When you click that entry, a terminal window will open, ready for you to run your first scan (Figure 2).
-
Figure 2: The Kali Linux terminal window.
You don’t have to go through the desktop menu. Instead, you can simply click the terminal icon in the top bar, which will open the Kali Linux terminal window. Because of the way Linux installs applications, you can run the wpscan command from any terminal and from any directory.
Let’s say you’re currently testing a WordPress deployment and it has yet to reach production. We’ll use the IP address 192.168.1.229 for our test. The command for this test is:
|
wpscan —url=http://192.168.1.229 |
The output will fly by and, at the end, you’ll see the message No WPScan API Token given, as a result, vulnerability data has not been output. Below that you’ll see a link you can click and register for an API Token.
With your token copied, you can add it to the command like so:
|
wpscan —api–token TOKEN —url=http://192.168.1.229 |
If you’d like to save the output of the scan to a file, you can do so like this:
|
wpscan —api–token TOKEN FILENAME —url=http://192.168.1.229 > FILENAME |
Where TOKEN is your API token and FILENAME is the name of the file in which you want the output to be saved.
When the scan completes, you can view the contents of the file with one of the following commands:
|
cat FILENAME less FILENAME |
I prefer using less because it allows me to scroll up and down to more easily read the file.
And that’s how you get started running your first pentest with Kali Linux. We’ll revisit this topic and walk through more challenging tests in future articles. Until then, enjoy this ethical hacking platform.
YOUTUBE.COM/THENEWSTACK
Tech moves fast, don’t miss an episode. Subscribe to our YouTube
channel to stream all our podcasts, interviews, demos, and more.
Jack Wallen is what happens when a Gen Xer mind-melds with present-day snark. Jack is a seeker of truth and a writer of words with a quantum mechanical pencil and a disjointed beat of sound and soul. Although he resides…
Read more from Jack Wallen
+ There are no comments
Add yours