Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Kali-Linux Guides


  • Please log in to reply
34 replies to this topic

#1 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 20 April 2014 - 12:57 AM

To all,

 

I have been playing with Kali-Linux, which replaced Backtrack a year or so back.  Anyone have any concrete guides for Pen Testing tools.  I know how to use the basics;

  • Wireshark
  • Shell exploits
  • Arm
  • On and on.

Figured someone out there has to be a pro at this OS.

NOTE:  I run two types.

  1. Is a OS installed on a computer as a Linux Distro, x64
  2. The second is a x32 running on Windows 7 through VMware.

Thanks in advanced.

czarboom


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

BC AdBot (Login to Remove)

 


#2 Dalek Sec

Dalek Sec

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Earth
  • Local time:09:46 PM

Posted 23 April 2014 - 10:18 AM

Kali is my favorite toy to play with. I wouldnt say I was a pro but I managed to procure various different things that Ive learned alot from:

 

Man pages are boring to read but necessary.

 

Kali Linux Cookbook is a pdf that you might like.

 

CBT.Nuggets -- Backtrack &.Kali Linux   <-- the guy that narrates these annoys the hell out of me but these are usefull.

 

Youtube has some things on it and the Kali/Backtrack site is a really good place to  learn from. 

 

:bananas:



#3 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 23 April 2014 - 11:52 PM

Nice, thank you.  I am sooo tired of watching guides that have techno, or are in a language I dont speak.  I like youtube and viemo, but all I keep finding is pass the hash (done it) and wireshark (got it) or social network exploits.... um dont care about that, know them. 

 

thanks for the links and the heads up....


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#4 technonymous

technonymous

  • Members
  • 2,492 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:46 PM

Posted 24 April 2014 - 03:20 AM

There is lot of good youtube channels and websites. When people hear the term hacker and they automatically imagine some nerd in a basement. Hacking is a viable IT source. Pentesting networks to see the faults in security. Would you know, Ironically the government and forensics use the same techniques. Heres a list of a few I like to watch and I been in IT for 20+ years.

 

itfreetraining  some really good IT technical training.

Eli the computer guy Again some really good in depth training real world IT talks and discussions.

Hak5 They do a lot of hands on pentesting, hacking, networking, real world linux instructables, security, setting up servers ssh, openvpn's etc. Don't let the name scare ya.

Tekzilla Everything  IT answer real world questions from viewers like Hak5.

Rob Fuller Mubix Exploits, pentesting, lots of how to instructional tutorials.

 

Some cool links that are related...

Defcon https://www.defcon.org/ Hackign news, resources, education, involvement, forums, Defcon conference with hackers around the world get together.

Hackaday http://hackaday.com/ A lot of cool hardware hacks etc.


Edited by technonymous, 24 April 2014 - 03:23 AM.


#5 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 24 April 2014 - 11:50 PM

Thanks man that is the area I want to get into.  I have a ton on healthcare IT and networking experience.  I am a Biomedical equipment tech, which is a nice way of saying I am a repairman for medical equipment. (e.g. ultrasound, MRI, x-ray etc. etc.).  But, due to the FDA, it runs around 4 years behind the curve.

 

Pentesting is of great interest to me, it’s the way I think and I like the outside the box solutions needed to do it.  I was looking a lot at open security’s website, but I want to learn as much as I can.

 

Being you seem in the know, with the exception of a CISCO cert, what is the best cert to have right now coming out of college.  Not my first tech degree but I was going on my security + cert, have the book so what the heck, is that worth it.

 

Thanks again


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#6 technonymous

technonymous

  • Members
  • 2,492 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:46 PM

Posted 25 April 2014 - 03:22 AM

Some More cool forensic hardware links.

 

http://forensicpc.com/
http://forensicstore.com/
http://www.digitalintelligence.com/forensichardware.php
http://en.wikipedia.org/wiki/List_of_digital_forensics_tools

 

It depends on the schooling you have and your weaknesses your strengths. What you want to do and how far you want to go. There is good training and some really bad training. People usually go for the A+ and start with the basics. Some will frown on it. Everyone has their opinions. I have certs myself. However, the proper training that goes with it, is what makes the difference.

There is a difference between reading through a book and passing a test, than going and spending 3k on a college level A+ course. You will be at the college getting inside look of the network infrastructure & getting hands on with an instrcutor. Big difference there. Though it is costly to do for a young college person. You can get government assistance for these things even through the employment department. Tell them what you want to do and they can help with the financial part of it. They have training programs and funding to help.

Then there is Security and Network+ it's all ok. Especially security the internet needs that drastically. Security training is definitely something to think about. Look at all the viruses and issues people have, it's on the rise. Becoming a security consultant is a very viable job. I don't know if Network+ will really benefit you, you're the one to answer that. Cisco goes deep into that.

Then there is MCSE and is probably the determining factor of landing an administrator job. Then there is the Cisco network engineering aspect of it. The certs tech levels...CCENT, CCNA, CCNP, CCIE There is no easy ride there.


Edited by technonymous, 25 April 2014 - 03:29 AM.


#7 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 26 April 2014 - 02:34 AM

LOL, yeah I am in college now, paying for it is no issue, using the GI Bill, at least I got that from playing Army.  Over all I have a great deal of networking experience in healthcare IT.  Using not only basic setups, but also to servers and switches and (I am dating myself a little) dare I say Hubs.... :grinner:

Also with the DICOM and HL7 network standards and all that crap.

 

That being said I would love to do the CISCO certs but I am not paying for them, and that is a rough run with college on top of it.  I am glad security + is worth something, I have read through the book once, on my second run. 

 

I am super interested in the InfoSec field, glad to here it’s in demand. 

 

Thank you for your advice, it can be hard to get a professional account of the industry for any IT pro, but security guys are even more reluctant than most.


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#8 technonymous

technonymous

  • Members
  • 2,492 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:09:46 PM

Posted 26 April 2014 - 10:30 PM

There are a lot of tech area's. There is even just fiber optic line technicians. Starting salary of 45-60k range. It depends on what interests you. Cisco training you want to get a lab starter rack to help with training and ones that support ipv6 for the future and those exams will test you on this. You can pick up used stater racks off of places like ebay and Amazon.com etc. There is also virtual lab software that will help a lot. GNS3, Packet Tracer, NetSim. There are practice exams you can buy. IT training courses. Get signed up and get involved into Cert places like Comptia etc. Don't be afraid to ask questions from your instructors on those issue's of what's hot and what's not tips. There is no such thing as a dumb question. Good luck to you.



#9 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 27 April 2014 - 02:04 AM

thanks, I have packet tracer, and some old rack mounts, and about 4GB worth of training videos.... Somewhere in my digital junk.  IP6 good point. 

again thanks for your insight


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#10 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:02:46 PM

Posted 03 May 2014 - 09:58 PM

Comptia certs are not to be sneezed at... and relatively inexpensive to acquire.



#11 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 04 May 2014 - 05:00 AM

any top level cert is good to have, not putting them down, but compaired to CISCOs certs its a night and day difference. 


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#12 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:02:46 PM

Posted 04 May 2014 - 06:25 AM

Cisco only teach proprietary information on top of the actual 'education', which is not skipped by other training organizations either (the education, as compared to the proprietary training) ... Having wrangled with Cisco products for years I am happy to be shot of their over-complicated designs and self worthiness. Admittedly I don't work in a center with 5,000+ computers and don't know the massive upscale capabilities of the systems I use (which technically should work), which Cisco systems are definitely capable of. My dinky work system with only 200 odd machines doesn't need the idiosyncrasies.


Edited by TsVk!, 04 May 2014 - 06:32 AM.


#13 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 04 May 2014 - 05:06 PM

I agree this CompTIA being great for vendor neutral training.  Alas, I too hate CISCO and what they think of themselves, but if you have a CISCO cert or two, you’re a dead ringer for a job.  Given all other items being the same.  Let’s face it, if you can get through the complex and ridiculous way CISCO uses and teaches their devices, then most other devices are easy to learn and use.


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#14 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:02:46 PM

Posted 04 May 2014 - 05:15 PM

Hmmm, I never really thought about it like that. After I finished my initial college IT course I applied for one job, and got it... lol

 

Busy now working on CompTIA qualifications, all paid for by my employer. They are totally into the employee development thing. I even do a large part of my BC malware removal training on company time. Sweet. B)



#15 czarboom

czarboom
  • Topic Starter

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:11:46 PM

Posted 05 May 2014 - 12:18 AM

nice, got to love it.


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users