Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security.

Ashok in Action — Elevate Recon Skills

Ashok in Action — Elevate Recon Skills

Before we go on a road trip on any adventure, what’s the first thing we do? We do a proper plan! We check the maps (Nowadays on a phone Map), look for the best routes, and maybe even scout out a few interesting stops along the way. Or we watch any YouTube video of that trip to know about various things. Skipping this step would leave us wandering aimlessly, and nobody wants that. The same goes for cybersecurity spaces.

Reconnaissance, or recon in short, is that essential planning phase in our cybersecurity world. It’s like doing a bit of homework before doing the attack. Whether we’re looking to fortify your defenses or test them, understanding what we’re up against is half the battle. Without good recon, it’s like trying to find “One Piece” without a road poneglyphs—pretty much impossible!

Installation and use of Ashok on Kali Linux

In this article, We’re excited to introduce to Ashok, a tool that’s as reliable as our favorite road trip song playlist. Whether we’re just curious or looking to add a new skill to our cybersecurity toolkit, We hope this journey as enjoyable as discovering a new vulnerabilities on the test target. Let’s get started.

 As written on Ashok’s GitHub Page:

Before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester which is specially designed for Reconnaissance phase. And in Ashok-v1.1 you can find the advanced google dorker and wayback crawling machine.

Main Features of Ashok

  • Wayback Crawler Machine
  • Google Dorking without limits
  • Github Information Grabbing
  • Subdomain Identifier
  • Cms/Technology Detector With Custom Headers

Install Ashok on Kali Linux

 Installing Ashok on our Kali Linux system is very easy. We just need to open our terminal window and apply the following command to clone it from GitHub:

git clone https://github.com/powerexploit/Ashok

After that we can see the output in the following screenshot:

clonning Asoke from GitHub

In the above screenshot we can see the output of above command. Now Ashok is on our system. So we just need to change our current working directory to Ashok by using the following command:

cd Ashok

Now we need to install requirements by applying following command:

python -m pip install -r requirements.txt

This command will install all the necessary things to run on our Kali Linux system. As we can see in the following screenshot.

Installing requirements for Ashok

Now we can run Ashok tool on our Kali Linux system.

Running Ashok on Kali Linux

Now the time has come that we run Ashok on our system. Before running it on a target we check Ashok’s help section. To do that we need to run following command:

python Ashok.py --help

In the following screenshot we can see the output of the above command:

Ashok help section

In the above screenshot we can see that how to use Ashok for different recons. In the following list we shows the uses of Ashok:

HTTP headers using –headers

DNS lookup using –dns

Sub-domain lookup using –subdomain

NMAP scan using –nmap

Extract data using Github username of target –username

CMS (Content Management System like WordPress and other) Detection using –cms

Extract links from target domain using –extract

CIDR (Classless Inter-Domain Routing) subnet lookup using –cidr

Banner grabbing using –banner

GeoIP of target IP address using –geoip

Internet archive crawling of target domain using –wayback

Google dorking using number of results as dork number using –dorknumber

For more details we can head over to Ashok’s WiKi Page. Let’s do a DNS scan of google.com. To do this we need to run following command:

python Ashok.py --dns google.com

We can see the output on the following screenshot:

DNS scan using Ashok

We also search for Internet archive (Wayback Machine) crawling on Ashok on our domain by using following command:

python Ashok.py --wayback kalilinx.in

 We can see the result on the following screenshot:

Ashok wayback machine crawling testing

The outputs of this scan also saved in Ashok’s directory as we can see in the screenshot below.

Wayback Machine's results stored

This is the uses of Ashok as our recon tool. Here just for example we show two use cases. But it is capable to do more. We can check it’s Wiki page to learn more uses of it.

This is how we can install and use Ashok and do our reconnaissance works easily on our Kali Linux system. Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel. We are striving to build a community for Linux and cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Install Nessus Vulnerability Scanner on Kali Linux

Install Nessus Vulnerability Scanner on Kali Linux

In this detailed article we learn “How to install Nessus on Kali Linux 2024.x“. Nessus is a very popular and widely used vulnerability scanner and assessment tool for testing web application and mobile application.

Nessus will be very helpful for penetration testers and bug bounty hunters. Nessus also helpful for web and mobile app developers to find and fix vulnerabilities. 

Install Nessus on Kali

Nessus is always updated and useful libraries for vulnerability and configuration checks. Also it’s analysis is very fast and accurate.

Key-Features of Nessus

  • The latest intelligence, rapid updates, an easy-to-use interface.
  • Covers an industry-leading 50,000+ vulnerabilities.
  • Network devices: Nessus can audit firewalls/routers/switches (Juniper, Check Point, Cisco, Palo, Alto Networks), printers, storage.
  • Virtualization: Nessus also can audit Virtual Systems like, VMware, VirtualBox, ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server.
  • Operating systems: Nessus can run against Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries.
  • Databases: It will scan inside various databases like, Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL, MongoDB
  • Web applications: Nessus can find vulnerabilities in Web servers, web services, OWASP vulnerabilities.
  • Cloud: We can use Nessus to scans cloud applications and instances like Salesforce and AWS et.
  • Compliance: Helps meet government, regulatory and corporate requirements. Nessus also will be useful for personal and development uses.

Installing Nessus on Kali Linux 2024.x

Nessus doesn’t comes pre-installed with Kali Linux, so we need to download and install it manually.

Nessus vulnerability scanner package is available for download in Tenable’s site. This is the official download site for Nessus.

Nessus selecting proper version for download for Kali Linux

After selecting proper version of Nessus (Linux Debian amd64) for our system we need to click on Download as shown in the following screenshot.

Downloading Nessus from official website

After we download Nessus installer file for our Kali Linux system. It will be saved on our Downloads folder. So we open the terminal and apply command cd Downloads to move to our working directory to Downloads and run following command to install Nessus on Kali.

sudo dpkg -i Nessus*.deb

Then it will start installing as shown in the following screenshot:

Installing Nessus deb file in Kali Linux

Okey, It is now installed. Let’s check if the installation is correct and Nessus is working or not.

First we enable Nessus service by using following command:

sudo systemctl enable nessusd

This command will enable nessusd services. After this we can start this service by using following command:

sudo systemctl start nessusd

Then we can check if it is running successfully or not via applying following command:

sudo systemctl status nessusd.service

If everything will be perfect then it should show outputs as following screenshot.

Nessus service is running sucessfully

In the above screenshot we can clearly see that Nessus service (nessusd) is active and running successfully.

Nessus installed successfully

Now we can run this. We need to open our web browser and navigate to https://localhost:8834 here we might got security warnings form browser but we can ignore it, because it is our localhost.

avoiding the browser warnngs

So we go to Advanced and processed to localhost.

Then we reach the beautiful Nessus Setup, as shows in the following screenshot:

Nessus Set-UP

Here we can “Continue” with “Nessus Essentials”. Then we got a form asking about our details like name and e-mail id. Here we need to provide a original e-mail id because Nessus will verify it. So we fill it and click to 

Nessus setup form fill up

Then we click on “E-mail” and an “Activation Code” will be send to our given e-mail id.

Nessus activation

Now we give the “Activation Code” and click on “Continue”, in the following screenshot we have hided our activation code.

Nessus sends activation code

Then we need to create user by creating username and password for login.

Creating username and paswsword for nessus

Then we can login. After login we see the front page of Nessus.

Nessus front page

Here we can submit our targets. Targets like hostnames, IP address (IPV6 or IPV4), to scan the target. We can put networks here to scan.

Similarly we can close this and click on “New Scan” to add targets, here we got lots of options as we can see in the following screenshot.

nessus new scan

From here we can scan our targets and know about it’s vulnerabilities.

Nessus is very useful for security researcher and it is very easy to use it. So in this tutorial we learned how we can install Nessus on Kali.

We can stop Nessus service on our system after using it by applying following command:

sudo systemctl stop nessusd

To start it again we can use:

sudo systemctl start nessusd

Then we just can go to https://localhost:8834 for Nessus.

Nessus also have a Paid Professional version to know about it please check this.

Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel. We are striving to build a community for  Linux and  cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Installing GoPhish on Kali Linux for Phishing Campaigns

Installing GoPhish on Kali Linux for Phishing Campaigns

Phishing is one of the most common attacks in today’s cybersecurity world. Many hackers from noob to pro all uses this method to gain access by tricking human’s brain. But these days humans are clever enough to get trapped in this.

Suppose we create a landing page of any popular website (for suppose Facebook) and send the target a email to the client that you have $200 unused advertising credit to be expire soon and when the user comes to the the landing page and there he suppose to provide his card details to get the free credit. Now these type of attacks generally not working. May work sometime for some targets because phishing is a very subjective attack but in most cases it really don’t work. A proper phishing campaign will be more effective for a bulk phishing attack.

Understanding Phishing Campaigns

In bulk phishing attack attack didn’t create the landing page and email for a specific people. They create those things in a very generic way and send the email to a large number of people. By using phishing campaign attackers try to trick people into giving up sensitive information, such as passwords, credit card numbers, or other various personal details. Attackers often do this by sending emails that appear to be from a legitimate source, like a bank or any well known brand. The email usually contains a link to a fake website that looks real. When the person enters their information on this fake site, the attackers steal it. Phishing Campaigns are well organized way to try phishing.

Installing GoPhish on Kali Linux

GoPhish on Kali Linux

GoPhish is an open-source tool to run a phishing campaign. It is designed to help organizations to run phishing attack on their employees and educated them about this type of attacks. GoPhish is also used by bad attackers. Previously we need to install it from GitHub and there are many errors to run this on Kali Linux. Now we can install it easiest method ever.

In today’s article we are going to learn how we can easily install GoPhish on our Kali Linux system and run it. Now this is very simple to do it. GoPhish is now available on Kali Linux repository so we just need to run following command to install it:

sudo apt install gophish -y

It requires password of user for authentication. In the following screenshot we can see the screenshot of applied command:

installing Gophish on Kali Linux

Now we can run GoPhish on our Kali Linux system by using following command:

sudo gophish

It may prompt for password and then it will start as we can see in the following screenshot:

gophish running on kali linux

Here we can see the link of GoPhish web application and we also can see default web admin login and password. Let’s open the link on our web browser.

Got an warning on gophish web

Opps…. We got a warning because this localhost web panel doesn’t have a certificate issued by a trusted certificate authority. No issue its running inside our system. So we click on the “Advanced” option and then click on the “Accept the Risk and Continue” option.

Gophish warning problem solved on Kali Linux

After that GoPhish login panel will be in front of us, as we can see in the following screenshot:

GoPhish web login panel on Kali Linux

We got the default username and password on the terminal window, we can login by using that credentials. Just after that GoPhish will prompt for resetting the password. We must need to change the default password for security seasons. Here we have to choose a strong password and set it. After that we are finally at the GoPhish web interface. Initially it looks like following screenshot:

GoPhish on Kali Linux

Now here we can create phishing campaigns and manage it easily. We are going to spoon feed everything. Researching own things are one of the best way to learn. Directly demonstrating of running a phishing campaigns on a public domain is not so much ethical in our opinion. But everything is there on the “User guide” option.

GoPhish sucessfully running

On the “User Guide” and “API Documentation” we got everything we need to learn. Like on the “User Guide” we get a well organized menu for every options, as we can see in the following screenshot:

GoPhish User Guide on Kali Linux

This is how we can install and run GoPhish on Kali Linux system. GoPhish is a very powerful tool which simplifies the process of organizing phishing simulations. By using GoPhish on Kali Linux, we can effectively test and improve our organization’s resilience to phishing attacks.

Warning: This article is for research and educational purposes only. We are not responsible for any actions or damages resulting from using this information. Use GoPhish only having explicit permission to test. Unauthorized use can result in legal consequences. We strongly advise ethical and responsible usage.

Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel. We are striving to build a community for Linux and cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Unlocking the Slot Machine: Reels, Paylines, Symbols & Bonuses

Unlocking the Slot Machine: Reels, Paylines, Symbols & Bonuses

Unlocking the Slot Machine

Welcome to the enthralling world of slot machines, where every pull of the lever or push of a button sends players on an exhilarating journey of chance and excitement. Behind the flashing lights and enticing sounds lies a sophisticated labyrinth of gears, algorithms and psychology meticulously crafted to engage players and keep them enthralled. In this exploration of slot machine mechanics we uncover the inner workings of these captivating devices, shedding light on the intricate components that shape the gameplay experience. From the spinning reels to the dazzling array of symbols and bonus features, each element contributes to the tapestry of anticipation and suspense that defines the allure of slot machines. Join us to reveal the secrets behind the magic, offering insights into the key components that drive the pulse-pounding action of one of the most beloved pastimes in the world of gaming.

Reels as The Heart of the Machine

Our journey starts in the beating heart of the slot machine – the reels. These spinning cylinders are not merely for show – they are the very essence of the game’s mechanics. Picture them as the canvas upon which fortunes are painted with every spin. When exploring the basics of reels, one must understand that they come in various configurations, typically three or more, each adorned with a myriad of symbols. From classic fruit motifs to thematic icons, the variety is as vast as the imagination. But their function transcends mere decoration. The role of reels in determining wins is pivotal. With every pull of the lever or push of a button the reels come to life, each rotation holding the promise of success or the sting of defeat. The alignment of symbols across these spinning cylinders is what dictates the outcome, with certain combinations heralding victory and others leading to disappointment. Thus, the reels are not just mechanical components, they are the arbiters of fate, the ultimate deciders of fortune in the world of slot machines.

Mapping the Path to Victory with Paylines

Now let’s unveil the significance of paylines. Paylines serve as the guiding threads that navigate players through the labyrinth of symbols on the reels, ultimately determining the outcome of each spin. However, their influence extends far beyond mere alignment as paylines wield a profound impact on the distribution of wins and payouts. By unraveling the concept of paylines and understanding how they influence gameplay, players can strategize their approach for maximum success. To provide a comprehensive overview of this relationship, let’s look into a table below:

Number of Paylines Influence on Payouts
Fewer Paylines Higher payouts per winning combination but less frequent wins
More Paylines Lower payouts per winning combination but increased chances of winning and triggering bonus features

Decoding the Language of Symbols

The variety of symbols adorning the reels is a testament to the creativity and imagination of game developers, ranging from classic fruits and lucky sevens to mystical creatures and ancient artifacts. Among these, the Pirates Plenty The Sunken Treasure Demo offers a rich array of pirate-themed symbols that add depth and intrigue to the gameplay experience. Each symbol in this game, like cursed coins and hidden treasures, carries its own unique charm and significance, unlocking untold riches and triggering exciting bonus features. Understanding the significance of symbol combinations is akin to mastering a secret language, where specific sequences can unlock hidden treasures and pave the way to monumental wins. Whether it’s aligning rows of golden coins or unveiling the elusive wild symbol, the art of decoding symbol combinations is essential for maximizing your chances of success.

Bonus Features and Elevating the Thrill of Gameplay

Slot machine bonus features are dynamic additions to gameplay and serve as the gateway to enhanced excitement and increased rewards. From free spins and cascading reels to interactive mini-games and progressive jackpots, bonus features introduce a whole new dimension to the gaming experience. However, their impact goes beyond mere entertainment – bonus features have a profound effect on gameplay dynamics. By injecting elements of unpredictability and suspense, they keep players engaged and eager to spin the reels. Whether it’s triggering a thrilling bonus round or uncovering a hidden multiplier, these features add depth and excitement to every spin, ensuring that players remain captivated by the thrill of the game.

Ending Notes

Understanding the key components of slot machine is paramount to unlocking the full potential of this thrilling pastime. From the spinning reels to the intricate paylines and captivating symbols, each element plays a vital role in shaping the gaming experience. The reels serve as the canvas upon which fortunes are painted, while the paylines act as the pathways to victory. Meanwhile, the symbols, with their varied designs and meanings, add depth and excitement to every spin. Together all these components create a tapestry of excitement and anticipation that keeps players coming back for more.

By enhancing your understanding of these components you can elevate your gameplay. With knowledge comes power, and armed with insights into how these components function and interact you can make informed decisions that increase your chances of success. Whether you’re a seasoned veteran or a newcomer to the world of slot machines, taking the time to familiarize yourself with these essential elements will undoubtedly improve your gaming. So, as you continue your journey, may your newfound understanding serve as a guiding light, leading you to greater thrills and victories on the spinning reels.

What Cybersecurity Experts Do with a suspicious E-Mail?

What Cybersecurity Experts Do with a suspicious E-Mail?

In today’s digital era, we forgot about sending letters to our friends; nowadays, we have emails. As cybersecurity experts, we have lots of encounters with suspicious target emails, sometimes during red teaming for information gathering we also need to go offensive to extract details of a person from e-mail address. Usually we analyze metadata, tracing the email’s journey through servers to pinpoint its origin. Then, we analyze the sender’s identity or other information, checking if their are signs of impersonation or phishing. Next, we carefully examine the email’s content for malicious links or attachments. But that is a manual process and seems very boring for a lazy person.

e-mail forensics on Kali Linux using Mosint tool

Mosint the Mail OSINT

If we have a OSINT (Open Source Intelligence) tool, then manually checks?  Today on our deck we have an OSINT tool called Mosint (did this name came from Mail OSINT?). Mosint is an automated email OSINT tool written in Go language that allows us to investigate for target emails in a fast and efficient manner. It consolidates numerous services, enabling security researchers to swiftly access a wealth of information.

Now it’s time to install Mosint on our Kali Linux system. Here we are using Kali Linux system but on the same way we can install it other Debian-based Linux distributions.

It is on the Go language so first we need to install Go language on our system by using following command:

sudo apt install golang -y

The above command will install Golang on our Kali Linux system, as we can see in the following screenshot:

installing Golang on Kali Linux

If this method of installing Golang isn’t working then we can install it manually by following our old article about installing Golang on Kali Linux system.

Now we have installed Golang on our Kali Linux system and now we are all set to install Mosint. We can clone it from GitHub and install it but that thing we did on all GitHub cybersecurity tools. What if today we do something different. Today we are gonna install and run it via Docker. Now  a Docker container is a lightweight, portable, self-sufficient package that includes all necessary components to run program. We already have a dedicated article on Docker.

Docker comes pre-installed on Kali Linux’s almost all versions but in case we need to install it we can run following command:

sudo apt-get install docker.io -y

in the following screenshot we can see that we already have docker on our system.

docker installation on Kali Linux

Now we can easily install Mosint on our system via docker by simply using following command:

sudo docker build -t mosint .

We can see the process of above command on the following screenshot:

mosint installation via docker on kali linux

It may take a minute depending on our internet speed and system configuration. After the setup is complete we run the Mosint tool via Docker. First let’s check the help options via following command:

sudo docker run mosint --help

In the above command first we use sudo command to run Docker as the superuser or root user otherwise it will show us “permission denied” issue. Then we call Docker and command it to run run Mosint then we can use Mosint’s flags to use it, as example here we used the –help flag to see what we can do with Mosint, as we can see in the following screenshot:

checking help options of mosint via docker on Kali Linux

Let’s not wasting anymore time and run it against an e-mail address. So the command will be as following:

sudo docker run mosint [email protected]

In the place of [email protected] we need to put our target e-mail id. Here for example we choose our business e-mail address and we can see the output on the following screenshot:

mosint analysing an Email on Kali Linux

On the following screenshot we can see the result:

Mosint tool results against a e-mail id on Kali Linux

Mosint can check various services to gather information of an e-mail id. On the above screenshot we can see various details like It’s not a disposable mail address, IP address of mail service provider, Social media account information (yes we don’t have any with this mail), and even Google search results.

Mosint’s main features are:

  1. Fast and simple email-based scanning
  2. Optimized for ease of use and lightweight on resources
  3. Email verification and validation
  4. Checking Social Media Accounts
  5. Checking data breaches and password leaks
  6. Finding related emails and domains
  7. Scanning pastebin dumps
  8. Google Search
  9. DNS/IP Lookup
  10. Output to JSON file

Services used by Mosint

There are lot’s of functions are in this Mosint tool. It also uses some online services like

Some of the above services requires to put API keys on the Mosint tool for details we can check their GitHub repository

Extra Talks About E-mail’s Forensics

This is the basics to gather information about a target mail id. Previously we need to do things manually and complete the following checklist:

  1. Header Investigation: Suppose we have received a package. Before opening it, we check the package’s label to see where it’s came from and who sent it. Similarly, we’ll check the email’s header, which is like its digital label, to trace its origin & path.
  2. Metadata Check: Sometimes file like image files have metadata store inside it, in simple words these are like where about of files. So if we get an e-mail with files we can check the metadata to extract some information like when they were sent, from which device, and sometimes even the sender’s location.
  3. IP Address Tracing: This is very important to check the sender’s IP address, IP will lead us to target’s location.
  4. Email Service Provider Investigation: There are different types of mail carriers. Some are like the big, well-known e-mail services, while others are like local e-mail service providers. If we identify the email service provider, then in some cases we can understand more about how the email was sent.
  5. Content Analysis: May be the email content is like deciphering a secret code. We’ll carefully read through the email to uncover any hidden meanings, clues, or unique characteristics that could reveal more about the sender.
  6. Attachments Examination: If the e-mail comes with some extra media files with it then before opening it, we would inspect everything to make sure it’s safe because some file formats can be comes with execution payloads.
  7. Social Media and Online Presence: When we need to search something we use search engines. Similarly we’ll search for the email ID on social media and other online platforms. This helps us build a profile of the target and potentially uncover more about their identity and activities.

This is how we cybersecurity experts inspect an e-mail. We have try to cover the basic things of it and learnt using of Mosint tool on Kali Linux system. Hope this article will be helpful.

Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Exploring the Evolution of 4rabet: A Journey from Inception to Prominence

Exploring the Evolution of 4rabet: A Journey from Inception to Prominence

The Evolution of 4rabet Company

review of 4rabet as a cybersecurity expert

Since its inception, https://4rabet-sport.com/ has undergone a remarkable evolution, transforming from a fledgling betting platform into a prominent player in the online gambling industry. This journey, marked by key milestones, innovative strategies, and a steadfast commitment to excellence, has propelled 4rabet to the forefront of the betting world.

Founding and Early Growth

 Founded on the principles of innovation and customer satisfaction, 4rabet began its journey with a vision to revolutionize the online betting experience. In its early days, the platform focused on building a robust infrastructure, forging strategic partnerships, and establishing a strong foothold in the competitive betting market. Through relentless dedication and a customer-centric approach, 4rabet quickly gained traction among bettors seeking a reliable and immersive betting platform.

Innovations and Advancements

 Central to 4rabet’s success has been its commitment to innovation and continuous improvement. The platform has consistently pushed the boundaries of what is possible in online betting, introducing cutting-edge features and functionalities to enhance the user experience. From intuitive interfaces and mobile optimization to live betting options and personalized recommendations, 4rabet has remained at the forefront of technological innovation, setting new standards for excellence in the industry.

Expansion and Global Reach

 As 4rabet continued to grow and expand its offerings, it also embarked on a journey of global expansion, reaching new markets and audiences around the world. Through strategic partnerships and targeted marketing initiatives, 4rabet has successfully penetrated diverse geographical regions, cementing its position as a global leader in the betting industry. Today, 4rabet boasts a widespread presence, catering to the diverse needs and preferences of bettors across continents.

Commitment to Excellence

  • Unwavering commitment to excellence in all aspects of operations.
  • Prioritization of customer service and user experience.
  • Emphasis on security and responsible gambling practices.
  • Fostering a culture of transparency, integrity, and accountability.
  • Trust and loyalty earned from millions of bettors worldwide.
  • Solidification of reputation as a trusted and reputable betting platform.

Looking Ahead

Image by user15245033 on Freepik
Image by user15245033 on Freepik

As 4rabet continues to evolve and adapt to the ever-changing landscape of the betting industry, the future holds exciting possibilities and opportunities for growth. With a relentless focus on innovation, customer satisfaction, and responsible gambling, 4rabet is poised to build upon its past successes and further solidify its position as a leader in the online betting market. As the journey of 4rabet unfolds, bettors can expect a continued commitment to excellence and a dedication to providing an unparalleled betting experience for years to come.

FAQs

What distinguishes 4rabet from other betting platforms?

4rabet stands out from its competitors with its user-friendly interface, diverse range of sports markets, and innovative features such as live betting options and personalized recommendations. Additionally, 4rabet prioritizes responsible gambling initiatives, ensuring a safe and enjoyable betting experience for all users.

How does 4rabet ensure the security of user data and transactions?

4rabet employs state-of-the-art encryption technology and robust security protocols to safeguard user data and transactions. The platform undergoes regular audits and adheres to stringent regulatory standards to maintain the highest levels of security and compliance.

What support options are available for users on 4rabet?

4rabet offers comprehensive customer support options, including live chat, email support, and a detailed FAQ section, to assist users with any queries or issues they may encounter. Additionally, the platform provides resources and links to support organizations for users who may need assistance with responsible gambling practices.

Passhunt on Kali Linux — Exposes the Nightmare of Default Passwords

Passhunt on Kali Linux — Exposes the Nightmare of Default Passwords

Hope you are all doing awesome. As always, today we’re agin going to learn something from the basics of cybersecurity world, where a seemingly harmless string of characters can become our nightmare. Yes, you guessed it—we’re talking about default passwords. Not only that We also learn how we can use a tool called Passhunt on our Kali Linux system and find loopholes on various devices.

Why Default Passwords Are So Dangerous?

Now, imagine we’re working on our own home or office. We’ve got all these trusty devices—like routers, webcams, printers—keeping our connection the world and running our work smoothly. But here’s the catch: many of these devices come with default usernames and passwords straight out of the box.

At first glance, default passwords might seem like a easy shortcut. After all, who wants to spend time to set up a new password when we can just use the one that’s already there, right? Wrong! Default passwords are like leaving the front door of our system wide open for bad characters. Devices with default credentials aren’t just in danger—they are the danger. Anybody can enter the system without knocking the door.

meme on devices with default credentials

Let we have a look how default passwords can lead to some serious cyber attacks on us.

  • Network Nets: Imagine that—we’ve got our brand new router up and running, blissfully unaware that it’s still using the default password. Along comes a crafty bad attacker who sniffs out our router’s vulnerability faster than we can type “password123.” With access to our router, the attacker can wreak havoc on our entire network—slowing down our internet, eavesdropping on our data, or even launching full-blown cyber attacks. It’s like handing over the keys to our system on a silver platter!
  • Web Woes: Next up, we’ve got webcams. These little things might seem innocent enough, but with default passwords, they’re serious trouble makers. Imagine a attacker gaining access to our webcam without we even knowing it. They could spy on our every move, invade our privacy, or even use the footage for blackmail. It’s like having an unwanted guest lurking in the shadows of our home, and nobody wants that!
  • Printer Predicaments: Last but not least, let’s talk about printers. Yes, even these humble machines aren’t safe from the perils of default passwords. With access to our printer, a attacker could intercept sensitive documents, manipulate print jobs, or even launch a good old-fashioned printer hack (yes, that’s a thing!), gaining unauthorized access to sensitive documents stored on the printer’s memory. It’s like turning your trusty printer into a cyber tool, ready to strike at a moment’s notice.

So, what’s the moral of the story? It’s simple: always, always, always change default passwords. Whether it’s for our router, our webcam, our printer, or any other device in our supervision, we shouldn’t take shortcuts when it comes to security. Humans are the most weakest point in any security system. Humans are normally stupid, not really, a better word would ignorant, they don’t aware how stuff works. We just want that our router runs perfectly for Netflix and chill.

Hunting down default passwords using Passhunt

Enough talking about layman’s who ever reading this considers as a cyber security expert and we cyber security experts didn’t came here to learn those above things. We wanna test these kind of vulnerabilities due to human errors. Passhunt is a Python script which is going to help us on this matter.

This Passhunt tool originally created by Viral Maniar which can search through 523 vendors and their 2084 default passwords. It works like a database. Passhunt was giving some issues on newer Python and Kali Linux version. We have updated this script and removed some unwanted lines to run it on our Kali Linux system.

Let’s fire up our Kali Linux Terminal and type following command to clone Passhunt from Github:

git clone https://github.com/jaykali/Passhunt

After pressing Enter ↲ button on our keyboard Passhunt will be downloaded on our system as we can see in the following screenshot.

Passhunt clonning from Github

Now we are going to use cd command to go to the Passhunt directory. The command will be following:

cd Passhunt

Now we need to install required dependencies to run Passhunt and the command will be following:

pip3 install -r requirements.txt

It may take some seconds depending on our internet speed and system configuration. In the following screenshot we can see the output of above commands.

preparing Passhunt on Kali Linux

Now we are going to run Passhunt by using following command:

python passhunt.py

Now our password hunter Passhunt is ready and running as we can see in the following screenshot.

Passhunt running on Kali Linux

In the above screenshot we can see that there are 3 options only on the main menu.

  1. List supported vendors: By pressing 1 and Enter we can see all the supported vendors (brands) names list.
  2. Search Default Password: We can Hit 2 and Enter to search for a Vendor’s default credentials.
  3. Exit: To quit this tool we just need to type 3 and hit Enter.

Now assume we have encountered with a D-Link device, and we are thinking to try default passwords login on this then we can search for it on Passhunt by pressing 2 and hit Enter ⤶.

Then it will prompt for vendor’s name we can use D-Link in our case. After that we are able to see the list of D-Link devices and their default credentials. Here we can choose our target device as we can see in the following screenshot:

passhunt is hunting for default credentials

This is how we can search for default password database using Passhunt on our Kali Linux system. Nowadays default password devices are rare every device have it’s own default password written on somewhere in the packets. But there are some web services which are old and not updated for a while even offices, universities, households use very old model routers for saving some bucks. Humans are 

Humans are ignorant they really don’t care about these online security. They uses same passwords on internet banking, social media even in shopping sites also. They don’t change the default passwords of devices. Those things are really scary.

One more thing, If our target device is a router and it have a WPS button (ultra modern routers usually don’t have WPS button, others may have) then we can also try Pixie Dust Attack to crack it.

That is it for today. We already knows that default passwords are very risky and learn something new i.e using Passhunt on our Kali Linux system and search for default passwords and credentials.

Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Parsero — Scan for Vulnerability

Parsero — Scan for Vulnerability

The world of cybersecurity is really thrilling where every click, tap and byte counts. Today, we are going to learn the basics with a nifty tool called Parsero on our Kali Linux system.

Parsero is like a digital bloodhound with a mission to sniff out vulnerabilities in websites. It’s basically like our cyber detective buddy, equipped with the skills to uncover any hidden threats lurking in the depth.

Parsero Scan for Vulnerability on Kali Linux

 Now let’s get our hands dirty and dive into the action.

First of all we need to have Parsero tool on our system. Don’t worry it comes pre-installed with our Kali Linux full version if not we can simply install it by using following command on our Kali Linux Terminal:-

sudo apt install parsero -y

Then it will prompt for our root password and it will be installed within some seconds.

Before use Parsero on our Kali Linux system let we check the options of this tool by using following command:

parsero -h

The above command will show the help of Parsero tool as we can see it on the following screenshot.

Parsero help options on Kali Linux

Let’s run it against a target. Lord Google can be an example just for scanning purpose. We are not really attacking the Lord of surface internet. We should not attack any website without proper legal written permission. We can create our own vulnerable site for that. So the command will be as following:

parsero -u https://www.google.com

We can see the result of the above command in the following screenshot:

parsero performing aginst a target

In the above screenshot we can see that Parsero is performing well and finding some directories.

Parsero is actually a Python script which reads the robots.txt of a website and looks at the Disallow entries. The Disallow
entries tell the search engines what directories or files hosted on a
web server mustn’t be indexed. For example, “Disallow: /portal/login”
means that the content on www.example.com/portal/login it’s not allowed
to be indexed by crawlers like Google, Bing, Yahoo etc. This is the way
the administrator have to not share sensitive or private information
with the search engines.

But sometimes these paths typed in the Disallows entries are directly
accessible by the users without using a search engine, just visiting
the URL and the Path, and sometimes they are not available to be visited
by anybody. Because it is really common that the administrators write
a lot of Disallows and some of them are available and some of them are
not, we can use Parsero in order to check the HTTP status code of each
Disallow entry in order to check automatically if these directories are
available or not.

Also, the fact the administrator write a robots.txt, it doesn’t mean
that the files or directories typed in the Dissallow entries will not
be indexed by Bing, Google, Yahoo, etc. For this reason, Parsero is
capable of searching in Bing to locate content indexed without the web
administrator authorization. Parsero will check the HTTP status code in
the same way for each Bing result.

We can see there are a lots of red lines on Parsero result which indicates

  1. 200 OK               The request has succeeded.
  2. 403 Forbidden    The server understood the request, but is refusing to fulfill it.
  3. 404 Not Found    The server hasn’t found anything matching the Request-URI.
  4. 302 Found           The requested resource resides temporarily under a different URI (Uniform Resource Identifier).

If we want to see only the “HTTP 200” status code then we have to use the -o flag just like following:

parsero -o -u https://www.google.com

In the following screenshot we can see only the “HTTP 200” status codes.

parsero http 200 status codes only

Also If we have a list of domains to run Parsero then we can note down those websites on a text file each on a line just like the following screenshot:

 

Parsero target list

If we have another targets we can add them like the above. Now we can scan the list with Parsero. Before that we need to specify our website’s list named ‘targets.txt’, which is stored on our Desktop and we also want to see “HTTP 200” status codes only. So our command will be following:

parsero -o -f ~/Desktop/targets.txt

After running the above command Parsero will start scanning the websites given on the list as we can see in the following screenshot.

Parsero on multiple targets

Once Parsero completes its scan, it’ll spit out a detailed report
highlighting any potential vulnerabilities it found. We need to pay close attention
to these findings as it will give us valuable insights into how secure
(or not-so-secure) the website is.

And there we have it, folks! We’ve just dipped our toes into the
world of cybersecurity with Parsero on Kali Linux. But remember, this is
just the beginning. The cyber realm is vast and ever-evolving, so we need to stay
curious, keep learning, and never underestimate the power of a good
cyber tool in our arsenal. Happy hunting, and may the digital winds be
ever in our favor!

Love our article? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group & Whatsapp Channel We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Best USB WiFi Adapter For Kali Linux 2024 [Updated February]

Best USB WiFi Adapter For Kali Linux 2024 [Updated February]


Best WiFi Adapter for Kali Linux

Nowadays using Kali Linux becomes very simple as our primary operating system because of the non-root user. The main benefit of using Kali Linux as primary OS is we got the hardware support. Yes, we can do our all penetration testing jobs with this Kali Linux 2024, but to play with wireless networks or WiFi we need some special USB WiFi adapters in Kali.
Best WiFi Adapter for Kali Linux

Here we have listed some best USB Wireless adapters Kali Linux in 2024. These WiFi adapters are 100% compatible with Kali Linux and supports monitor mode and packet injection, which will help a lot in WiFi penetration testing.

Best WiFi Adapter for Kali Linux

Sl
No.
WiFi
Adapter
Chipset
Best
for
Buy
1
AR9271
Good Old Friend
2
AR9002U/RTL8188EUS
Single Band for Beginners
3
RTL8821AU
Best in Budget
4
RT
3070
Best
in it’s Price Range
5
RT
3070
Compact
and Portable
6
RT
5572
Stylish
for the Beginners
5
RTL8812AU
Smart
Look & Advanced
6
RTL8814AU
Powerful & Premium
7
RT5372
Chip, Single Band

Alfa AWUS036NH

We are using this USB WiFi adapter from the BackTrack days (before releasing Kali Linux) and still we consider it as one of the best. For it’s long range signals we can do our penetration testing jobs from a long distance.

Alfa AWUS036NHA Kali Linux WiFi Adapter 2020

Alfa AWUS036NH is plug and play and compatible with any brand 802.11g or 802.11n router using 2.4 GHz wavelength and supports multi-stream & MIMO (multiple input multiple output) with high speed transfer TX data rate up to 150 MBPS. It also comes with a clip which can be used to attach this adapter on a laptop lid.

  1. Chipset: Atheros AR 9271.
  2. Compatible with any brand 802.11b, 802.11g or 802.11n router using 2.4 Ghz wave-length.
  3. Includes a 5 dBi omni directional antenna as well as a 7 dbi panel antenna.
  4. Supports security protocols: 64/128-bit WEP, WPA, WPA2, TKIP, AES.
  5. Compatible with Kali Linux RPi with monitor mode and packet injection.
  6. High transmitter power of 28 dBm – for long-rang and high gain WiFi.
https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NHA&qid=1594882122&sr=8-6&linkCode=ll1&tag=adaptercart-20&linkId=2f09cf7cc9b84fcd2be61c590af1d25c&language=en_US
TP-Link WN722N was very popular WiFi adapter for cybersecurity students. But after relesing the version 2 and 3, it is not so popular now, because it doesn’t support monitor mode and packet injection directly. But in it’s price range it is easy buy. This WiFi adapter have a detachable antenna which makes it very portable.
tp link wn722n wifi adapter

TP-LinkWN722N have AR9002U chipset on it’s version 1 and RTL8188EUS chipset on version 2/3 We have an article to use TP-Link WN722N Version 2 and 3 for monitor mode and packet injection on Kali Linux.

  1. Chipset: AR9002U/RTL8188EUS.
  2. Compatible with 2.4 Ghz band only.
  3. 3 dBi onmi directional & detachable antenna.

We need to remember one thing that this adapter’s version 2 and 3 didn’t support Monitor Mode and Packet Injection directly we need a tweaking on it as we discussed on this article.

https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NHA&qid=1594882122&sr=8-6&linkCode=ll1&tag=adaptercart-20&linkId=2f09cf7cc9b84fcd2be61c590af1d25c&language=en_US

TP-Link AC600/T2U Plus

Here comes the real budget king. This TP-Link AC600 or T2U Plus has really proven itself with monitor mode, packet injection and soft AP support. This WiFi adapter is not plug and play on Kali Linux. We just need to set the driver for TP-Lnik AC600 on Kali Linux.

tplink ac 600tplink t2u plus wifi adapter on kali linux

It comes with a fixed 5dBi antenna which can be 180° rotatable. In this price segment it supports monitor mode on both 2.4 Ghz and 5 Ghz networks. It can be the best choice for ethical hacking students. It has lots of features in this budget.

  1. Chipset: RTL8821AU.
  2. Dual band monitor mode support.
  3. Fixed Antenna

It also require a very little bit of tweaking to make it work on Kali Linux. All about it we had already discussed on our previous article. In our opinion go with this WiFi adapter when have a tight budget, because it’s build quality is not like the Alfa Cards.

https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NHA&qid=1594882122&sr=8-6&linkCode=ll1&tag=adaptercart-20&linkId=2f09cf7cc9b84fcd2be61c590af1d25c&language=en_US

Alfa AWUS036NHA

Alfa again. Alfa provides the best WiFi adapters for Kali Linux. This adapter is the older version of Alfa AWUS036NH with Ralink RT3070 chipset. AWUS036NHA is the IEEE 802.11b/g/n Wireless USB adapter with 150 Mbps speed This is also compatible with IEEE 802.11b/g wireless devices at 54 Mbps.

Alfa AWUS036NH Kali Linux WiFi Adapter 2020

This plug and play WiFi adapter supports monitor mode and packet injection in any Linux distribution and Kali Linux. Alfa AWUS036NHA comes with a 4 inch 5 dBi screw-on swivel rubber antenna that can be removed and upgrade up to 9 dBi.

  1. Chipset: Ralink RT 3070.
  2. Comes with a 5 dBi omni directional antenna as well as a 7 dBi panel antenna.
  3. Supports security protocols: 64/128-bit wep, wpa, wpa2, tkip, aes
  4. Compatible with Kali Linux (Also in Raspberry Pi) with monitor mode and packet injection.
https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NH&qid=1594870855&s=amazon-devices&sr=8-1&linkCode=ll1&tag=adaptercart-20&linkId=4c49c0097d6157190cf04122e27714ed&language=en_US

Alfa AWUS036NEH

This Alfa WiFi Adapter is compact and tiny, but it has a good range. It supports plug and play so connect it with Kali Linux machine and start playing with WiFi security. The antenna is detachable and makes it very portable. We have used this to build our portable hacking machine with Raspberry Pi and Kali Linux.

Alfa AWUS036NEH Kali Linux WiFi Adpater 2020

Alfa AWUS036NEH is the ultimate solution for going out and red teaming attacks. The long high gain WiFi antenna will give us enough range to capture even low signal wireless networks. This adapter is slim and doesn’t require a USB cable to use.

  1. Chipset: Ralink RT 3070.
  2. Supports monitor mode and packet injection on Kali Linux and Parrot Security on RPi.
  3. Compact and portable.
https://www.amazon.com/AWUS036NEH-Range-WIRELESS-802-11b-USBAdapter/dp/B0035OCVO6/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NEH&qid=1594870918&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=c6578f6fb090f86f9ee8917afba3199a&language=en_US

Panda PAU09 N600

Besides Alfa, Panda is also a good brand for WiFi adapters with monitor mode. Panda PAU09 is a good WiFi adapter to buy in 2024. This dual-band plug & play adapter is able to attack both 2.4 GHz as well as 5 GHz 802.11 ac/b/g/n WiFi networks.

Panda PAU09 WiFi adapter for monitor mode

This adapter comes with a USB docker and dual antennas, which looks really cool. It is also detachable into smaller parts. This adapter is reliable even on USB 3 and works great and fully supports both monitor mode and injection which is rare on a dual band wireless card out of the box.

  1. Chipset: Ralink RT5572.
  2. Supports monitor mode and packet injection on Kali Linux, Parrot Security even in RPi.
  3. 2 x 5dBi antenna.
  4. It comes with a USB stand with a 5 feet cable.
  5. Little bit of heating issue (not so much).
https://www.amazon.com/Panda-Wireless-PAU09-Adapter-Antennas/dp/B01LY35HGO/ref=as_li_ss_tl?dchild=1&keywords=Panda+PAU09&qid=1594870963&sr=8-1-spons&psc=1&spLa=ZW5jcnlwdGVkUXVhbGlmaWVyPUEzRUUwQjNVSkNGMEFIJmVuY3J5cHRlZElkPUEwODkwNzI3MkZHWUFNUTBRMlRTQSZlbmNyeXB0ZWRBZElkPUEwNzkxNzgzMTBaUEdDS05IUzdDTSZ3aWRnZXROYW1lPXNwX2F0ZiZhY3Rpb249Y2xpY2tSZWRpcmVjdCZkb05vdExvZ0NsaWNrPXRydWU=&linkCode=ll1&tag=adaptercart-20&linkId=d9d43db491c7cf14863cc99c1b8b7797&language=en_US

Alfa AWUS036ACH / AC1200

In Kali Linux 2017.1 update Kali Linux was released a significant update – support for RTL8812AU wireless chipset. Now Alfa AWUS036ACH is a BEAST. This is a premium WiFi adapter used by hackers and penetration testers. It comes with dual antennas and dual band technology (2.4 GHz 300 Mbps/5 GHz 867 Mbps) supports 802.11ac and a, b, g, n.

Alfa AWUS036ACH WiFi adapter for Kali Linux

These antennas are removable and if we require higher range, then we can connect an antenna with greater dbi value and use it as a long range WiFi link which makes this one of the best WiFi adapters. Also this adapter has an awesome look.
If budget is not an issue then this adapter is highly recommended.

  1. Chipset: RealTek RTL8812AU.
  2. Dual-band: 2.4 GHz and 5 GHz.
  3. Supports both monitor mode & packet injection on dual band.
  4. Premium quality with high price tag.
https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00VEEBOPG/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871102&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=928256b6b245a63277f865d406f44c02&language=en_US

Alfa AWUS1900 / AC1900

Now this is the beast, then why is it at last? It is last because of its high price range. But the price is totally worth it for this USB WiFi adapter. If the previous adapter was a beast then it is a monster. Alfa AWUS1900 has high-gain quad antenna that covers a really long range (500 ft in an open area).

This is a dual band WiFi adapter with high speed capability 2.4GHz [up to 600Mbps] & 5GHz [up to 1300Mbps]. It also has a USB 3.0 interface.

Alfa AWUS036ACH The best wifi adapter for hacking in Kali Linux

Monitor mode and packet injection supported with both bands and it will be very useful for serious penetration testers. We also can attach this on our laptop display with it’s screen clip provided with the box.


What we got in the box?

  • 1 x AWUS1900 Wi-Fi Adapter
  • 4 x Dual-band antennas
  • 1 x USB 3.0 cable
  • 1 x Screen clip
  • 1 x Installation DVD-Rom (doesn’t require on Kali Linux. Plug&Play)
  • A consistent solution for network congestion!
  1. Chipset: RealTek RTL8814AU.
  2. Dual-band: 2.4 GHz and 5 GHz.
  3. Supports both monitor mode & packet injection on dual band.
  4. Premium quality with high price tag.
  5. Very long range.
https://www.amazon.com/Alfa-AC1900-WiFi-Adapter-Long-Range/dp/B01MZD7Z76/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871169&sr=8-4&linkCode=ll1&tag=adaptercart-20&linkId=d62c81825eace1b0f09d0762e84881c4&language=en_US


Panda PAU 06

Yes, This low cost Panda PAU 06 WiFi adapter supports Monitor Mode and Packet Injections. But we really don’t suggest to buy this adapter if budget is not an issue.
panda pau 06 wifi adapter for Kali Linux
The main reason is this WiFi adapter doesn’t supports dual-band frequency (only supports 2.4GHz), it doesn’t supports 5GHz frequency.
This WiFi adapter comes with Ralink RT5372 chipset inside it. 802.11n standards supports 300MB per second maximum speed.
This adapter takes less power from computer, but other adapters doesn’t took too much power from system (this point is negligible).
panda pau 06 order on amazon

Extras

There are some more WiFi adapters that we did not cover because we didn’t test them on our hands. These WiFi adapters were owned by us and some of our friends so we got a chance to test these products.Be Careful to choose from unofficial sellers, because sometimes they sell exactly same model with a cheaper chipset which surely not support monitor mode neighter packet injection. As per our own experience Alfa cards are the best in the case of WiFi Hacking.

How to Choose Best Wireless Adapter for Kali Linux 2024

Before
going through WiFi adapter brands let’s talk something about what kind
of WiFi adapter is best for Kali Linux. There are some requirements to
be a WiFi penetration testing wireless adapter.

  • Should support Monitor mode.

  • The ability to inject packets and capture packets simultaneously.

Here are the list of WiFi motherboards supports Monitor mode and Packet injection.

  • Atheros AR9271 (only supports 2.4 GHz).
  • Ralink RT3070.
  • Ralink RT3572.
  • Ralink RT5370N
  • Ralink RT5372.
  • Ralink RT5572.
  • RealTek 8187L.
  • RealTek RTL8812AU (RTL8812BU & Realtek8811AU doesn’t support monitor mode).
  • RealTek RTL8814AU
  • RTL8188EUS (requires modified driver)
  • RTL8821AU (require some installations)

So
we need to choose WiFi Adapter for Kali Linux carefully. For an
Example, on the Internet lots of old and misleading articles that
describe TP Link N150 TL-WN722N is good for WiFi security testing. But it is not totally true. Actually it was.The
TP Link N150 TL-WN722N’s previous versions support monitor mode. The
version 1 comes with Atheros AR9002U chipset and supports monitor mode.
Version 2 and 3 has the Realtek RTL8188EUS chipset and requires some modification on it’s driver then we can use it. TP Link N150 TL-WN722N version 1 is not
available in the market right now. So clear these things and don’t get
trapped.

Which WiFi adapter you like the most for Kali Linux?

 

WiFi Hacking in Kali Linux

Kali Linux is the most widely used penetration testing operating system of all time. It comes with lots of tools pre-installed for cyber security experts and ethical hackers. We can perform web application penetration testing, network attack as well as wireless auditing or WiFi hacking. We have already posted some lots of tutorials on our website and some good WiFi auditing tutorials like AirCrack-Ng.

Why Do We Use External USB WiFi Adapters in Kali Linux?

A WiFi adapter is a device that can be connected to our system and allows us to communicate with other devices over a wireless network. It is the WiFi chipset that allows our mobile phone laptop or other devices which allows us to connect to our WiFi network and access the internet or nearby devices.

But most of the Laptops and mobile phones come with inbuilt WiFi chipset so why do we need to connect an external WiFi adapter on our system ? Well the simple answer is our in-built WiFi hardware is not much capable to perform security testing in WiFi networks.Usually inbuilt WiFi adapters are low budget and not made for WiFi hacking, they don’t support monitor mode or packet injection.

If we are running Kali Linux on Virtual Machine then also the inbuilt WiFi Adapter doesn’t work for us. Not even in bridge mode. In that case we also need an external WiFi adapter to play with WiFi networks. A good external WiFi adapter is a must have tool for everyone who has interest in the cyber security field.

 
WSL2 installation of Kali Linux will not support any kind (Inbuilt or External) of Wi-Fi adapters.

Kali Linux Supported WiFi Adapters

Technically almost every WiFi adapter supports Kali Linux, but those are useless on WiFi hacking if they don’t support monitor mode and packet injection. Suppose, we buy a cheap WiFi adapter under $15 and use it to connect WiFi on Kali Linux. That will work for connecting to wireless networks but we can’t play with networks.

It doesn’t make sense, when we are using Kali Linux then we are penetration testers so a basic WiFi adapter can’t fulfill our requirements. That’s why we should have a special WiFi adapter that supports monitor mode and packet injection. So in this tutorial Kali Linux supported means not only supported it means the chipset has ability to support monitor mode and packet injection.

What is Monitor Mode

Network adapters, whether it is wired or wireless, are designed to only capture and process packets that are sent to them. When we want to sniff a wired connection and pick up all packets going over the wire, we put our wired network card in “promiscuous” mode.

In wireless technology, the equivalent is monitor mode. This enables us to see and manipulate all wireless traffic passing through the air around us. Without this ability, we are limited to using our WiFi adapter to only connect to wireless Access Points (APs) that accept and authenticate us. That is not what we are willing to settle for.
In the Aircrack-ng suite, we need to be able to use airodump-ng to collect or sniff data packets.

What is Packet Injection

Most WiFi attacks require that we are able to inject packets into the AP while, at the same time, capturing packets going over the air. Only a few WiFi adapters are capable of doing this.

WiFi adapter manufacturers are not looking to add extra features to their standard wireless adapters to suit penetration testers needs. Most wireless adapters built into your laptop are designed so that people can connect to WiFi and browse the web and send mails. We need something much more powerful and versatile than that.

If we can’t inject packets into the Access Point (in Aircrack-ng, this is the function of Aireplay-ng), then it really limits what we do.

If we are using Kali Linux and want to be a security tester or ethical hacker then a special WiFi adapter is a must have tool in our backpack. As per our own experience listed Alfa cards in this list are best USB wireless adapter for Kali Linux, going with them may be costly but they are really worth it. For more assistance comment below we reply each and every comment.

We are also in Twitter join us there. Our Telegram group and our Whatsapp channel also can help to choose the best WiFi adapter for hacking and Kali Linux.
NIPE — Fully Anonymize Total Kali Linux System

NIPE — Fully Anonymize Total Kali Linux System

Becoming anonymous is a very good way to hide ourself form all kind of surveillance. But we get only few option because VPN is really bad, specially those free one. Free VPN’s keeps logs and we can be traced.

We can use TOR network, not the browser only. Tor can’t be traced easily it is very hard (practically close to impossible). Read our detailed article on Tor network.

We can use Tor as a default gateway for our network. Then all the traffic on our PC will transfer via Tor network and it’s not possible to trace us. We can do this manually with a server but manual configuration of this will consume a lot of time and hard work. Automated tools will help us.

Kali LInux anonymous total system with NIPE

This is not the first, previously we made an article on AnonSurf, but that tool is not updated in last 3 years and we got a lot of issues.

In today’s article we gonna talking about Nipe. This perl script enables us to directly route all our traffic from our computer to the Tor network through which we can use the internet anonymously without having to worry about tracked or traced back.

First of all we need to clone this repository from GitHub by using following command:

git clone https://github.com/htrgouvea/nipe

Then it will copied to our system we can go inside the directory using cd command:

cd nipe

The screenshot of the above commands is following:

clonning nipe from github to kali linux

Now we need to install libraries and dependencies by using following command:

sudo cpan install Try::Tiny Config::Simple JSON

Now for new comers cpan might be a strange command, cpan helps to install packages or modules for Perl. In simple words we can say ‘Python have pip‘ & ‘Perl have cpan‘.

After this we can install this Perl script using following command:

sudo perl nipe.pl install

Then the installation process will start. After the installation we got a notification that some services need to restart, here we press “TAB” button and select OK by pressing ENTER, as we can see in the following screenshot:

services restart for NIPE

After this we can say that our installation process is done. Now we are ready to ROCK.

First of all we check the status of NIPE tool by applying following command:

sudo perl nipe.pl status

The screenshot of the command is following:

nipe status on Kali Linux

In the above screenshot we can see that NIPE is disabled here but we can start it using following command:

sudo perl nipe.pl start

After applying these command NIPE services will be started, now again if we can check the status by applying sudo perl nipe.pl status command then, we can see the output as the following screenshot:

anonymous services has been started on Kali Linux

Now we need to test our IP by opening dnsleaktest website to make sure that our original IP address is hided. Checking this will be a good test for NIPE tool beneficial for everyone.

When we are done we can off this Tor gateway and get back to our original IP address by applying following command:

sudo perl nipe.pl stop

After applying the above command NIPE will stop and we get back our original IP. We can check the status, as we did in the following screenshot:

nipe service stopped on Kali Linux

NIPE makes Tor network our default gateway. This is how we can anonymise our total Kali Linux system. This process is enough secure. Practically cracking Tor is close to impossible but as we know theoretically everything is possible.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxInfamily, join our Whatsapp Channel & Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.