Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security.

MaskProcessor — Advanced Password-List for Bruteforce

MaskProcessor — Advanced Password-List for Bruteforce

We all know that cracking passwords are very important in cybersecurity field. Then ever we thinks for password cracking we either need to do dictionary attack or brute-force. But, if the password didn’t in our password list dictionary attack will not work and brute-force takes too much time to crack a password (sometimes even more than a decade).

Maskprocessor on Kali LInux

Trying to solve this problem of brute-force password generator a tool is there by the makers of HashCat (well known password cracking tool). This tool named as MaskProcessor. Now what MaskProcessor do? It is a high-performance word generator with a per-position configurable charset, which tries all combinations from a given keyspace just like in Brute-Force attack, but more specific. Then how it is different from brute-force attack?

MaskProcessor is Faster Than Brute-Force

The reason for doing this and not to stick to the traditional Brute-Force is that we want to reduce the password candidate keyspace to a more efficient one.

Here is a single example. We want to crack the password: Julia1984

In traditional Brute-Force attack we require a charset that contains all upper-case letters, all lower-case letters and all digits (aka “mixalpha-numeric”). The Password length is 9, so we have to iterate through 62^9 (13,537,086,546,263,552) combinations. Lets suppose we crack with a rate of 100M/s, this requires more than 4 years to complete.

In Mask attack we know about humans and how they design passwords. The above password matches a simple but common pattern. A name and year appended to it. We can also configure the attack to try the upper-case letters only on the first position. It is very uncommon to see an upper-case letter only in the second or the third position. To make it short, with Mask attack we can reduce the keyspace to 522626262610101010 (237,627,520,000) combinations. With the same cracking rate of 100M/s, this requires just 40 minutes to complete.

We can see the difference that how MaskProcessor can reduce our efforts. It just guessing the pattern of password and make a very shorter list for a quick job. There are some disadvantages are there also.

Disadvantage of MaskProcessor Compared to Brute-Force

There is none. We can argue that the above example is very specific but this does not matter. Even in mask attack we can configure our mask to use exactly the same keyspace as the Brute-Force attack does. The thing is just that this cannot work vice versa.

What are the Masks

For each position of the generated password candidates we need to configure a placeholder. If a password we want to crack has the length 8, our mask must consist of 8 placeholders.

  1. A mask is a simple string that configures the keyspace of the password candidate engine using placeholders.
  2. A placeholder can be either a custom charset variable, a built-in charset variable or a static letter.
  3. A variable is indicated by the ? letter followed by one of the built-in charset (l, u, d, s, a) or one of the custom charset variable names (1, 2, 3, 4).
  4. A static letter is not indicated by a letter. An exception is if we want the static letter ? itself, which must be written as ??.

Built-in character encoding

In MaskProcessor there are some built-in charsets. They are following:

  • ?l = abcdefghijklmnopqrstuvwxyz
  • ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
  • ?d = 0123456789
  • ?a = ?l?u?d?s
  • ?b = 0x00 – 0xff

Not only these as we told in above that we can set custom charset in MaskProcessor.

Custom Charsets

There are four command-line-parameters to configure four custom charsets.

  • –custom-charset1=CS
  • –custom-charset2=CS
  • –custom-charset3=CS
  • –custom-charset4=CS

These command-line-parameters have four analogue shortcuts called -1, -2, -3 and -4. You can specify the chars directly on the command line.

Password Length Increment

A Mask attack is always specific to a password length. For example, if we use the mask ”?l?l?l?l?l?l?l?l” we can only crack a password of the length 8. But if the password we try to crack has the length 7 we will not find it. That’s why we have to repeat the attack several times, each time with one placeholder added to the mask. This is transparently automated by using the –increment flag.

  • ?l
  • ?l?l
  • ?l?l?l
  • ?l?l?l?l
  • ?l?l?l?l?l
  • ?l?l?l?l?l?l
  • ?l?l?l?l?l?l?l
  • ?l?l?l?l?l?l?l?l

Installing MaskProcessor on Kali Linux

We can install a minimum version of MaskProcessor on our Kali Linux by using sudo apt install maskprocessor command. But there are some issue with this Kali Linux repository version. Like we had installed it but it is also saying ‘command not found’, as we can see in the following screenshot.

maskprocessor is installed but not working
MaskProcessor is installed but “command not found”

In this case we are going to uninstall this by using sudo apt remove maskprocessor command, and install it from scratch.

First we download it from it’s GitHub repository by using following command:

git clone https://github.com/hashcat/maskprocessor

Now MaskProcessor will be cloned on our system as we can see in the following screenshot:

maskprocessor git cloned

Now we need to navigate into the maskprocessor/src directory by using following command:

cd maskprocessor/src

Here we build the program files by using the make command:

make

In the following screenshot we can see the output of the used command:

building program files of maskprocessor

Now we move the mp64.bin file to /usr/bin directory and name it maskprocessor that it can be used as default tools. We can easily do it by using following command:

sudo mv ./mp64.bin /usr/bin/maskprocessor

Now our installation is complete. We can use MaskProcessor on our Kali Linux system. We can now use maskprocessor command to run it on our terminal.

Using MaskProcessor on Kali Linux

As we do always lets check MaskProcessor’s help options by applying following command on our terminal window:

maskprocessor -h

In the following screenshot we can see what we can do using MaskProcessor:

Maskprocessor help

Now we learn how we can generate a specific wordlist in MaskProcessor. Here we need to know about the default charset as we told about in previous section, again mentioning here.

?l = abcdefghijklmnopqrstuvwxyz
?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d = 0123456789
?s =  !”#$%&'()*+,-./:;<=>?@[]^_`{|}~
?a = ?l?u?d?s
?b = 0x00 – 0xff

All characters, except for those that stand for the set (?l, ?u, ?d, etc.), are included in the password unchanged. If we want to compose a dictionary that contains six-digit passwords we need to use maskprocessor ?d?d?d?d?d?d command but we also save the directory using -o flag. So our command will be as following:

maskprocessor ?d?d?d?d?d?d -o directory.txt

This will create a password directory named “directory.txt” which can break a six-digit password by brute-forcing attack.

Not only this. Almost every password-list creator tool can do this but MaskProcessor can do something better. Now we come into this point.

What if we know someone using a password which starts with voro followed by 4 numbers and then two capital letters. In this case we can easily create a password-list using MaskProcessor. We need to use following command:

maskprocessor voro?d?d?d?d?u?u -o passlist.txt

In the above command we have used voro then four ?d for four digits then two ?u for two capital letters, and bang it will create our required very special password list, as we can see in the following screenshot:

passlist created in MaskProcessor

Bang!! Here is our special password list for cracking the specific password.

Now we can use MaskProcessor for creating special type of password lists. We can easily use MaskProcessor on our Kali Linux system.

HashCat vs MaskProcessor

Although, in general, MaskProcessor & Hashcat both are interchangeable to generate passwords, we need to remember that the -a 3 option must be specified to select the brute-force/mask attack mode (since Hashcat supports various attack modes, not only mask). We also need to use the –stdout option, which means to show the password candidates (without cracking the hash).

Hashcat (Mask attack) doesn’t allow us to set the maximum number of identical repeated characters, the maximum number of occurrences of one character, start or end at a specific position. But such a result can be obtained using a Rule-based attack.

Running Hashcat on Linux systems can be problematic due to the need to have proprietary drivers.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Cybersecurity Trends To Be Aware Of In 2022

Cybersecurity Trends To Be Aware Of In 2022

6 trillion dollars – What can be done with such a massive amount? Eradicate Covid-19? Control global warming?

This is the amount necessary to control cybercrime damages for businesses around the world. It is hard to believe an unorganized group of hackers doing petty crime can cost the world such a huge amount.

Cybersecurity Trends To Be Aware Of In 2022

More dangerous than any virus in history, simple forms of cyber attacks like ransomware, malware and phishing attacks can bring a process to a standstill completely, causing an enormous loss for business organizations. It is important to know the current trends in cybersecurity to keep your business safe and invest cleverly to avoid losses.

Trend #1: Major Shortage of Experts

There is a huge demand for talented cybersecurity experts who can safeguard a company from various hacker attacks. In fact, it is one of the top 5 skills which will soar in demand for the next decade. Companies are ready to pay exceptionally high if a cybersecurity expert is capable of avoiding immediate losses, fixing ransomware issues and providing optimum protection against cyberattacks.

Resuming work after a cyberattack or threat is not an easy task requiring a clear scan of the network to ensure it is safe, patching up the loopholes in the software, updating the system, etc. Cybersecurity experts protect the system, create awareness among the employees and repair the system in case of cyber attacks as a part of the recovery plan. It is wise to invest in a team of cyber experts in 2022 as the demand for people with such talent will skyrocket in the upcoming years.

Additionally, some people with poor knowledge and questionable intentions will take advantage of this demand and will pose as experts. It’s advisable to do proper research before hiring cybersecurity experts to see if they really know what they are doing. As company data is not something to take chances with, use background checking companies, conduct proper interviews and use Nuwber to see if the information the experts provide about themselves is really true.

Trend # 2: Employee Training and Awareness

In addition to hiring cyber security experts, allow them to teach the trends and rules to be followed to other employees. Data security is a matter of collective implementation by all the employees. Even the carelessness of one single person can totally compromise the entire security of the company.

The efforts taken by cyber security experts to protect valuable company data will be fruitful only with the cooperation of all the other employees. Good training, knowledge about handling different scenarios and awareness regarding different types of cybercrimes are necessary for the employees to understand the depth of the issue.

The cyber security team can create this awareness with their knowledge and provide enough practice and workshops for the employees in staying safe. Regular practice in using multi-factor authentication, VPNs and password managers prevents over 60% chances of business data leakage.

Many businesses have realized there is no “if there is an attack” in 2022 and are preparing their employees genuinely to stay shielded from the attacks with the help of their cyber security team and training experts.

Trend # 3:  Role-Based Access Control Software

RBAC allows workers to access or view only the absolutely essential files with multi-level authentication. There are multi-level restrictions and many degrees of access and only the most trusted and important employees are allowed to access the core data. Saving, copying or sharing business-related data is highly restricted while using RBAC.

Employees are able to access data only based on their designation and under strict monitoring. RBAC is considered the most budget-friendly and secure way for small and medium-level businesses to keep their data safe in 2022. 

Trend # 4: Custom Security Software

It is important for modern businesses to understand the nature of the threats that await them in their industry. If it is a manufacturing unit, they might need to pay extra attention to automation services. If it is an IT industry, they need to take measures to implement on-premise level security for remote working employees too.

Every business should invest in creating custom security software to meet its unique needs. Popularly known as Commercial off-the-shelf (COTS) software, several companies are expected to invest in such a type of software in 2022. The major advantage of COTS is they are able to analyze and fill in every loophole for your own business, providing fool-proof support.

Hiring an expert team to create such software and train employees to keep it running might take some time and effort. But, it is worth every penny and minute invested as it highly nullifies the chances of cyberattacks.

Trend # 5: Mitigation Measures

Mitigation is a serious issue and requires good investment and clear planning from the company side. The most common mitigation measures taken by business organizations are maintaining an automatic data backup and recovery system and having a contingency plan, re-assigning priority jobs to maintain the process running.

The mitigation measures should aim at maintaining uninterrupted service for the customers and resuming the affected process as quickly as possible. Huge businesses often have contingency teams who take overwork or route it to other teams quickly. Small and medium-level businesses who cannot afford major investment often rely on secure data backup and recovery.

Conclusion

There are five major cybersecurity trends in 2022. There is a huge need for cybersecurity experts and companies to invest in technologies like role-based access and custom security software. Businesses of all sizes, small, medium and huge are targeted by hackers and every company should be taking steps to train its employees about cyber security.

They should strive hard to create awareness about the dangers of a data breach or leakage and cyberattacks. Last but not the least, every company should be investing money to trace the hackers causing the issue, and in contingency plans that help them to recover from cyber-attacks quickly. All these five trends are here to stay for a while and are expected to define the face of the internet in the next decade.

Protecting Our Testing Web Server on Kali Linux

Protecting Our Testing Web Server on Kali Linux

For being cybersecurity researcher we need to practice with buggy web servers, NO not actual servers, we are talking about some intentionally buggy web servers for practicing security testing. We host various vulnerable web applications like Damn Vulnerable Web Application (DVWA), BWAPP (Buggy Web App), OWASP Mutillidae etc on our system. Do we know about the potential risks on this?

there is no place like 127.0.0.1 linux

These type of buggy web applications have various vulnerabilities, some of them allow shell uploading (backdoors) and SQL injection. Such scripts can lead to complete compromise of our the web server as well as the entire computer. We can say that we had hosted it on localhost, that also can harm our system by the attackers. Attacker just need to access our local network (read WiFi) to break into it and damage us. Even they can do it remotely if we had forwarded our system ports.

How to Protect Testing Web Servers on Kali Linux

Malicious Port Closing

First of all we need to check our port forwarding options in our router settings. We should check that we don’t have any port forwarded. Port forwarding allows us to enter in our network remotely, but there is a flaw that if we can enter then anyone else also can. That is why we should not disclose our public IP address.

What if we need to access our network from outside (in our case, we always use our home PC files from our office). In that case the best option to protect our web server shown in following chapter.

IP Filtering

We can filter which IP address is allowed to open our web server. If we apply it then other IP address can’t access our web server. to do this we need to configure our .htaccess file. By default .htaccess file is disabled. We need to enable it from Apache2 configuration. Lets open Apache2 configuration file by using following command:

sudo nano /etc/apache2/apache2.conf

In the following screenshot we can see that where we need to change:

apache2 configuration file

In the <Directory /var/www/> section we need to change the AllowOverride value from None to All. We did the change in the following screenshot:

apache2 config file changed

Then we save and close the file by pressing CTRL+X, then Y, then Enter⤶ key.

Now we need to restart our web server for the changes to take effect:

sudo service apache2 restart

The default directory for Linux web server is /var/www/html. Now here we can edit our .htaccess file by applying following command:

sudo nano /var/www/html/.htaccess

Here our .htaccess file will open we need to just type Require local here, as shown in the following screenshot:

editing .htaccess file

Then we save and close it. Now if we did it then what happens? The name “local” only give access to the same computer. Please note only connections from the same computer (localhost) are allowed and any other remote connections are prohibited, even from the local network. This will be safest option for us.

If we do this and then we try to open this webpage from other devices on our local network it shows like following screenshot:

access denied for other localhost devices
Access denied for other localhost devices

In this way we can safe our localhost websites form other attackers. It is so simple and easy, yet powerful.

If we want we can allow a single IP or network ranges can access this webpage, instead of accessing from same computer only. We need to do following changes on .htaccess file to do so.

Require ip 10.1.2.3
# OR
Require ip 10.1
# OR
Require ip 10.1.0.0/16
# OR
Require ip 10.1.0.0/255.255.0.0
# OR
Require ip ::1

It is allowed multiple use of Require ip directive.

Some Vulnerable Web Server for Practice

This is how we can keep safe our localhost website from bad attackers on our Kali Linux system and enjoy our penetration testing practicing all the day.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

HostHunter — OSINT Tool for Discovering Hostnames

HostHunter — OSINT Tool for Discovering Hostnames

While solving a cyber crime law enforcement agencies and cybersecurity professionals encountered with lots of IP address, usually law enforcement agencies contacts to the telecommunication companies or ISP (Internet Service Provider) to get all the IPDR (Internet Protocol Detailed Record). In IPDR there are too many records about the source IP and destination IP, we can analysis them to get the idea about the traffic. Now which IP is from which Host? Determining this consumes a lot of time.

In today’s article we are going to discuss about a tool which can easily do this job and save our time and effort. This tool’s name is HostHunter. This Python3 OSINT tool comes in Kali Linux repository in latest Kali Linux update (2021.3).

HostHunter efficiently discover and extract host names providing a large set of target IP addresses. HostHunter utilises simple OSINT (Ope-Source Intelligence) techniques to map IP addresses with virtual host names.

Features of HostHunter

  • Extracts information from SSL/TLS certificates.
  • Supports Free HackerTarget API requests.
  • Takes Screenshots of the target applications.
  • Validates the targets IPv4 address.
  • Supports .txt and .csv output file formats.
  • Gathers information from HTTP headers.
  • Verifies Internet access.
  • Retrieves hostname values from services at 21/tcp, 25/tcp, 80/tcp and 443/tcp ports.
  • Supports Nessus target format output.

Installing HostHunter on Kali Linux

Now we can directly it it if we are using latest 2021.3 version of Kali Linux. We can also install it on our older version of Kali Linux by updating our repository. We need to use following command to install it:

sudo apt install hosthunter

Then our system will prompt for root password and storage permission. Then HostHunter will be installed on our system, as we can see in the following screenshot:

installing hosthunter on Kali Linux

Using HostHunter on Kali Linux

First of all, as always we run HostHunter’s help menu to see all it’s options by using following command on our terminal:

hosthunter -h

In the following screenshot we can see the options of HostHunter to use it.

hosthunter help options on Kali Linux

We can see in the above screenshot that we need to use -t flag to check host name of a single IP address. Here We have an IP address to check, then we need to use the following command:

hosthunter -t 157.240.199.35

In the following screenshot we can see the result:

hosthunter on a single IP

From the above screenshot we can see that this IP address is belongs to Facebook and Facebook Messenger, basically Facebook.

We can do resolve host name of multiple IP’s, Here we have an list of multiple IP to just show an example:

IP address list for an example
IP address list for an example

Now we run this on HostHunter to resolve the host names of the above IP address and save our output on a csv file by using following command:

hosthunter demoIP.list -f csv -o hosthunter

In the above command we just used the file name to scan, because our working directory and the list file directory are same. If the list of IP was any other location in our system, then we need enter the full path of that file to scan it. We also used -f flag to specify the output file format and -o flag to specify the output file name. Then we run the command, following screenshot shows the output of the above command:

hosthunter on multiple IP

After completing the scan (it will be very fast), HostHunter will save output data on our specified new file (we also named it hosthunter ☺), as we can see in the following screenshot:

hosthunter output files

Here we got a nessus file which we can use with Nessus, and we got our CSV output file. Now we can open our CSV file of spreadsheet applications like OpenOffice CalC for a better view, otherwise we can use anything (cat, nano mousepad) to view the output file.

hostnames resolved by hosthunter

This the the way, we can can easily got the host name of various IP address without analyzing them one by one. HostHunter is really an awesome tool in Kali Linux for cybersecurity experts.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Sublist3r — Sub-Domain Enumeration Tool

Sublist3r — Sub-Domain Enumeration Tool

Subdomain discovery is very essential for information gathering during penetration testing on web applications. There are lots of tools available for it. We need to use them and find our subdomains because it is possible to find subdomains with some valuable information or some bugs which may lead our penetration testing or bug hunting process.

In today’s article we are going to discuss about how we can find subdomains using sublist3r on our Kali Linux system. Sublist3r is a Python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug bounty hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.

Sublist3r -- Sub-Domain Enumeration Tool  on Kali Linux

Subbrute is integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce technology with an improved password list.

Install & Use Sublist3r on Kali Linux

Enough discussion, let’s install Sublist3r on our Kali Linux system. Sublist3r comes with Kali Linux repository and we can easily install it by applying following command:

sudo apt install sublist3r

This command will install sublist3r on our system, as we can see in the following screenshot:

installing sublist3r on Kali Linux

After the task is finished, we can use sublist3r on our system. First of all let’s check it’s help options by using following command:

sublist3r -h

In the following screenshot we can see the options of sublist3r tool.

sublist3r help options

Simply we can put a target domain to find it’s subdomains by using -d flag. Lets check for subdomains of Google by using following command:

sublist3r -d google.com

In the following screenshot we can see that sublist3r discovered subdomains of Google.com.

Checking for Google subdomains

In the above screenshot we can see that we got almost 38k unique subdomains for google.com.

If we want to save all the subdomains in a text file then we can use -o flag. Then our command will be like following:

sublist3r -d google.com -o Googlesubdomains.txt

By using above command we can save the subdomains list on a txt file with any name.

We also can search for subdomains of specific domain and show only subdomains which have open ports. We can specify our required open ports by using -p flag.

For an example if we want to check subdomains on facebook.com domain which have port 80 and 443 is opened and save the output on a file named fbsubdomains.txt then we need to use following command:

sublist3r -d facebook.com -p 80,443 -o fbsubdomains.txt

We can see in the following screenshot that we have discovered the subdomains of facebook.com which have port 80 and port 443 opened and we saved the output on a text file.

facebook sublist3r subdomains

This is how we can perform subdomain enumeration using Sublist3r on our Kali Linux system. This is very useful for cybersecurity experts, during the recon process.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Detect It Easy — Easily Determine Any File Type

Detect It Easy — Easily Determine Any File Type

During the digital forensics works we had faced with various type of files. From our personal experience we can say it’s not easy. There are numerous file types. If we got a file from suspected devices without any file extension then it is very hard to make an idea about the file type. There are some utilities on Linux like file can done the job, but that may not be the perfect and less information.

In this detailed guide we are going to discuss about “Detect It Easy” aka “DIE“. Detect It Easy or DIE is a cross-platform file type detection program. Apart from Linux (read Kali Linux in our case), it is also available for Windows and Mac OS.

Detect Suspicious files using Detect It easy

DIE exists in three versions. Basic version (“DIE”), Lite version (“DIEL”) and terminal version (“DIEC”). All the three use the same signatures, which are located in the folder “db”. If you open this folder, nested sub-folders will be found (“Binary”, “PE” and others). The names of sub-folders correspond to the types of files. First, DIE determines the type of file, and then sequentially loads all the signatures, which lie in the corresponding folder. Currently the program defines the following types:

  1. MSDOS executable files MS-DOS.
  2. PE executable files Windows.
  3. ELF executable files Linux.
  4. MACH executable files Mac OS.
  5. Binary all other files.

Install Detect It Easy on Kali Linux

Installing “Detect It Easy” on Kali Linux is also very easy. First of all we need to install some dependencies to run this by using following command:

sudo apt install qtbase5-dev qtscript5-dev qttools5-dev-tools git build-essential qtchooser

The dependencies will be installed shortly, as we can see in the following screenshot:

installing dependencies for detect it easy

Now we need to download “Detect It Easy” from GitHub by using following command:

git clone --recursive https://github.com/horsicq/DIE-engine

This will take some time depending on our internet speed and system performance. As we can see in the following screenshot:

detect it easy cloning from GitHub

Now we need to navigate to our recently downloaded/cloned directory by simply using following command:

cd DIE-engine

Now we need to run build script by using following command:

bash -x build_dpkg.sh

We can see that the build script is running in the following screenshot:

detect it easy building script running

It might take some time depending on our system performance. We need a coffee break ?, let it finish.

After it finishes we need to install the deb package on our Kali Linux system. To do that we need to run the following command:

sudo dpkg -i release/die_*.deb

In the following screenshot we can see that the installation process is done. It will not take longer time like building script.

die installation on Kali Linux

Now our installation is finished. Now we move forward to using “Detect It Easy” on our system and try to identify some file types.

Using Detect It Easy on Kali Linux

First we need some files, specially no extension named files that will help us to know the file types. Otherwise, we know that .exe is a Windows application and .py is a python program. Here we have file a file named “Video” on our Desktop, which didn’t have any file extension.

unknown file type on our desktop

Some of us can assume that it might be a video file, Lets see what “Detect It Easy” detects.

We can use command line or graphical user interface both, that doesn’t matter our work should be done. We use following command to know the file type of ‘Video’ named file on our Desktop.

diec Video

Because we are already in Desktop directory we don’t need to set our file path, we just use name. But in the case our working directory is different from file location we need to use path of file. In the following screenshot we can see the output, by the way the diec command used for DIE command line utility.

file type detected by detect it easy

Form the above screenshot we can easily understand that this ‘Video’ is not a video file, it is a Microsoft installer file (exe file for Windows).

In other hand, we can use GUI version of “Detect It Easy” by simply using following command on our terminal:

die

Now the Graphical User Interface of “Detect It Easy” will open in our front as we can see in the following screenshot:

detect it easy graphical user interface
DIE Graphical Interface

Here we can select a file from our computer and select “Scan” to Scan it.

DIE GUI explained

It is very fast and easy to use. We can see various things here. MIME, Hash, Strings etc for detailed analysis.

Note: Detect It Easy is mainly created for analyzing executable files, so its functions are more related to program files, for example, determining the architecture. But there is also support for other binaries.

This is how we can install “Detect It Easy” on our system, and know any kind of file types (specially program files) using our Kali Linux system.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

12 Best Anonymous Chat Apps to talk with Strangers (2021)

12 Best Anonymous Chat Apps to talk with Strangers (2021)

Anonymous chatting has its own set of perks. Firstly, you chat in complete anonymity- without history, without stereotypes, etc. Secondly, it is very liberating when the person you chat with has no idea about what you do or who you are.

This is why cam to cam chats are suddenly getting popular around the world. They have almost become like a fad. Owing to the trend, more and more sites are emerging to provide seamless chatting services. But, how do you choose the best one?

12 Best Anonymous Chat Sites

Online video chatting always has a set of concerns: is the chat going to be safe? Will there be any leakage of information, etc. So, to battle all these pre-conceived notions about online chats, below are the best anonymous chat apps to talk with strangers:

1. Bazoocam

Bazoocam is a nicely interfaced online video chatting platform. It functions in a fairly seamless way. With functions and features similar to ChatSites, Bazoocam too ensures an amazing chatting experience.

However, how does one ensure that the challenges faced under other cam chat sites will not be faced with Bazoocam? The below questions and answers on the issue will suffice:

How is Bazoocam different from other chat sites?

Bazoocam is different and somehow even superior to other chat sites. It has been designed with impeccable functions. The sheer structure of Bazoocam oozes convenience. You will be able to chat in one of the most comfortable interfaces. It does not matter whether you have done this before or not, you will still be comfortable with Bazoocam.

Can you chat anonymously on Bazoocam?

You can only chat anonymously on Bazoocam. The platform has its own set of protocols that only seek only very necessary information from its users. This means that the users are never asked for their personal details.

You can be relieved that the information you provide to Bazoocam will be completely discreet. You only provide very basic details that are sufficient enough for you to start chatting on the platform.

How much does one need to wait to be matched?

There is literally no wait time with Bazoocam. You can chat your time away with people day in and day out. As Bazoocam enjoys a lot of popularity, it has a plethora of users at all hours. Therefore, there will always be people willing and ready to chat.

So, you will always find a suitable match for yourself on the platform. You can further refine your search by opting for filtering your results. You can filter people based on their age, sex, location, etc. The more accurate your requirements are, the better you will be able to chat with people.

How much does Bazoocam cost?

The good news here is that Bazoocam is free. It does not cost at all to use the platform. It is extremely efficient as a webcam chatting platform, that too which is free. It has no hidden costs or subscription fees. You can be assured that you do not need to provide your payment details.

2. Chatrandom

Chatrandom is a very good online cam chatting alternative. It is a good way to find remote companionship. You choose who you want to chat with and whom you don’t want to chat with. With the feature of skipping people, you can just skip things you don’t want to engage with.

3. Chatki

The popularity of Chatki is also increasing because of its discreet features and functions. As the user base of the platform is proliferating each passing day, you will always manage to find companies on the platform. It is perfect and efficient.

4. Emerald Chat

Emerald Chat makes chatting fun and entertaining by adding some fun and entertaining elements. For instance, it offers its users with an avatar and username. The avatar and username will substitute for your real identity on the platform. You can engage in some fun role playing.

5. Chatroulette

Chatroulette is also a very popular online cam chatting site. It provides its users with the ease of chatting with someone based 1000 of miles away. Owing to its cosmopolitan user base, you will also be able to find some fun and entertaining people on the platform.

6. Camsurf

Camsurf is known to be one of the most user-friendly platforms. It has some incredible matching features. It will connect you with people who have the same tastes and interests as you. Further, with masking and masquerading features, it increases its lovability.

7. Flingster

As the name suggests, Flingster allows its users to have flings with people remotely. It is a fun and flirtatious platform wherein you can choose whom you want to chat with. There is no paucity of people on Flingster and you will always find the next person better than the previous.

8. Shagle

Shagle can get really addictive as a web based chatting service. It has been around for a while and has earned a lot of patronage from users around the world. It is fun, entertaining and immaculately designed. Even if you are a first timer, you will be able to use Shagle conveniently.

9. Dirtyroulette

Adults have different sets of needs and Dirtyroulette addresses them efficiently. This is a rather fun and uninhibited platform. You can be honest in your expectations with strangers. No one gets offended as everyone knows about their core purpose of being on the platform.

10. Coomeet

Coomeet lets its users meet with people from around the globe. It makes the world a really small place. Everytime is a busy time on Coomeet as people are honestly hooked to it. It is also very efficient in its interface.

11. Tinychat

Tinychat is a video chatting platform that provides you with multiple live feeds at the same time. This means that you could be chatting with many people at once. All this and more and none of the live feeds will ever get freezed.

12. Camzap

Camzap helps you in establishing some deep connections and bonds, that too with strangers. It is a really user-friendly platform. It has been around for long enough to have a lot of patronage. So, any time of the day you head to it, there will be people to chat with.

Conclusion

If you are looking for the perfect cam to cam chat site, it doesn’t get better or more extensive than the above sites. As compared to ChatSites, the kind of interface and engagement you get on these sites is far better than what you get anywhere else.

Regular Updates and Cleaning Kali Linux System

Regular Updates and Cleaning Kali Linux System

Kali Linux is a rolling distribution, that means it continuously updates in all areas of the operating system, including the Linux kernel, the desktop environment, all utilities and all applications. So we need to update it frequently to stay updated always.

How to update and clean Kali Linux

Not only that, due to update regularly some old packages of applications are kept on our system as a junk. These older files are not so much harmful but they might slow down our system. So we need to clean them on regular basis.

Updating & Upgrading Kali Linux

There are various types of updates we can do like normal update, full upgrade, distribution upgrade.

Updating Kali Linux

Update can be simply done by following command:

sudo apt update -y

The above command will update the package lists for upgrades for packages that need upgrading, as well as new packages that have just come to the Kali Linux repositories. As we can see in the following screenshot:

update kali linux

In the above screenshot we can see that we have already updated our system. One thing to remember that this updates the list of available packages and their versions, but it does not install or upgrade any packages. We can actually install them by using upgrade.

Upgrading Kali Linux

Where update updates the list of available packages but didn’t install them, upgrade actually installs newer versions of the packages we have. After updating the lists, the package manager knows about available updates for the software you have installed. That’s why we need to run update before upgrading.

To upgrading Kali Linux we need to run following command on our Kali Linux system:

sudo apt upgrade -y

As we can see in the following screenshot:

upgrading Kali Linux

In the above screenshot we can see that the upgrade is running. It will take some time depending our internet connection and system performance. Unlike Windows we can cancel it anytime and resume it by applying the same command.

Where sudo apt upgrade -y command installs all and doesn’t remove any packages and skips upgrading old packages if removal is needed, sudo apt full-upgrade -y command removes old packages if needed to perform the upgrade of packages to their latest versions.

sudo apt full-upgrade -y

The output of the above command shown in the following screenshot:

full-upgrade kali linux

sudo apt full-upgrade can be run after sudo apt update -y command but sudo apt update -y is considered more safe then sudo apt full-upgrade -y command. But anyways don’t panic it doesn’t harm our system badly. To know the very detailed difference in these commands please read this article.

Similar to sudo apt-get upgrade command, the sudo apt-get dist-upgrade also upgrades the packages. In addition to this, it also handles changing dependencies with the latest versions of the package. It intelligently resolves the conflict among package dependencies and tries to upgrade the most significant packages at the expense of less significant ones, if required. Unlike sudo apt-get upgrade command, the sudo apt-get dist-upgrade is proactive and it installs new packages or removes existing ones on its own in order to complete the upgrade.

sudo apt dist-upgrade -y

The above command will upgrade our distribution totally.

Cleaning Kali Linux

We can clean our no-longer needed packages by using following command on our Kali Linux terminal:

sudo apt autoremove -y

In the following screenshot we can see the output of this command.

autoclean

In the above screenshot we can see that 19 MB of our disk space is cleared and some packages are removed. Use of this command is safe and should not cause problems.

Each program update, package files are downloaded to the package cache. After the update, downloaded files (you can call them installation files) are not deleted, and gradually the package cache grows to large sizes. This was done intentionally with the idea that if after the next update you find that the new package has problems and the old version is no longer available in the online repository, then you can roll back to the old version by installing it from a file saved in the package cache.

For rolling distributions, the cache grows very quickly, and if we are not qualified enough to roll back to the old version using the installation package which is stored in the cache, then for you these hundreds of megabytes or even several gigabytes are a waste of space on our hard drive. Therefore, from time to time we can execute following commands:

sudo apt autoclean -y
sudo apt clean -y

The sudo apt clean -y command cleans the local repository from received package files. It removes everything except the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/.

Like sudo apt clean -y command, sudo apt autoclean -y cleans downloaded package files from the local repository. The only difference is that it only removes package files that can no longer be downloaded and are largely useless.

This allows us to maintain the cache for a long period without growing too much.

The following command is not directly related to cleaning, but helps maintain our Kali Linux system health.

sudo apt install -f -y

The -f or –fix-broken flag tries to make normal a system by repairing broken dependencies. This option, when used with install/remove, may skip any packages to allow APT to find a likely solution. If packages are listed, this should completely fix the problem.

This is everything to this article, hope now we got a clear idea about “How to update Kali Linux” and “How to clean Kali Linux”.

Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Best USB WiFi Adapter For Kali Linux 2021 [Updated October]

Best USB WiFi Adapter For Kali Linux 2021 [Updated October]

Best WiFi Adapter for Kali Linux

The all new Kali Linux 2021.1 was rolling out and we can simply use it as our primary operating system because of the non-root user. The main benefit of using Kali Linux as primary OS is we got the hardware support. Yes, we can do our all penetration testing jobs with this Kali Linux 2021, but to play with wireless networks or WiFi we need some special USB WiFi adapters in Kali.
Best WiFi Adapter for Kali Linux

Here we have listed some best USB Wireless adapters Kali Linux in 2021. These WiFi adapters are 100% compatible with Kali Linux and supports monitor mode and packet injection, which will help a lot in WiFi penetration testing.

Best WiFi Adapter for Kali Linux

Sl No.
WiFi Adapter
Chipset
Best for
Buy
1
AR9271
Good Old Friend
2
RT 3070
Best in it’s Price Range
3
RT 3070
Compact and Portable
4
RT 5572
Stylish for the Beginners
5
RTL8812AU
Smart Look & Advanced
6
RTL8814AU
Powerful & Premium
7
RT5372
Chip, Single Band


Alfa AWUS036NH

We are using this USB WiFi adapter from the BackTrack days (before releasing Kali Linux) and still we consider it as one of the best. For it’s long range signals we can do our penetration testing jobs from a long distance.

Alfa AWUS036NHA Kali Linux WiFi Adapter 2020

Alfa AWUS036NH is plug and play and compatible with any brand 802.11g or 802.11n router using 2.4 GHz wavelength and supports multi-stream & MIMO (multiple input multiple output) with high speed transfer TX data rate up to 150 MBPS. It also comes with a clip which can be used to attach this adapter on a laptop lid.

    1. Chipset: Atheros AR 9271.
    2. Compatible with any brand 802.11b, 802.11g or 802.11n router using 2.4 Ghz wave-length.
    3. Includes a 5 dBi omni directional antenna as well as a 7 dbi panel antenna.
    4. Supports security protocols: 64/128-bit WEP, WPA, WPA2, TKIP, AES.
    5. Compatible with Kali Linux RPi with monitor mode and packet injection.
    6. High transmitter power of 28 dBm – for long-rang and high gain WiFi.
      https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NHA&qid=1594882122&sr=8-6&linkCode=ll1&tag=adaptercart-20&linkId=2f09cf7cc9b84fcd2be61c590af1d25c&language=en_US

      Alfa AWUS036NHA

      Alfa again. Alfa provides the best WiFi adapters for Kali Linux. This adapter is the older version of Alfa AWUS036NH with Ralink RT3070 chipset. AWUS036NHA is the IEEE 802.11b/g/n Wireless USB adapter with 150 Mbps speed This is also compatible with IEEE 802.11b/g wireless devices at 54 Mbps.

      Alfa AWUS036NH Kali Linux WiFi Adapter 2020

      This plug and play WiFi adapter supports monitor mode and packet injection in any Linux distribution and Kali Linux. Alfa AWUS036NHA comes with a 4 inch 5 dBi screw-on swivel rubber antenna that can be removed and upgrade up to 9 dBi.

        1. Chipset: Ralink RT 3070.
        2. Comes with a 5 dBi omni directional antenna as well as a 7 dBi panel antenna.
        3. Supports security protocols: 64/128-bit wep, wpa, wpa2, tkip, aes
        4. Compatible with Kali Linux (Also in Raspberry Pi) with monitor mode and packet injection.
          https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NH&qid=1594870855&s=amazon-devices&sr=8-1&linkCode=ll1&tag=adaptercart-20&linkId=4c49c0097d6157190cf04122e27714ed&language=en_US

          Alfa AWUS036NEH

          This Alfa WiFi Adapter is compact and tiny, but it has a good range. It supports plug and play so connect it with Kali Linux machine and start playing with WiFi security. The antenna is detachable and makes it very portable. We have used this to build our portable hacking machine with Raspberry Pi and Kali Linux.

          Alfa AWUS036NEH Kali Linux WiFi Adpater 2020

          Alfa AWUS036NEH is the ultimate solution for going out and red teaming attacks. The long high gain WiFi antenna will give us enough range to capture even low signal wireless networks. This adapter is slim and doesn’t require a USB cable to use.

            1. Chipset: Ralink RT 3070.
            2. Supports monitor mode and packet injection on Kali Linux and Parrot Security on RPi.
            3. Compact and portable.
              https://www.amazon.com/AWUS036NEH-Range-WIRELESS-802-11b-USBAdapter/dp/B0035OCVO6/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NEH&qid=1594870918&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=c6578f6fb090f86f9ee8917afba3199a&language=en_US

              Panda PAU09 N600

              Besides Alfa, Panda is also a good brand for WiFi adapters with monitor mode. Panda PAU09 is a good WiFi adapter to buy in 2020. This dual-band plug & play adapter is able to attack both 2.4 GHz as well as 5 GHz 802.11 ac/b/g/n WiFi networks.

              Panda PAU09 WiFi adapter for monitor mode

              This adapter comes with a USB docker and dual antennas, which looks really cool. It is also detachable into smaller parts. This adapter is reliable even on USB 3 and works great and fully supports both monitor mode and injection which is rare on a dual band wireless card out of the box.

                1. Chipset: Ralink RT5572.
                2. Supports monitor mode and packet injection on Kali Linux, Parrot Security even in RPi.
                3. 2 x 5dBi antenna.
                4. It comes with a USB stand with a 5 feet cable.
                5. Little bit of heating issue (not so much).
                  https://www.amazon.com/Panda-Wireless-PAU09-Adapter-Antennas/dp/B01LY35HGO/ref=as_li_ss_tl?dchild=1&keywords=Panda+PAU09&qid=1594870963&sr=8-1-spons&psc=1&spLa=ZW5jcnlwdGVkUXVhbGlmaWVyPUEzRUUwQjNVSkNGMEFIJmVuY3J5cHRlZElkPUEwODkwNzI3MkZHWUFNUTBRMlRTQSZlbmNyeXB0ZWRBZElkPUEwNzkxNzgzMTBaUEdDS05IUzdDTSZ3aWRnZXROYW1lPXNwX2F0ZiZhY3Rpb249Y2xpY2tSZWRpcmVjdCZkb05vdExvZ0NsaWNrPXRydWU=&linkCode=ll1&tag=adaptercart-20&linkId=d9d43db491c7cf14863cc99c1b8b7797&language=en_US

                  Alfa AWUS036ACH / AC1200

                  In Kali Linux 2017.1 update Kali Linux was released a significant update – support for RTL8812AU wireless chipset. Now Alfa AWUS036ACH is a BEAST. This is a premium WiFi adapter used by hackers and penetration testers. It comes with dual antennas and dual band technology (2.4 GHz 300 Mbps/5 GHz 867 Mbps) supports 802.11ac and a, b, g, n.

                  Alfa AWUS036ACH WiFi adapter for Kali Linux

                  These antennas are removable and if we require higher range, then we can connect an antenna with greater dbi value and use it as a long range WiFi link which makes this one of the best WiFi adapters. Also this adapter has an awesome look.

                  If budget is not an issue then this adapter is highly recommended.

                    1. Chipset: RealTek RTL8812AU.
                    2. Dual-band: 2.4 GHz and 5 GHz.
                    3. Supports both monitor mode & packet injection on dual band.
                    4. Premium quality with high price tag.
                      https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00VEEBOPG/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871102&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=928256b6b245a63277f865d406f44c02&language=en_US

                      Alfa AWUS1900 / AC1900

                      Now this is the beast, then why is it at last? It is last because of its high price range. But the price is totally worth it for this USB WiFi adapter. If the previous adapter was a beast then it is a monster. Alfa AWUS1900 has high-gain quad antenna that covers a really long range (500 ft in an open area).

                      This is a dual band WiFi adapter with high speed capability 2.4GHz [up to 600Mbps] & 5GHz [up to 1300Mbps]. It also has a USB 3.0 interface.

                      Alfa AWUS036ACH The best wifi adapter for hacking in Kali Linux

                      Monitor mode and packet injection supported with both bands and it will be very useful for serious penetration testers. We also can attach this on our laptop display with it’s screen clip provided with the box.

                      What we got in the box?

                      • 1 x AWUS1900 Wi-Fi Adapter
                      • 4 x Dual-band antennas
                      • 1 x USB 3.0 cable
                      • 1 x Screen clip
                      • 1 x Installation DVD-Rom (doesn’t require on Kali Linux. Plug&Play)
                      • A consistent solution for network congestion!
                        1. Chipset: RealTek RTL8814AU.
                        2. Dual-band: 2.4 GHz and 5 GHz.
                        3. Supports both monitor mode & packet injection on dual band.
                        4. Premium quality with high price tag.
                        5. Very long range.
                          https://www.amazon.com/Alfa-AC1900-WiFi-Adapter-Long-Range/dp/B01MZD7Z76/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871169&sr=8-4&linkCode=ll1&tag=adaptercart-20&linkId=d62c81825eace1b0f09d0762e84881c4&language=en_US

                          Panda PAU 06

                          Yes, This low cost Panda PAU 06 WiFi adapter supports Monitor Mode and Packet Injections. But we really don’t suggest to buy this adapter if budget is not an issue.
                          panda pau 06 wifi adapter for Kali Linux
                          The main reason is this WiFi adapter doesn’t supports dual-band frequency (only supports 2.4GHz), it doesn’t supports 5GHz frequency.
                          This WiFi adapter comes with Ralink RT5372 chipset inside it. 802.11n standards supports 300MB per second maximum speed.
                          This adapter takes less power from computer, but other adapters doesn’t took too much power from system (this point is negligible).
                          panda pau 06 order on amazon

                          Extras

                          There are some more WiFi adapters that we did not cover because we didn’t test them on our hands. These WiFi adapters were owned by us and some of our friends so we got a chance to test these products. We didn’t listed some WiFi adapters like following:

                          Be Careful to choose from these, because we don’t know that they surely support monitor mode & packet injection or not. As per our own experience Alfa cards are the best in the case of WiFi Hacking.

                          How to Choose Best Wireless Adapter for Kali Linux 2020

                          Before going through WiFi adapter brands let’s talk something about what kind of WiFi adapter is best for Kali Linux. There are some requirements to be a WiFi penetration testing wireless adapter.

                          • Should support Monitor mode.
                          • The ability to inject packets and capture packets simultaneously.

                          Here are the list of WiFi motherboards supports Monitor mode and Packet injection.

                          • Atheros AR9271 (only supports 2.4 GHz).
                          • Ralink RT3070.
                          • Ralink RT3572.
                          • Ralink RT5370N
                          • Ralink RT5372.
                          • Ralink RT5572.
                          • RealTek 8187L.
                          • RealTek RTL8812AU (RTL8812BU & Realtek8811AU doesn’t support monitor mode).
                          • RealTek RTL8814AU

                          So we need to choose WiFi Adapter for Kali Linux carefully. For an Example, on the Internet lots of old and misleading articles that describe TP Link N150 TL-WN722N is good for WiFi security testing. But it is not true. Actually it was.

                          TP Link N150 TL-WN722N newer models don't support Monitor Mode
                          TP Link N150 TL-WN722N newer models doesn’t work

                          The TP Link N150 TL-WN722N’s previous versions support monitor mode. The version 1 comes with Atheros AR9002U chipset and supports monitor mode. Version 2 has the Realtek RTL8188EUS chipset and doesn’t support monitor mode or packet injection. TP Link N150 TL-WN722N version 1 is not available in the market right now. So clear these things and don’t get trapped.

                          Which WiFi adapter is the best? Vote Please

                           
                          pollcode.com free polls

                          WiFi Hacking in Kali Linux

                          Kali Linux is the most widely used penetration testing operating system of all time. It comes with lots of tools pre-installed for cyber security experts and ethical hackers. We can perform web application penetration testing, network attack as well as wireless auditing or WiFi hacking. We have already posted some lots of tutorials on our website and some good WiFi auditing tutorials like AirCrack-Ng.

                          Why Do We Use External USB WiFi Adapters in Kali Linux?

                          A WiFi adapter is a device that can be connected to our system and allows us to communicate with other devices over a wireless network. It is the WiFi chipset that allows our mobile phone laptop or other devices which allows us to connect to our WiFi network and access the internet or nearby devices.

                          But most of the Laptops and mobile phones come with inbuilt WiFi chipset so why do we need to connect an external WiFi adapter on our system ? Well the simple answer is our in-built WiFi hardware is not much capable to perform security testing in WiFi networks.Usually inbuilt WiFi adapters are low budget and not made for WiFi hacking, they don’t support monitor mode or packet injection.

                          If we are running Kali Linux on Virtual Machine then also the inbuilt WiFi Adapter doesn’t work for us. Not even in bridge mode. In that case we also need an external WiFi adapter to play with WiFi networks. A good external WiFi adapter is a must have tool for everyone who has interest in the cyber security field.

                           
                          WSL2 installation of Kali Linux will not support any kind (Inbuilt or External) of Wi-Fi adapters.

                          Kali Linux Supported WiFi Adapters

                          Technically almost every WiFi adapter supports Kali Linux, but those are useless on WiFi hacking if they don’t support monitor mode and packet injection. Suppose, we buy a cheap WiFi adapter under $15 and use it to connect WiFi on Kali Linux. That will work for connecting to wireless networks but we can’t play with networks.

                          It doesn’t make sense, when we are using Kali Linux then we are penetration testers so a basic WiFi adapter can’t fulfill our requirements. That’s why we should have a special WiFi adapter that supports monitor mode and packet injection. So in this tutorial Kali Linux supported means not only supported it means the chipset has ability to support monitor mode and packet injection.

                          What is Monitor Mode

                          Network adapters, whether it is wired or wireless, are designed to only capture and process packets that are sent to them. When we want to sniff a wired connection and pick up all packets going over the wire, we put our wired network card in “promiscuous” mode.

                          In wireless technology, the equivalent is monitor mode. This enables us to see and manipulate all wireless traffic passing through the air around us. Without this ability, we are limited to using our WiFi adapter to only connect to wireless Access Points (APs) that accept and authenticate us. That is not what we are willing to settle for.
                          In the Aircrack-ng suite, we need to be able to use airodump-ng to collect or sniff data packets.

                          What is Packet Injection

                          Most WiFi attacks require that we are able to inject packets into the AP while, at the same time, capturing packets going over the air. Only a few WiFi adapters are capable of doing this.

                          WiFi adapter manufacturers are not looking to add extra features to their standard wireless adapters to suit penetration testers needs. Most wireless adapters built into your laptop are designed so that people can connect to WiFi and browse the web and send mails. We need something much more powerful and versatile than that.

                          If we can’t inject packets into the Access Point (in Aircrack-ng, this is the function of Aireplay-ng), then it really limits what we do.

                          If we are using Kali Linux and want to be a security tester or ethical hacker then a special WiFi adapter is a must have tool in our backpack. As per our own experience listed Alfa cards in this list are best USB wireless adapter for Kali Linux, going with them may be costly but they are really worth it. For more assistance comment below we reply each and every comment.

                          We are also in Twitter join us there. Our Telegram group also can help to choose the best WiFi adapter for hacking and Kali Linux.
                          How to Remove Metadata of Files on Kali Linux

                          How to Remove Metadata of Files on Kali Linux

                          In cybersecurity and digital forensics field metadata of files is very important. We can get various information from metadata in files. This metadata may help us to get much more insider information while we are doing forensics testing. Also if we think about our privacy then metadata can harm our privacy in that case we can remove our metadata also.

                          remove metadata from files on Kali Linux

                          In this detailed guide we are going to discuss about how we can read and remove metadata of any files using Kali Linux.

                          To view and remove metadata on Kali Linux (or any other Linux), we need to install mat2 program. Mat2 (Metadata Anonymisation Toolkit 2) is a command-line metadata removal tool, supporting a wide range of commonly used file formats, written in python3. To install it on our system we need to apply following command on our Terminal:

                          sudo apt install mat2

                          In the following screenshot we can see that mat2 is installing on our system. It is not so large (under 25MB) package and the installation time will depends on our internet connection speed and system performance.

                          installing mat2 on kali linux

                          After the installation is finished we can check the help of mat2 by using following command:

                          mat2 -h

                          In the following screenshot we can see the help of mat2.

                          mat2 help options

                          Now we can read the help options to know all the works of this tool. As we can see there is a -s flag, which can show us harmful metadata detectable by mat2 without removing them. Lets use it.

                          Mat2 can view and remove metadata from files so we need files to perform it. Here we have an downloaded image which contains metadata. We had saved the image on our Desktop (home/kali/Desktop/IMG_20201007_102037.jpg ).

                          To view it’s metadata we can use following command:

                          mat2 -s /home/kali/Desktop/IMG_20201007_102037.jpg

                          In the following screenshot we can see the metadata of this image with various useful information:

                          mat2 view metadata

                          Now if we want to remove these metadata this file we need to enter following command on our terminal:

                          mat2 <location/of/file>

                          In the following screenshot we can see that it is done.

                          metadata is removed

                          Here the old files will remain unchanged, but new files will be created with the string .cleaned in the name and completely cleared metadata. As we can see in the following screenshot.

                          Metadata cleaned files

                          Now we can check if the there any metadata in the new cleaned file by using following command:

                          mat2 -s /home/kali/Desktop/IMG_20201007_102037.cleaned.jpg

                          In the following screenshot we can see that the new file (.cleaned) did not contain any kind of metadata.

                          all metadata is removed
                          Total process of removing metadata

                          This is how we can remove metadata of any file (not only images), if we need to clear metadata of all files in any particular folder then we can simply enter following command:

                          mat2 /home/kali/Desktop/*

                          The above command will remove metadata from all files on our Desktop. If we want to clear metadata of files in other folders then we need put that directory with * . And it will create new .cleaned file for every old files, the .cleaned files will not contain any metadata.

                          This is all bout how we can clear or remove metadata from any files on our Kali Linux system.

                          Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          Open Whatsapp chat
                          Whatsapp Us
                          Chat with us for faster replies.