Get Started with KALI Linux!
Get started in ethical hacking with this quick, simple step-by-step guide.
It's crazy just how many Cybersecurity courses simply overlook this essential tool. It's always going to be your first step on the journey to becoming a fully certified ethical hacker (aka "Penetration Tester").
⚠️ There's only one important warning: Any improper use of a computer is a crime under the UK Computer Misuse Act of 1990, and will land you in jail. Remember, you can test your own defences, and learn a lot by doing so, but hacking someone else's network or devices will sometimes earn you more jail time than if you just straight up murdered them. Laws are weird that way.
Good luck. 🍀
Disclaimer: You do any of this at your own risk, you mess up, that's on you.
So, now you’ve got Kali, here’s some guidance on how to use the most important/renowned tools in it, including a few more video tutorials.
1. nmap: A network scanning and reconnaissance tool.
Use: Discovers hosts and services on a computer network by sending packets and analysing the responses.
Why: Essential for network inventory, managing service upgrade schedules, and monitoring host or service uptime. It helps security professionals understand the network layout and detect vulnerable devices.
2. BurpSuite: Comprehensive web vulnerability scanner.
Use: Intercepts HTTP/S traffic between the web browser and servers, allowing detailed inspection and modification of requests.
Why: Vital for identifying and exploiting vulnerabilities in web applications to enhance security. It helps security testers find and patch weaknesses before malicious actors can exploit them.
Video: 30 min guide from John Hammond https://youtu.be/G3hpAeoZ4ek?si=HSeC5rNflHwMs1Il&t=64
3. Metasploit: Penetration testing and exploit development framework.
Use: Assists in developing, testing, and executing exploits against remote targets.
Why: Crucial for assessing security vulnerabilities, performing penetration tests, and testing defences. It helps security professionals simulate attacks to find and fix vulnerabilities.
Metasploit Beginners Guide (text) from Varonis
Video: 4 year-old 30 min intro to Metasploit https://youtu.be/TieUDcbk-bg&t=1
4. Wireshark: A network protocol analyser.
Use: Captures and analyses network traffic in real-time, providing detailed insights into data packets.
Why: Key for diagnosing network issues, troubleshooting, and network security auditing. It helps administrators understand network behaviour and detect anomalies.
Video: 20 min intro to how to use it, etc https://youtu.be/qTaOZrDnMzQ?si=zJ4T-6rf0jNsJjG_
5. John the Ripper: A password cracking tool.
Use: Tests password strength by attempting to crack hashed passwords.
Why: Important for identifying weak passwords to enhance system security. It helps administrators enforce stronger password policies by highlighting weak passwords.
How to crack passwords using John theRipper (text guide, from FreeCodeCamp)
Video 1: https://youtu.be/L6tL1xQmmqM&t=1
6. Snort: Intrusion detection and prevention system (IDS/IPS).
Use: Monitors network traffic for suspicious activities and alerts administrators.
Why: Essential for detecting and preventing network intrusions. It helps organisations detect and respond to potential security threats in real-time.
Recommended by LinkedIn
Video: Free 1hr 20 min full Snort tutorial video from Try Hack Me! https://youtu.be/pvPdOO2VcwM&t=1
7. Aircrack-ng: WiFi hacking and security assessment tool.
Use: Captures and analyses Wi-Fi traffic, cracks WEP/WPA-PSK keys.
Why: Critical for testing and improving the security of wireless networks. It helps administrators find and fix security flaws in Wi-Fi networks.
Video: 4 min video via David Bombal https://youtu.be/VvglE8SWeJ8&t=1
Have fun learning!
#CyberSecurity #InfoSec #DataProtection #Privacy #ThreatIntelligence #CyberAwareness
Follow me for more articles, as well as on other topics I teach such as Art & Design, Coding or Web Development.
As usual for articles on LinkedIn, here are some other articles I've published:
10 Cybersecurity Tips You REALLY Need:
Spot a typo, an error or just plain disagree? I welcome your comments and feedback to help improve this series of articles. If you'd like to learn more, just Connect or get in touch using the contact details in my profile.
This is draft 1.0, it will be updated with links to subsequent articles in the series as they are published.
Very informative