🔥 Kali Linux Course 2023 | Kali Linux Tutorial 2023 | Kali Linux Full Course | Simplilearn

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

Ki Linux is a specialized lenux distributor design for ethical hacking penetration testing and cyber security it offers a wide range of pre-installed security tools customization options and life boot capabilities making it go to choice for Professionals in this field always remember to use Ki Linux ethically and legally Ki Linux is the major ask for Recruiters in the ethical hacking domain so if you are looking to learn Kali Linux and get certified into ethical hacking explore the wide range of cyber security and ethical hacking courses by simply learn these courses are handcrafted by the industry experts from the best universities across the globe by enrolling in cyber security courses by simply learn you will be skilled in advanc hacking Concepts Network hacking analysis firewalls and honeypots network security cryptography and more an year of experience is required to enroll in this course find the course Link in the description box so without without any further delay let's begin welcome back to Simply learns YouTube channel ethical hacking is the practice of using hacking techniques to test the security of a computer system Network or application with the goal of identifying vulnerabilities and improving the overall security of the system with increasing Reliance on digital systems in various Industries there has been a growing demand for skilled ethical hackers ethical hacking offers a lucrative career option with a high salary and the potential to work as a freelancer or as a part of te with that being said it is sufficiently evident that cyber security and ethical hacking are amazing career options for every individual out there so without any further delay let's jump onto our topic right away if you want to enter the field of cyber security and grab a high-paying job then simply learns postgraduate program in cyber security in collaboration with the MIT University is surely the right option for you this postgraduate program in cyber security will help you learn comprehensive approaches to protecting your infrastructure and securing data data including risk analysis mitigation and compliance you'll get foundational to advanc skills through industry leading cyber security certification courses in this program for admission to this postgraduate program in cyber security candidate should have a bachelor's degree with an average of 50% or higher grades and candidates with one plus year of work experience are preferred so join now the course link is mentioned in the description box below let us start by understanding what ethical hacking is ethical hacking often referred to as Whitehead hacking involves using your cyber security skills to protect systems and networks in 2024 this field is more critical than ever due to the increasing number of cyber attacks your role as an ethical hacker is to find vulnerabilities before malicious hackers do and secure digital environments before we begin let's talk about the prerequisites to excel in ethical hacking you should have a strong foundation in computer science or it familiarity with programming languages like python C++ and Java will be beneficial as they are commonly used in cyber security tasks it's essential to follow a structured learning path so start by gaining a deep understanding of networking you need to comprehend how data flows through networks the various protocols in use and security mechanisms that protect them next delve into the world of operating systems understanding the inrees of most popular operating systems like Windows Linux and Mac OS is crucial for ethical hacker you'll often encounter vulnerabilities at this level certifications play a pivotal role in your ethical hacking career consider pursuing certifications like certified ethical hacker certified information system Security Professionals CompTIA Security Plus and certified information security manager cism these certifications are recognized by industry professionals and can open up doors to many exciting job opportunities learning by doing is crucial in ethical hacking engage in Hands-On experiences such as capture the flat competitions participating in bug bounties and setting up your own home lab these activities will sharpen your practical skills and deepen your understanding of vulnerabilities and exploits cyber security is a rapidly evolving field stay updated with the latest threats tools and techniques by following cyber security news attending conferences and engaging with online communities the ability to adapt to New Challenges is a Hallmark of a successful ethical hacker ethical hacking is all about doing good always are there to the law obtain proper permission when testing systems and respect privacy and confidentiality ethical behavior is not just a requirement it's a Cornerstone of this profession as you progress build a strong portfolio document your achievements successful hacks and projects a well-maintained portfolio will not only showcase your skill but also make you stand out to potential employers building strong networking skills is essential attend cyber security conferences and join professional associations like Issa information system security Association or isaca information systems audit and Control Association networking not only enhances your knowledge but also opens doors to job opportunities and collaborations coding and scripting are your secret weapons Master scripting languages like Python and Powershell these skills are invaluable when automating security tasks creating custom tools and analyzing malwares incident response is a critical aspect of cyber security understand how to detect respond to and recover from security incidents familiarize yourself with incident response Frameworks like nist and ISO 271 this expertise is highly sought after by organizations looking to Bluster their cyber defenses don't underestimate the importance of soft skills effective communication teamwork and problem solving abilities will set you apart in the workplace ethical hackers often collaborate with cross functional teams and strong interpersonal skills are essential for success in this ever evolving field continuous learning is your best friend stay curious and explore some emerging Technologies like Ai iot and Quantum Computing as they bring new security challenges learning about these Technologies and their Associated security risks will make you an invaluable asset to any organization join online communities and forums where ethical hackers share knowledge and experiences platforms like GitHub and overflow can be invaluable for collaboration and learning engaging with the community allows you to tap into the collective wisdom of experienced hackers looking ahead consider specializations with ethical hacking such as mobile security iot security or Cloud security these niches offer exciting career paths and opportunities to become an expert in a specific area of cyber security if you want to start your career in ethical hacking you might be confused with the variety of certifications being offered in the the market today from Network specialist to system administrator ethical hacking has become necessary in today's digital driven world with every factor of business moving to the cloud with jobs in every department and the competition certifications are the best way to demonstrate your knowledge and skill in the potential employer and stand out from the crowd in this video we will talk about the best certifications that you should aim if you want to get into ethical hacking however if you want a comprehensive Solution on how to prepare yourself for these exams check out the cyber security expert Masters program which will give you the knowledge and abilities that you should need to excel in this quickly and expanding field with the best in-class program you will discover through methods of safeguarding your infrastructure such as preventing data and information constructing risk analysis mitigation architecting cloud-based security achieving complaints and much more so let's begin with the first and probably the most well-known and well regarded certification in the ethical hacking sector which is none other than c or certified ethical hacker but before that let's discuss the agenda for this slide so first we'll discuss what is ethical hacking now after that we'll see what is certified ethical hacker moving ahead we'll discuss about OSP which is offensive security certified professional after that we'll see certified information system security professional which is cisp after that we'll talk about com Tia Security Plus certification after that we'll see certified Cloud security professional now let's see what is ethical hacking so what is ethical hacking basically it's when a computer expert tries to hack into a system or network in order to find any valab or weaknesses that a Mis Lous hacker could exploit the difference is that ethical hackers do it with permission from the owner of the system and they don't use their skills to do any harm so why is ethical hacking important well as we do more and more online the risk of cyber attacks increases cyber crimes can steal our personal information money and identities ethical hacking helps to protect us from these attacks by finding weaknesses in our systems before that bad guys can exploit them that you know about ethical hacking let's start with the certifications so the first one is certified ethical hacking C certification so this certification is for people who want to learn how to think like a hacker to protect computer systems better it covers topics such as scanning system hacking Torin back doors viruses and bombs and social engineering to earn the C certification you need to pass an exam now I'll tell you about the course that we are offering so in order to better defend business infrastructure from data breaches you will learn the sophisticated step-by-step purchases used by hackers in this certified ethical hacking 12 okay I'll tell you about that so this is the program C version 12 certified ethical hacker right this course will cover topics like information security overview and then it will start telling you about information security threads and attack vectors penetration testing comp Concepts hacking Concepts ethical hacking Concepts information security control and there are so many other modules also that you can see here on your screens so this is what you will learn about from this course so the link will be in the the description box don't worry about the link you will also see there will be live classes on every weekday for this see there will be weekly classes starting from the date you will join after that so there will be weekly classes for this course and also we will so whenever you will take this course you'll have to take the CH exam so for that we'll give you the exam voucher with this course as it's mentioned here also on our screens that will give exam voucher for C right so now we have offensive security certified professional which is OSP certification it's a highly respected and practically certification in the field of cyber security offensive security a leading provider of information security training and penetration testing services offers it the oscp certif ification test an individual's ability to identify and exploit variabilities in the controlled and safe environment the Hands-On certification required the candidates to complete a 24 hours penetration testing exam on a simulated Network followed by a report on their findings to prepare for the OSP certification candidate must complete the offensive security certified professional course this course also includes video lectures and practical exercises and candidates must demonstrate their skills through a series of lab exercises employers highly value the OSP certification as it demonstrate the candidates ability to think outside the box problem solve and work independently it is also a prerequisite for many high level cyber security jobs such as penetration tester ethical hacker in summary the CB certification is challenging and practically require Hands-On skills and a strong understanding of cyber security Concepts it's a highly requested in the industry and can lead to many exciting and well-paying job opportunities the best part about the OSP certification is the similarity it has with C when it comes to curricular so learning the technical aspects of one is sure to prepare you for the other with very little efforts so you can take a c course from Simply learn and you can also learn after that the OSP because it's very similar to that okay now let's talk about the cissp so certified information system security professional certification this is one of the most well-known and respected certification in the field it covers a wide range of topics including security and risk management asset security security architecture and engineering communication and network security identity and access management security assessment and testing and many more to earn the cissp certification you need to have at least 5 years of experience in the field and pass an exam so you need to pass an exam of cissp so now let me open the cissp course for you so we have this cisp training course you can take up this course the link will be in the description box and let me tell you about the cissp okay so yeah this cissp certification is regarded as The Pinacle of achievement in information security the cissp course will prepare you to become an information assurance expert who defines all areas of it security including architecture design management and controls it is aligned with ISC to cbk standards start with cissp training now because the majority of it Security Professionals favor or require a CSP certification you will cover topics like I'll tell you about the content of the course so you will cover topics like this domain One Security and risk management asset security communication and network security and there are so many domains and in this you will learn so many other things so this is Will definitely going to help you the link will be in the description box do check it out click on the uh link and you will open that this page will be open for you guys and you can enroll here give your name number and email ID and submit and our experts will contact you for sure okay now also there will be live classes on weekends for this so to check it out the link will be in the description box a CIS sp's annual total income is expected to be $13,000 in the US and with the average salary of $82,000 now we'll move on to the CompTIA Security Plus certification so this certification cover various topics including threads attacks Technologies and tools architecture and design identity and access management risk management and cryptography to earn the CompTIA Security Plus certification you you need to pass an exam now I'll tell you about this com Tia Security Plus exam in further so com Tia Security Plus certification covers various topics including threads attacks Technologies and tools architecture and design identity and exess management risk management and cryptography to earn the com Tia Security Plus certification you need to pass an exam now I'm going to tell you about this course comti Security Plus which is offered by simply learn it's a Wily recognized certification comti Security Plus verifies fundamentals of vendor neutral it security knowledge and abilities this certification program covers the fundamental concepts of network security and risk management as a benchmark for best practice in it security the classes of this will be held on weekends and you can also check what you are covering in this course in this course content page okay you will find everything here like attack HS and these are the things that you will learn governments risk and complaints this is the things that you going to learn around this course okay so now is the best time to learn this you can take up this course the link will be in the description box below click on the and enroll now I have told you how to enroll in this course so now let's move forward to ccsp okay so this this ccsp which is stands for certified Cloud security professional is last on our list so let's move on to ccsp if you are interested in Cloud security and you may want to consider the certified Cloud security professional certification this certification covers topics such as cloud data security Cloud platform and infrastructure security Cloud application security operations legal and complaints and risk management to ear the ccsp certification you need to have at least 5 years of experience in the field and to pass an exam the top certification offered by ISC 2 is the certified Cloud security professional training program by comprehens information security concerns and putting data protection policies into practice this training will help you reduce security threats to your cloud storage so I'm going to show you so there will be some other courses also that you can take when you will take up this course there are uh certified Cloud security professional com Tia Network plus cism uh if you're going for ethical hacking you should take cism but it's up to you guys you if you want to take security uh uh Cloud security professional course you can take that this three are elective ones you can choose any one of them okay hey everyone it's no secret that the majority of our internet usage is at the risk of being hacked be it via unsafe messaging applications or misconfigured operating systems to counteract this void of digital security penetration testing has become the norm when it comes to vulnerability assessment K Linux is an operating system that has become a well-known weapon in this fight against hackers a Linux distribution that is made specifically for penetration testers K Linux has layers of features that we will be covering in today's lesson let's take a look at the topics to be covered in this video we start by learning about K Linux and a basic explanation of its purpose we take a look at the history of K Linux from the story of its origin to its current day exploits next we learn a few distinct features of Kali that make it an attactive choice for penetration testers worldwide finally we take a look at the multiple ways we can install K Linux to start our journey in the world of penetration testing let's start by learning about K Linux in general Kali Linux which is formerly known as backtrack Linux is an open- Source Linux distribution aimed at Advanced penetration testing and security auditing it contains several hundred tools that are targeted towards various ious information security tasks such as penetration testing security research computer forensics and reverse engineering K Linux is a multiple platform solution accessible and freely available to Information Security Professionals and hobbyists among all the Linux distributions K Linux takes its roots from the Debian operating system Debian has been a highly dependable and stable distribution for many years providing a similarly strong Foundation to the k desktop while the operating system is capable of practically modifying every single part of our installation the networking components of Kali become disabled by default this is done to prevent any external factors from affecting the installation procedure which may pose a risk in critical environments apart from boosting security it allows a deeper element of control to the most enthusiastic of users we did not get K Linux since the first day how did it come into existence let's take a look at some of its history K Linux is based on years of knowledge and experience in building penetration testing and operating systems during all these project lifelines there have been only a few different developers as the team has always been small the first project was called wopex which stands for white hat noex as can be inferred from the name it was based on the npix operating system as its underlying OS poix had released ranging from version 2.0 to 2.7 this made way for the next project which was known as wax or the long hand being white hat slacks the name change was because the base OS was changed from KNIX to slacks wax started at version 3 as a nod it carrying on from warix there was a similar OS being produced at the same time auditor security collection often being shorted to just auditor which was once again using knopic its efforts were combined with backs to produce backtrack backtrack was based on slackware from version one to version 3 but switched to Ubuntu later on with version 4 to version five using the experience gained from all of this K Linux came after backtrack in 2013 Ki started off using Debian stable as the engine under the hood before moving to Debian testing when khi Linux became a rolling operating system now that we understand the history and the purpose of K Linux let us learn a little more about its distinct features the latest version of Khali comes with more than 600 penetration tools pre-installed after reviewing every tool that was included in backtrack developers have eliminated a great number of tools that either simply did not work or which duplicated other tools that provided the same or similar functionality the Khali Linux team is made up of a small group of individuals who are the only ones trusted to commit packages and interact with the repositories all of which is done using multiple secure protocols restricting access of critical code bases to external asset greatly reduces the risk of source contamination which can cause K Linux users worldwide a great deal of damage as a direct victim of cyber crime although penetration tools tend to be written in English the developers have ensured that Khali includes true multilingual support allowing more users to operate in the native language and locate the tools they need for the job the more comfortable a user feels with the intricacies of the operating system the easier it is to maintain a stronghold over the configuration and the device in general since Arm based single board systems like the Raspberry Pi are becoming more and more prevalent and inexpensive the development team knew that ki's armm support would need to be as robust as they could manage with fully working installations K Linux is available on a wide range of armm devices and has armm repositories integrated with the mainline distributions so the tools for armm are updated in conjunction with the rest of the distribution all this information is necessary for users to determine if K Linux is the correct choice for them if it is what are the ways that they can go forward with this installation and start the penetration testing Journey the first way to use scal Linux is by launching the distribution in the live USB mode this can be AED by downloading the installer image file or the ISO file from the K Linux website and flashing it to a USB drive with a capacity of at least 8 GB some people don't need to save their data permanently and a live USB is the perfect solution for such cases after the iso image is flashed the thumb drive can be used to boot a fully working installation of the operating system with the cavar that any changes made to the OS in this mode are not written permanently some cases allow persistent usage in live USBS but those require further configuration than normal situations but what if the user wants to store data permanently in the installed OS the best and the most reliable way to ensure this is the full-fledged hard disk installation this will ensure the complete usage of the system's Hardware capabilities and will take into account the updates and the configurations being made to the OS this method is supposed to override any pre-existing operating system installed on the computer be it windows or any other variant of Linux the next alternative route for installing K Linux would be to use virtualization software such as VMware or virtual box the software will be installed as a separate application on an already existing OS and K Linux can be run as an operating system in the same computer as a window the hardware requirements will be completely customizable starting with the allotted Ram to the virtual hard disk capacity the usage of both a host and guest guest operating system like K Linux allows users a safe environment to learn while not putting the systems at risk if you want to learn more about how one can go forward with this method we have a dedicated video where Ki Linux is being installed on VMware while running on a Windows 10 operating system you can find the link in the description box to get started with your very own virtual machine the final way to install Ki Linux is by using a dual boot system to put it in simple words the Ki Linux OS will not be overriding any pre-installed operating system on a machine but will be installed alongside it when a computer boots up the user will get a choice to boot into either of these operating systems many people prefer to keep both the windows and K Linux installed so the distribution of work and recreational activities is also alloted effectively it gives users a safety valve should their custom Linux installation run into any bugs that cannot be fixed from within the operating system there are multiple ways to install K Linux we can either install it on a normal hard drive in a virtual machine software such as VMR or virtual box or we can do that in hard bare metal machines now for the convenience of explanation we're going to install K Linux today on a virtual machine software known as VMware VMware is able to run multiple operating systems on a single host machine which in our case is a Windows 10 system to get started with K Linux installation we have to go to the website to download an image file we go to get Kali and as you can see there are multiple platforms on which this operating system can be inverted as per our requirement we're going to go with the virtual machine section as you can see it is already recommended by the developers this is the download button which will download a 64bit ISO file we can download 32-bit but that is more necessary for hard metal machines or if you're going to use it for older devices which do not support 64-bit operating systems yet after clicking on the download button we can see we have a window archive which will have the ISO files for now we have downloaded the ISO file and it is already present with me so we can start working on the VMS side of things once the ISO file is downloaded we open up VMware Workstation go to file and we create a new virtual machine in these two options it is highly recommended to go with the typical setup rather than the custom one the custom is much more advanced and requires much more information from the user which is beneficial for developers and people who are well versed with virtualization software but for 90% of the cases typical setup will be enough here we can select the third option which will be I will install the operating system later in some operating systems we can use the ISO file here directly and VMR will install it for us but for right now in the case of K Linux the third option is always the safest K Linux is a Linux distribution so we can select Linux over here and the version as you can see here it have multiple versions such as the multiple kernels every distribution has a a parent distribution for example K Linux has Debian and there are other distributions which are based or forked from some parent distribution Kus is based of Debian so we can go with the highest version of Debian which is the Debian 10. X 64bit go on next we can write any such name we can write K Linux so that it'll be easier to recognize the virtual machine among this list of virtual machine instances the location can be any location you decide to put by default this should be the documents fold fer but anywhere you put it will hold up all the information of the operating system all the files you download all the configurations you store everything will be stored in this particular location that you provide when we go next we are asked about the dis capacity this dis capacity will be all the storage that will be provided to your virtual machine of K Linux think of your Windows device if you have a 1 TB of hard drive you have the entirety of the hard disk to store data on how much data you give here you can only store up to that amount of data not to mention some amount of capacity will be taken up by the operating system itself to store its programs and applications for now we can give around let's say 15 GB of information or if a recommended size for D is 20 you can just go ahead at 20 it depends all on the user case if you're going to use it extensively you can even go as high as 50 or 60 GB if you have plans to download many more applic applications and perform multiple different tests another option we get over here is storing virtual diss as a single file or storing them into multiple files as we already know this virtual machine run entirely on VMware sometimes when transferring these virtual machine instances let's say from a personal computer to a work computer we're going to need to copy up the entire folder that we had mentioned before over here instead all virtual machines have a portability feature now this portability feature is possible for all scenarios except it is much easier if the split the virtual dis into multiple files now even if this makes porting virtual machines easier from either system to system or software to software let's say if you want to switch from VMware to Virtual box or vice versa the performance takes a small hit it's not huge but it's recommended to go with storing the virtual L as a single file if you have no purposes of ever moving the virtual machine even if you do it's not a complete stop that it cannot be ported it's just easier when using multiple files but in order to get the best performance out with the virtual machine we can store it as a single file over here this is a summary of all the changes that we made and all the configurations that have been settled until now now at this point of time we have not provided the ISO file yet which is the installation file for the K Linux that we downloaded from this website as of right now we have only configured the settings of the virtual machine so we can press on finish and we have K Linux in the list now to make the changes further we press on edit virtual machine settings the memory is supposed to give the ram of the virtual machine the devices with ram of 8 GB or below that giving high amount of ram will cause performance issues and the host system if the memory has some amount of free storage left let's say on idle storage my Windows machine takes about 2 GB so I have 6 GB of memory to provide although if you provide all of the 6gb it'll be much more difficult for the host system to run everything properly so for this instance we can keep it as 2 GB of memory for the virtu machine instance similarly we can use the number of processors and we can customize it according to our liking let's say if we want to use One processor but we want to use two different cores we can select them as well hard disk is preset up as the SCSI hard disk and it does not need to be changed for the installation of this operating system at all CD ID DVD this is where the installation file comes you can think of the ISO file that we downloaded as a pen drive or USB thumb drive which is necessary to install an operating system to provide this we're going to select use ISO image file we're going to click on browse going and go to downloads and select the IMO file over here select open and we can see it is already loaded up next in the network adapter it is recommended to use natat this helps the virtual machine to draw the internet from the host machine settings if your host machine is connected to the internet then the virtual machine is connected as well there are some other options such as host only or custom segments or land segments but those are not necessary for installation rest of them are pretty standard which do not need any extra configuration and can be left as it is press okay and now we can power on this virtual machine in this screen we can choose how we want to proceed with the installation we have a start installer option over here so we're going to press enter on that we're going to wait for the things to load from the ISO file um the first step in the installation is choosing the language of the operating system for this we can go with English as standard this is a location this will be used for setting up the time and some of the internal settings which depend entirely on the location of the user so for this we're going to go with India configuring the keyboard it's always recommended to go with the American English first many people make a mistake of going with the Indian keyboard if it is possible and it provides a lot of issues later on so it's always prefer to go with the American English and if later we see some necessity of another keyboard dialect that is NE required we can install it later but for now we should always stick with American English as a basic at this point it's going to load the installation components from the ISO file it is a big file of 3.6 GB so it has a lot of components that need to be put into the virtual machine which can also be used to detect Hardware once the hardware and the network configuration is done by the ISO file we want to write a host name for the system this host name can be anything which is used to recognize this device on a local network or a land cable let's say if we use the name Kali domain name name you we can skip it for now it's not necessary as such for the installation this is the full name for the user let's say we can provide the name as simply learn as a full name next we going to set up a username this username is going to be necessary to identify the user from its root accounts and the subsequent below accounts for now we can give it as something as simply one to three now we have to choose a password for the user now remember since this is the first user that is being added onto this newly installed operating system it needs to be a password for the administrator we can use whichever password we like over here and use the same password below and press on continue at this point it's going to detect on the components on which the operating system can be installed like here there are multiple options like the use entire disk use entire dis and set up lvm use entire dis and set up encrypted lvm for newcomers it is recommended to just use the first one since lvm encryption is something that you can learn afterwards when you're much more handson with the Linux operating system for now we're going to use the use entire dis guided installation and press on continue when we set up the virtual machine on vmw we had set up a dis capacity that we propose 20gb that is the hard disk which is being discovered here even though it is a virtual disk on VMR it acts as a normal hard disk on which an operating system can be installed so we select this one and press on continue here there is a multiple partition system all the operating systems that are installed have different components one is used for the a keeping of the applications one for the files other for the RAM management and other things for newcomers it is always recommended to keep it in one partition and we're going to select that and press on continue this is just an overview of the partition it's going to make as you can see it has a primary partition of 20.4 GB and a logical partition of 1 GB used for swap memory now these kind of naming can be confusing for people who are not well versed with Linux operating systems or in general virtualization but for now you can go ahead and press on continue as this will be fine we can press on finish partitioning and write changes to disk and continue it's just a confirmation page as you can see it's that scsi3 is our virtual hard disk of 20gp dis capacity write the changes to the disk we press yes and click on continue at this point the installation has started now this installation will take a while depending on the number amount of ram provided the processors provided and how quickly the performance of the system is being hampered by the host machine on quicker systems this will be rather quick while on the smaller ones this will take a while since this is going to take some time to install as it is being run on a virtual machine with only 2GB of RAM we're going to speed up this part of the video so we don't have to waste any more time just watching the progress bar now that our core installation is completed it's asking us to configure a package manager the work of a package manager on Linux operating system is similar to the Google Play Store on Android mobile devices and on the app store for the Apple devices it's an interface to install install external applications which are not installed by default let's say for Google Chrome or any other browser which can be used to browse the internet at this point of time it ask us to select a network mirror we're going to select as yes and move forward with this next it's going to ask us for an HTTP proxy which we can leave it as blank and press it as continue forward at this point of time it's looking for updates to the K Linux installation this will fetch the new builds from the Kali server so the installation is always updated to the latest version now that the package manager is configured we have the grub bootloader the grub is used for selecting the operating system while booting up its core functionality is to allow the operating system to be loaded correctly without any faults so at this point of time if it ask install the graub boot loader to your primary dive we can select this as yes and press continue remember the installation was conducted on dev SDA so we're going to select installation of the gr loader on the same hard disk that we have configured we press this one and press continue so now the grub bootloader is being installed the grub is highly essential because it it shows the motherboard where to start the operating system from even if the operating system is installed correctly and all the files are incorrect order the absence of a boot loader will not be able to launch the OS properly as you can see the installation is finally complete so now we can press on continue and it's going to finalize the changes now you can see K Linux being booted up straight away it doesn't check for the ISO file and since the operating system is now installed onto the virtual hard disk storage that we had configured before here we're going to enter our username and password that we had set up before and we have the color system booted up and this is your homepage we can see the installed applications over here which are being used for penetration testing by multiple security analyst worldwide all of these come pre-installed with K Linux and others can be installed using the AP package manager that we had configured we can see a full name over here and with this our installation of the Ki Linux is complete so if you are looking to learn ki Linux and get certified into ethical hacking explore the wide range of cyber security and ethical hacking courses by simply learn find the course Link in the description box basics of K Linux let us take a look at the agenda for our demo today we start out with a few terminal commands that are a basic part of a Linux operating system the configure our own proxy chains to maintain anonymity while running penetration testing attacks on our victims next we run a few n map scans on a local Windows 10 machine to find out the type of information that can be gathered in such a scenario moving on we use y Shar to monitor internet traffic and understand the importance of encryption and security when browsing the worldwide web next we learn about metas spit and its various applications in the line of vulnerability assessment of a device and finally we use mloy to take root access of a fully updated Windows 10 computer system let's begin with some terminal Basics on K Linux when most people hear the term Linux they Envision a complex operating system used only by programmers however the experience is not as frightening as it appears Linux is an umbrella term for a collection of free and open source Unix operating systems there are many variants like Ubuntu Fedora de these are distributions which is will be a more precise term when using a Linux operating system you will most likely utilize a shell which is a command line interface that provides access to the operating system Services the majority of Linux distributions shipped with a graphical user interface also known as GUI as their primary shell this is done to facilitate user interaction in the first place having said that a command line interface is suggested due to its increased power and effectiveness by entering the commands into the CLI tasks that require a multi-step GUI procedure may be completed in a matter of seconds you can start the terminal by clicking on the prompt icon here on top once the terminal is open we can put up our commands the First Command that we are going to look into is PWD PWD stands for present working directory as of right now what you're seeing is the terminal window by default if I write PWD and press enter this shows the directory in which the terminal is being run on as of right now it's in the NF folder of my desktop which is specifically this folder if I open up this folder you can see it is currently empty as in it has no contents if I use another command known as mkdir which is supposed to stand for make directory and I write nf2 shortage for new folder 2 if I open up the NF F you can see the new folder is created this is how the PWD command Works another important command to change directories it's called the CD command let's say right now if I am in NF I want to create a new file in nf2 folder or something else in the nf2 folder I have to shift to CD nf2 Now if I write PWD it will show the present working directory of Home simply learn desktop NF and inside that I am in nf2 right now it is done to navigate through the Linux files and dis directories it requires either the full path or just the name of the directory if we have to move a completely different folder on a completely different file then we can use the entire path like this for now CD Works another few commands is we can write CD dot dot and it will come back one folder now the PWD will be just NF and not nf2 let's say we are in this folder and we want to go a different file let's say if we just go for CD home simply learn that's it right now these are the folders in our current present working directory we have the desktop the documents downloads Etc from here we can again go to the desktop using the same CD command cross check the changing of directories and check the files again and yes there we go NF how do we know this what are the command that I used to show the files and folders that folder is known as the ls command LS can be used to view the contents of a directory by default this command will display the contents of your current working directory if we add some other parameters we can find the contents of other directories as well there are some hidden files as well in Linux which cannot be showed just with ls for example if you just go to CD Etc which is a configuration folder for Linux if you write LS now these are the files that can be seen if we want to see the hidden files we'll have to add one more parameter here like LS minus a and as you can see the number of files have increased this time around there are other things as well that we can see with Linux LS minus a L will show the hidden files along with some of the parameters and some of the permissions that has been provided for each file as you can see many of these files have root access some of them can write some of them can read it differs file to file and the ls minus Al command is used to check each of these files permission and change them accordingly if needed the next command that we can look for is the cat command or concatenate it is one of the most frequently used commands and it is used to list the contents of a file on the output for example let's say if I have a file at the desktop in this nf2 folder I will create a document create an empty file e file I'll open up the document and I'll write it as hello KH I will save this up now to change the directories from Etc to nf2 we have already discussed how to use the CD command using just the folder name now if you want to go to the entire directory we can write CD home as you can see it is already prompting us to complete the name of the directory at this point we just have to press tab and it completes it for ourself next we already know we have to enter the desktop NF and nf2 and this brings us to the current working directory here if we press LS we can find a file over here now as discussed for the concatenate it is used to show the contents of a file so right now if we press cat which stands for concatenate e file as you can see we have written hello khi in the text file and we can see the output right now we can also use it to create new files for example if you write cat any file name such as e File 2 here we can write anything hello Kali again once we press contrl C here we can check eile 2 and we have hello Kali again printed over here we can see the same using the con cenate command as well if I press LS you can see we have two files here and I can go with cat e File 2 and I have Hello Kali again this is how the concatenate command Works apart from this it can be used to copy there is a different command like called CP which is used to copy the files from one place to another mind you this is not moving this is only going to copy the command for example currently our PWD which is the present fcking directory is in the nf2 folder as you can see over here let's copy the E file tool to the NF folder we can write CP e File 2 and give the path of the NF folder which will be home simply learn textop nnf now if I press LS I'll find both the files and nf2 since I copied to go back to the NF folder again we can again use the same command of no we can again use the home simply learn ttop and just NF no nf2 this time just NF as you can see this will change back our present working directory now when we press LS we will find the eile to file and the nf2 folder and we can confirm this using the GUI as well this is the NF folder and you can see the NF to folder and the E File 2 document if I write cat e File 2 Cat eile 2 we can see the contents of the file now this can be done using moving as well for example if I go to CD nf2 which is the inside folder it has both the document files like e file and E File 2 let's say I want to move the E file completely from nf2 to NF1 instead of writing CP the command I'm going to use is MV MV e file and again give the path of the folder into which I have to copy which will be again home simply learn desktop and NF as you can see the contents of the nf2 have appeared here and E file has been moved from nf2 to NF this is the nf2 and we don't find e file here anymore if we press CD dot dot and we go back to NF LS right now and we can file both the files e file that we moved and E File 2 that we copied from the nf2 folder so this is how copying and moving will work using the terminal now this is just a simple oneline statement that might take a couple of clicks when using GUI this is why the command line interface is considered to be much more streamlined for Linux operating systems another very important command for Linux operating system is the pseudo command pseudo is short for super user do the command enables you to perform tasks that require administrative or root permissions you can think of it as how we run programs as administrator on Windows systems it is not advisable to use this command for daily use because it might be easy for an error to occur and the permissions of root are very intricate so new beginners are advised to use the pseudo command only when absolutely necessary for example pseudo Su with this command I am giving this terminal a root permission this Su stands for this user at this point it's going to ask for my admin password once I enter my password and I now have root access note how the password that I entered did not show up here this is a security measure to prevent people from snooping on on your root password which is the end game of all this operating system as you also can see the symbol changed if the dollar symbol is showing it's source as a standard user when you switch to root you can easily see a hash symbol this opens up a separate shell inside this terminal command for example we can exit out of the root user to the standard user using the command exit and once again we have the dollar sign and the root has vanished over here there are some commands that will only work with administrative access for example when updating the K Linux system we have to use a update as you can see it says problem unlinking the file because permission denied now let's try this using pseudo pseudo APD update as you can see it is updating the package repositories which work as the software installed on the system this can be done using either writing the sudo command every time we want to perform a root access or we can just write pseudo Su once and write AP update alone the fetching is complete over here for the second example let's say I just write pseudo Su and this time is not going to ask me the password because at this current terminal process I've already provided the ru password once and it is in memory right now now when we use to update the system we had to write pseudo AP update that was because we were running it as a standard user now we are running it as a root user so all we have to write is APD update and it's going to continue its work there you go another command that can be useful is the Ping command it's pretty self-explanation not it's going to be checking the internet connectivity you can be used to check internet connectivity or you can see if there is a local server on your system which needs to be pinged then you can check that for example if we have to write ping and we can use either IP address or domain let's say if you want to check that if we can access google.com using this K Linux installation or not we can write ping google.com and you can see it shows the bytes being sent and received and and how much time it took to take up the request this can be done for local systems as well for example this installation of K Linux is being run on a virtual machine once this machine is running I still have my host machine running over here the IP address of which is 192.168 29179 if I try to Ping this from here as you can see the time to complete the request is drastically low compared to a website on the internet considering this is on the local network this is how the Ping command is worked and it can show you what kind of packages are transmitted how many are received if there was any kind of packet loss between the connection window and other details a very important command when working with the terminal for a long duration is a history command pretty self-explanatory there are so many commands that are being run some sometimes people forget what was the change they did or what was the directory name they put a history command helps to recover some of the commands that you have written it doesn't go all the way back but it takes up many commands that were inputed in the last few processes this is how the history command works these are some of the most commonly used terminal commands if you want to learn more about this terminal and every other feature of this please let us know in the comment section and we'll try to make an in-depth tutorial special if difficult repeat if you want to learn more about the terminal please let us know in the comment section and we will try to make an in-depth tutorial specifically for terminal commands on Linux moving on we learn how to configure proxy chains on our system proxying refers to the technique of bouncing your internet traffic through multiple machines to hide the identity of the original machine it is a good tool that hackers use to accomplish this goal is proxy chains essentially you can use proxy chains to run any program through a proxy server this will allow you to access internet from behind a restrictive firewall which hides your IP address proxy chain even allows you to use multiple proxies At Once by chaining them together one of the most important reasons that proxy chains is used in a security context is that it's easy to evade detection attackers often use proxies to hide their true identities while executing an attack and when multiple proxies are chained together it becomes harder and harder for forensic professional to trace the traffic back to the original machine when these proxies are located across countries investigators would have to obtain warranties in the local jurisdictions where every proxy is located to to see how proxy chain Works let's open Firefox first and check our current IP address write Firefox and there we go as we can see Firefox is now open let's check our current IP address right now if you go to an address called my ip.com and you can see it easily detects our country is in India and this is a public IP address now if we move to the terminal again here we can now write proxy chains minus H what this minus H does is it finds a help it it stands for the help file this is for help F what we found out using this is proxy chains has a config file here Etc proxy chains 4.co NF this is the config file found using this config file we can customize how our proxy change should work if we want to open that we have to use it in a text editor on Windows we have notepad and other things like that Microsoft Word to edit documents on Linux we have a tool called Nano to access the Nano we use the command Nano and give the path of the file file that we want to check as of right now the proxy chain config file is located over here so we're going to follow the path there chains 4. CF and here we go we see the config file there are three basic types of proxy chaining here we have a strict chain where all the proxy in the list will be used and they will be chained in order we have a random chain where each connection made through proxy chains will be done by a random combo of proxies in the proxy list and you have Dynamic chain it's the same as strict chain but dead proxies are excluded from the chain and here we can set up whichever type we want to enable or disable a particular type we use the hash symbol here as you can see right now all the lines have a hashtag symbol at the front except this one a dynamic chain this is the current one being used let's say if I want to use a strict chain method so I can add a hash value here and remove the hash here at one point of time any one of these three four types should be enabled let's go for the Dynam um Dynamic chain we can disable this strict Chain by putting the hashtag in front and removing the dynamic chain as you can see below we have few commands to how to handle the Nano text editor this symbol is known as the control button on your keyboard now if we want to write out which is synonymous to saving the file supposed to go with crol o so if I press CR o on my keyboard it says file name to write and we have to press enter here since we want to overwrite the proxy chain 4. CF file we don't want to create a new file over here so just press enter and we get a permission denied this permission denied we're getting is because we have opened this using a standard user Etc is a system folder to be able to use make some changes we have to use it using a Pudo command to exit this Nano we have to use the control X command we use contr x we're going to clear and this time we're going to use the pseudo command pseudo Nano Etc proxy chains 4. ZF and we have the same file open up again now this time if you want to make a change let's say we going to add a strict chain instead of a dynamic chain which remove the hashtag from stract we're going to use contr o for the save file option we're going to press enter and it says R 160 lines again if you want to reverse this change we put the hashtag over here enable Dynamic chain we press CR o press enter and it says root 160 lines now we can exit straight away using the CR X format right now we have not provided any file or a proxy chain we can have proxy IP addresses from the internet but we have to make sure that they are safe and they don't Snoop on our data when there is no proxy chains being provided personally it going it's going to use the T Network but for that we have to start t t is a service in Linux to know more about this tore we can write sudo system CTL which is used to know the status of services on the Linux operating system and status of Tor uh system CTL sorry uh instead of STL it should be system CTL status Tor as you can see it is a to service anonymizing overlay Network for TCP connections and it's currently inactive now to start this up we have to write sudo system CTL start T now if we repeat the same sudo system CTL status store as you can see it's active now you can see the green logo over here okay to integrate the fir Fox and the browser we can use the proxy chains command directly over here we can write proxy chain me we can use Firefox to launch our web browser and let's say if we want to visit google.com we press enter and the Firefox window is launched and it should open up google.com next and there we go if we go to myip.com once again as you can see we have a different IP address and the country is unknown as well so this is how we can use proxy chains to to anonymize a internet usage when using G Linux next on our agenda is the ability to scan networks using nmap at its score nmap is a network scanning tool that uses IP packets to identify all the devices connected to a network can learn more about nmap using the help file as you can see these are some of the parameters that can be used when scanning ports of a system you can see the version and the URL of the we of the service over here the primary users of nmap can be broken into three cow processes first the program gives you detailed information on every IP active on your network and then each IP can then be scanned secondly it can also be used to providing a lot of live hosts and open ports as well as identifying the OS of every connected device thirdly nmap has also become a valuable tool for users looking to protect personal and business websites using nmap to scan your own web server particularly if you're hosting your website from home is essentially simulating the process that a hacker would use to attack your site attacking your own site in this way is a powerful way of identifying security vulnerabilities as you already discussed The Host Windows 10 machine on the system has an IP address 192168 29179 if you want to to test the OS scan of the system we're going to first get the root permission over here we use the pseudo command and now we are root user we're going to launch the command n map minus o which is supposed to be an OS detection scan the IP address we can use of the host system 192.168 29179 in a legitimate penetration testing scenario we can use the IP address of the vulnerabil device over here we are going to let it scan for a while and it's going to give us some guesses on what can the OS be as you can see the scan is done and it has shown some of the ports that are open you can see the msrpc port open the https 443 Port open which is used to connect to the internet and it has some aggressive OS guesses as well for example it thinks there a night 94% chance that it's going to be a Microsoft Windows XP Service Pack 3 that's partly because a lot of the Windows XP update packages are still prevalent on Windows now that the OS detection is confirmed there are multiple more details that we can gather from nmap let's go with the nmap minus a command which is supposed to capture as much data as possible there is also a speed setting you can call it a speed setting or a control setting of the minus t minus t ranges from t 0 to T1 to T2 all the way up to T5 this basically determines how aggressively the victim is being scanned if you scan slowly it'll take more time to provide the results but it will also give a less chance for the intrusion detection system on the vulnerable machine firewall to detect that someone is trying to penetrate the network for now if we want to go with somewhat of a high speed we can go with the T4 and provide the same IP address of the local machine I am trying to attack it's going to take a little bit of time since it's trying to capture a lot of information as you can see the results are now here it it launched a scan and took a few top ports that are most likely vulnerable from from a Windows XP perspective and it showed a few ports over here it has not shown 991 filtered ports which could not be attacked anyway since they were closed for outside access it shows a few fingerprint settings like the connection policies and the port details it shows an HTTP options some other intricate details that can be used when you attacking its servers it shows a VMware version that it's running and few other ports over here apart from that we also have the aggressive OS guesses over here just like we did with the minus o and you can see this time it is showing Windows 7 as 98% no exact o matches since uh if there was any exact o matches we could have seen a 100% chances over here this is a trace route a trace route will be the time and the path a connection request takes from the source to the destination for example this request went from 19 to 16817 2.2 to a destination address since this is a local machine it took only a single step on multiple occasions if you're trying to access a remote system it's going to be a number of Trace rots when it jumps from firewall to firewall and router to router this is how we can use nmap to find information about a system and find some vulnerable ports we can access moving on we have a tutorial on how to use W shck to sniff Network traffic to start using wire shark we're going to have to open the application first now during installation of wi Shack there is an option to enable if non-root users can be able to capture traffic or not in my installation I have disabled that so I will be launching my Shark when using the root user itself also to capture data we need an external Wi-Fi adapter you can see it over here in the VM tab removable devices R link a2.1 and W Lan this is a external Wi-Fi adapter which is inserted into my USB system you can see it over here if I write IW config this is the one dou L zero this is absolutely necessary because we need to have have a monitor mode required we won't need it for sniffing data on Yar right now but it's going to be necessary later on in this tutorial as well as we will see for now we can just start up v shark by writing its name on the command line and it should start the program here we go here it's going to check which of the adapters we want to use for example right now the eth0 which supposed to stand for ethn zero Port you can see data is being transmitted up and down we're going to select ET Zer and we have started capturing data you can see the data request from the source to destination and the time and the which protocol it is following everything we can see and we can see the ipv4 flags here as well as you can see over here to capture internet traffic we can try running Firefox if we just write wikipedia.com and you can see the number of requests increasing okay this is spelling mistake Wikipedia here you can see the application data of all these request going up and they connected to a destination server of 103 102 16622 4 now if you even if you check the transmission control protocol Flags over here and so many more things we cannot find anything beneficial as you can see the information over here is gibberish which is supposed to be since it's supposed to be encrypted now this is possible due to this being an https website hence you can see the lock symbol over here and connection is supposed to be secure now what about HTTP ports we have seen a many people recommend to not visit HTTP ports repeat we have seen many people recommend to not visit HTTP websites and even if you have to visit to not provide any critical information for example let's go to a random HTTP page over here as you can see this saying connection is not secure and this is an HTTP HTTP page and not https now let's check for some of the information that is passing through this this is a login form let's say I have a legitimate account over here if I write my account name and my password is supposed to be password 1 1 2 3 4 I press login and uh the password does not match because I do not have an account over here but let's say I did and I was logged in as expected we can go to wire Shack we can use filters over here now all the requests that I'm sending it's a TCP request so I can write a filter containing TCP contains whatever string if it is being passed let's say if for the end username I write my account name so I can just write my account name over here and press enter to find a request over here now as you can see there are many flags over here if we go to the HTT HTML form URL encoded and open up some of its flags as you can see I can see my account name and simply learn password over here this is the same details that I input on the website let's say I did have a legitimate account on this website I would have logged in with no problems but anyone who would be using wi shark to sniff on the data can easily get my credentials from here this is why it's recommended to not provide any information on HTTP Pages the security is not up to the mark and always look for the lock symbol when visiting any website or making any internet transactions or providing any information this is how we can use wire shck to detect transmission and sniff packet data that is being transferred through the network adapter next we have to learn about what is Metasploit the Metasploit project is a computer security project that provides information about security vulnerabilities and AIDS in penetration testing and IDs development we can open up the terminal here we're going to allow root access and to open up Metasploit the keyword is msf console it's going to take a little bit of time to start it up now the Metasploit console has been loaded from here we can decide what type of attack we want to launch and what kind of exploits we can launch against vulnerable targets for example like we already discussed I'm running this virtual machine on a Windows 10 host machine so if I open the command prompt from my Windows 10 over here if I need to check the IP address once I go with ip config here you can see the IP address of this local machine moving on if we have to attack that machine let's say we want to see what kind of exploits are going to work over there now we already know that Windows has some common vulnerabilities one of those vulnerabilities is the HTA server vulnerability HTA is supposed to be a HTML application but when pass the right payload it can be used to open a back door into a system to start off with the Metasploit and accessing such applications we're going to use the command use exploit and the name of the reverse HTA server is this Windows Misa for miscellaneous HDA server as you can see it already found this one all right now there are some options that we need to set for this exploit to go through for example you can see some of the options over here there's a payload the payload is supposed to be the malicious file that we are going to send on the HTML application which allows us to give the back door for example right now the payload which is the malicious file is a Windows meterpreter reverse TCP completely understandable now let's set the L host lhost and R host and SRV host should be the one where we are going to launch the attack from for example if we launched another tab of this console and we just press I F config the IP address is 192 + 168 72130 so we're going to set the L host As 192.168 72130 and we're going to do the same thing with SRV host we're going to set a port where we need to capture the back door access next the payload has already been set this payload will launch a back door and give us meter pritter access to the system meter prer is can be considered as an upgrade of a normal command prompt shell we will look into it once we get the access in the first place now that we have set the commands we can press on exploit and press enter now you can see we have a URL over here we're going to copy this URL once the URL is copied we take it into the browser and paste it this will ask us to download this file now as per browser security settings this file should be blocked by default we can decide to keep it and with the correct formulation of this malicious package even the website browser antivirus softwares will not be able to detect good payloads we're going to save this file and we're going to open it publisher could not be verified if we press run and we go back to our meter Peta AIS over here you can see it has already captured a URL of an HT server and it is writing delivering payload just have to wait for a few seconds the payload is delivered it has sent this much amount of data meter P session one is opened and we should get the access soon there we go now to understand where is the session set we can write sessions minus I as you can see it has a met over here we're going to write sessions minus I the session ID is one so we're going to write one and we have the meter AIS now to get a fair idea of the system we're going to WR s info and it's going to the computer name the OS architecture all these things we can write the help command to see what are the things that we can get out of the system we can take screenshots we can control the webcam and start a video chat we can take a lot of things over here there are other commands as well where we can change the file directory like the cat command CD command there are so many things that work in the normal CMD which we can run on the metapa as well now if you want to access this command prompt of the system directly we can go with this we have to write shell and there we go we are in the downloads folder right now to see if this is the same computer or not we're going to write ip config as you can see it is our M victim machine with 192 168 but 29.71 we can just press exit and we're back with the meter prer access this is how we can use meter prer and metas to gain access to a Windows 10 machine next let's take a look at how we can get root access from a Windows 10 system we just learned how we can get a meter prer access from our system we can background this meter prer session by writing background and pressing enter we can still we can still see the sessions sessions minus I it's still present over here now these kind of access are not administrative access these are the kind of back TOS that can be created for standard users but to get a complete access of a system including the program files the windows documents we need to have root access or administrative access to do that we're going to use another exploit reminder that the meter session of the standard axis is already present and we're not messing with it right now we're going to set up another session albate with the same machine that exploit name is use exploit Windows local bypass USC Event Viewer and there we go now if we check the options that we can put in the system we have to choose an exploit Target we need to put a session as well let's say we going to use the session one this is the session that has the metapa access with the standard user it doesn't have the system user we're going to write set session one and we're going to run exploit run a few commands and it open a second meter session as you can see it is the session two if I write s info you can still see I'm not the um system user right now I'm still just a normal user how can we check that if you go to Shell I still see see users jna downloads all these things if I press exit and go back to the meter P there is a command on meter get system it attempts to elevate your privilege to that of the local system which basically means you get promoted into root access so if we write get system and due to pip impersonation we now have the system root access as you can see now it has become x64 and we are the admin users now if I go to Shell I can easily go back windows and I can easily access these things this kind of control over the window folders and the program files folders these kind of things are not possible if you're not an admin access or the command prompt has not been run with admin permissions this is how we can use privilege escalation to get into an admin access system we used the second exploit which was the bypass us Event Viewer exploit and essentially used it with the first session as you can read here Windows escalation USA protection bypass it was first disclosed on 2016 but it still works on some systems this is how we can get root access on our Windows 10 installation so if you are looking to learn K Linux and get certified into ethical hacking explore the wide range of cyber security and ethical hacking courses by simply learn find the course Link in the description box the increasing adoption of cloud computing Solutions will offer robust opportunities for more the market of the forecast period and allow introduction of newer Technologies the use of cloud computing Solutions is quickly growing worldwide owing to the lower cost of cloud-based services and the lack of the need to set up separate it infrastructure the penetration testing Market is predicted to also grow in the near future due to the increasing use of cloud-based Solutions and services for multiple workloads be it email data backups CRM and collaborative Services Cloud deployment exposes software to more vulnerability and makes it more accessible to unauthorized users this is where penetration testing for security testing comes in with handheld devices seeming to be the primary device of choice for the future one such framework that facilitates this service is the offensive security back khi net Hunter so let's take a look at the topics to be covered in today's video on khi net Hunter we start with a small introduction to what khaliif net Hunter is followed by going through the different versions of K net Hunter we then learn about the different components in the K net Hunter framework and some of the most helpful attacks or features that are featured in this distribution finally we take a look at the pros and cons of K net Hunter as a whole before we get started with the video be sure to subscribe to our channel for more videos like this and hit the Bell icon to never miss an update again so let's get started with what is khi net Hunter KH net Hunter is the very first Android penetration testing framework for Android smartphones because net Hunter is an open source project developers can freely utilize it without fearing copyright infringements or other threats the project grants access to the Kali toolkit to compatible Android devices which allows penetration testing furthermore net Hunter provides several unique capabilities unavailable on other Hardware platforms a userland refers to space outside of an operating system kernel meaning anything that doesn't have root access we can use an app to system supported on Nexus or OnePlus and rooted Android phones while this is pretty incredible there are some limitations to this in general you can communicate with the instance of whatever Linux device you want via SSH or VNC using kly net Hunter the best device for hackers is an Android phone installed by K Linux because mobile phones are more convenient and portable than laptops for personal purposes the net Hunter interface also allows users to work easily with complicated configuration files through a local web Apache interface aside from this functionality modified Kernels at Android 802.11 wireless injections and securely linked preconfigured VPN Services comprise a strong network security breakthrough and a separate Dropbox with K Linux constantly at your disposal we now have a basic understanding of what K Linux net Hunter is however there isn't a single distribution to learn about here K Linux net Hunter has multiple different versions depending on the device at the hands of the users let's cover them in more detail so let's cover them in more detail while K net Hunter functions as a portable operating system designed for penetration testing there can be other tools you want that isn't pre-installed to solve this problem there is a net Hunter store at the address store.net hunter.com this function is the same as a Google Play Store on Android or app stores on iPhones except the difference is that the tools in this repository are more in line with ethical hacking and netw penetration the first of the three versions that net Hunter provides is the net Hunter rootless this works on almost all devices without any issues the number of tools available in this version is the lowest among the three we then have net Hunter light which requires root privileges to work properly doesn't need any custom kernel flashing to power up and has comparatively more tools than net Hunter rootless finally we have the original net Hunter package with all the tools available at its disposal however your device must have root privileges and the custom net Hunter kernel to install this version as we can clearly see the more open our device settings and preferences are the more tools K net Hunter can work with root privileges provide administrative access to many functionalities that net Hunter can and leverage and ultimately perform Network penetration with some tools are exclusive to the original net Hunter core and net Hunter light so you may have to cross check your requirements before installing any version on your device now that you have covered the different versions of K net Hunter let us cover its different components and how they help in the working of this distribution we look at the various net Hunter components which are effectively the building pieces of net Hunter's operation net Hunters roam comprises of various pieces that communicate and rely on one another to function properly below you will look at the three components that comprise net Hunter the first is a modified Android kernel followed by net Hunter Android app and finally but not least the Ki Linux chro itself let's examine these in depth the program that provides a UI to simplify the user task is a graphical component of net Hunter which is its Android app the software provides a straightforward interface for controlling the K Linux CH route the fact that it has a simple eyi does not imply that it is not capable are performing complex tasks this application contains all the configuration files necessary by net Hunter and is transferred to the SD card during the first run aside from the UI the program also serves as a bootup service allowing the server to activate when the device boots up the next in line is the custom Android kernel the kernel is a system component that allows applications to link to Hardware that meet users needs aside from facilitating communication the kernel also maintains system resources Now the default kernels inside Android do not supply at all utilities for security and exploitation still with a custom Android kernel any device can be empowered with unique features which are not accessible in the stock bu now we have the Ki CH root CH root essentially a full K Linux installation that allows Android to share network storage and other resources the K Linux Chu is effectively the heart of net Hunter and the configuration settings have been updated so that net Hunter functions seamlessly with the Android ecosystem net Hunter has a chro manager that simplifies the download and installation of chro this component is stored in an internal app storage region and one must meet the installation space requirements now that you have covered the different components of net Hunter let us cover some of the tools that distribution offers that may be used in penetration testing at the top of the chain lies nmap nmap stands for network mapper and is a free and open- Source utility for network discovery and security auditing many systems and network administrators who also find it useful for tasks such as Network inventory managing service upgrade schedules and monitoring host or service uptime it is most beneficial in the early stage of exploitation where a hacker must figure out the possible entry point to a system before running the necessary exploits uses raw IP packets in novel ways to determine what hosts are available on the network what services are being run what hosts are offering Etc it was designed to scan large networks but it also works fine against single host moving on we have mitm framework mitm or man in the work framework provides a One-Stop shop for man in the middle and network attack while updating and improving existing attacks and techniques originally built to address the significant shortcomings of other tools it's been almost completely Rewritten from scratch to provide a modular and easily extendable framework that anyone can use to implement their own version of a man in the- Middle attack it contains built-in SMB HTTP and DNS servers that can be controlled and used by various plugins the next tool at hand is the CeX manager it stands for the k desktop experience K net Hunter desktop experience puts the Ki Linux desktop in the palm of your hand it provides the graphical user interface or GUI of K desktop on your Android device making penetration relatively easier for people not comfortable with the command line however the major tools all include command line functions so this is more of a convenience inclusion rather than a functional one finally we have Metasploit the Metasploit framework is a very powerful tool that can be used by cyber criminals as well as ethical hackers to probe systemic vulnerabilities on networks and servers because it's an open source framework it can be easily customized and used with most operating systems with Metasploit the ethical hacking team can use rade or custom code and introduce it into a network to probe for weaker spots as another flavor of threat hunting once the flaws are identified and documented the information can be used to address systemic weaknesses and and prioritize Solutions we now have a very clear understanding of what K net Hunter is and its features let's cover some of the pros and cons of this particular framework when it comes to the advantages net Hunter provides features that are not by default included in the original kernels of Android phones the new tools can be used to perform Network penetration and system checks for security vulnerabilities qualcom checks and Snapdragon have monitor support in abled monom would helps listen to wireless traffic and capture data packets which can then be unencrypted and snooped on the Kernel Builder's presence assess the easy creation of kernels that are not yet available to the public similarly the use of gitlab CLI or command line interface speeds up the release timelines it allows the input of other developers making the bugs washing process easier and the development of the tools more collaborative the human interface device Hardware is fully supported by default but it must be enabled and configured through user Space controls so when it comes to the disadvantages of K net Hunter so not every Android phone is supported as part of the official net Hunter release therefore be cautious while downloading and running them since the wrong net Hunter may break the phone in some very rare circumstances because some internal WiFi systems do not allow monitor mode or data packet injection an external USB Wi-Fi adapter may be required Prov for some devices who want to pursue wireless network penetration Professionals in security testing penetration testing and ethical hacking utilize Linux as the preferred operating system provides several configurable distributions that mu May configure based on your end use K Linux and parat Os are two popular penetration testing distributions while these operating systems each have unique offerings the overall Choice can differ between Personnel thanks to the various tools and Hardware specifications today we will look at both these distributions and settle on the perfect choice for each type of user let's go through the agenda for this video we will learn about K Linux and pirot security Os from scratch while understanding their primary selling points as a Linux distribution catered towards penetration testers next we know about some features of these operating systems that stand out of their package finally we directly compare Linux and parro security OS thereby making a clear-cut conclusion on which OS is perfect on a per requirement basis so let's start by learning about K Linux from a ground level K Linux which is formerly known as backtrack Linux is an open-source Linux distribution aimed at Advanced penetration testing and security auditing it contains several hundred tools targeted towards various information secur security tasks such as penetration testing security research computer forensics and reverse engineering K Linux is a multiplatform solution accessible and freely available to Information Security Professionals and hobbyists among all the Linux distributions K Linux takes its roots from the Debian operating system Debian has been a highly dependable and a stable distribution for many years providing a similarly strong Foundation to the K Linux stop while the operating system can practically modify every single part of our installation the networking components of K Linux come disabled by default this is done to prevent any external factors from affecting the installation procedure which may pose a risk in critical environments apart from boosting security it allows a more profound element of security control to the most enthusiastic of users now let's take a look at parad secur SEC operating system paret security OS is a Debian based Linux distribution with an emphasis on security privacy and development it is built on the demian's testing branch and uses a custom Harden Linux kernel par security contains several hundred tools targeted towards tasks such as penetration testing computer forensics reverse engineering and security research it is seen as a generally lightwe distribution that can work under rigorous hardware and software specifications it features a distinct forensics mode that does not Mount any of the systems hard diss or partitions and has no influence on the host system making it much more stealy than its regular occurrence this mode is used on the host system to execute forensic procedures a rolling release is a paradigm in which software upgrades are rolled out constantly rather than in batches of versions and software development this ensures that the software is constantly up to date a rolling release distribution such as pirate security OS follows the same concept it provides the most recent Linux kernel and software versions as soon as they become available with a basic introduction to the operating systems out of the way let us take a look at the unique features of both K Linux and parad security OS the latest version of K Linux comes with more than 600 penetration tools pre-installed after reviewing every tool included in backtrack developers have eliminated a significant number of tools that either simply did not work or duplicated other tools that provided the same and similar functionality the K Linux team comprises a small group of individuals who are the only ones trusted to commit packages and interact with the repositories all of which is done using multiple secure protocols restricting access of critical code bases to external assets dramatically reduces the risk of source contamination which can cause scal Linux users worldwide a great deal of damage as a direct victim of cyber crime although penetration tools tend to be written in English the developers have ensured that Kali includes proper multilingual support allowing more users to operate in the native language and locate the tools they need for their job the more comfortable a user feels with the intricacies of the operating system the easier it is to maintain a stronghold over the configuration and the device in general since arm-based single board systems like the Raspberry Pi are becoming more prevalent and inexpensive the development team knew that ki's armm support would need to be as robust as they could manage with fully working installations Kali Linux is available on a wide range of armm devices and has armm repositories integ greeted with the mainline distribution so the tools for armm are updated in conjunction with the rest of the distribution let's take a look at some of the features of parat security operating system now along with the giant catalog of scripts par security OS has its own hardened Linux kernel modified explicitly to provide as much security and resistance to hackers as possible in the first line of defense the configurations in the operating system Act is the second Gateway taking care of malicious requests and dropping them off this is particularly beneficial since should there be a scenario where the latex Linux kernel is causing some particular issue the parat O development team will most likely iron it out first before passing it on as an update if the custom hardal kernel wasn't reason enough parot security developers managed to install more hacking tools and scripts to ensure a smooth transition for the Kali Linux users all the tools you find in Kali are present in parent to us and a few extra ones for good measure and this has been achieved while keeping roughly the same operating system size between both of them however it's not all productivity points for pirate OS they provide a choice between two different deop environments mate which comes pre-installed by default and KDE for those UNAM familiar with Linux terminology you can think of desktop environments as a main UI for a distribution being highly modular in nature one can use parad security OS while adding another desktop environment that they find appealing while K Linux has only a single option par security has provided two optimized bills with M desktop and KD desktop one of the primary advantages of parro os over Kali Linux is that it's relatively lightweight this implies that it takes significantly less disk space and computing power to function correctly with as little as 320 MB of ram required in reality paratos is designed to operate successfully off a USB stick but K Linux does not work well from a USB Thrive and is generally installed in a virtual machine parat is more of a niche distribution if you're searching for something lighter than K Linux features are great but what about performance real world metrics let us compare both these operating systems directly with respect to their Hardware specifications and usability in the end we can decide on what distribution is fit for each type of user for our first point of comparison let's take a look at the ram required for Optimum performance of the operating system which is highly essential when trying to crack hashes or something of similar nature RAM usage is a very important facet while K Linux demands at least 1 GB of RAM par security can operate optimally with a minimum of 320 MB of RAM for correctly displaying graphical elements K Linux requires GPU based acceleration while this is not the case with parent security OS which doesn't require any graphical acceleration needed from the user side once these operating systems are installed on VMware using the live boot isos the take up a minimum amount of hard disk storage both of these operating systems have a recommended dis storage of minimum of 20 GB in K Linux and a minimum of 15 GB in parro security so they can install all the tools necessary in the ISO file when it comes to the category and the selection of tools K Linux has has always been the first in securing every single tool available for hackers in the penetration testing industry par Security on the other hand has managed to take it up a notch while specializing in Wireless pen testing parage security makes it a point that all the tools that K Linux provides has been included in the iso while simultaneously adding some extra tools that many users will have to install from third party sources in K Linux being a decade old penetration testing distribution K Linux has formed up a very big Community with strong support signature par Security on the other hand is still growing and it is garnering much more interest among veteran penetration testers and ethical hackers a primary drawback of K Linux is the extensive Hardware requirement to perform optimally it requires higher memory than parro security it also needs graphical acceleration while demanding more virtual hard disk Storage parro security on the other hand was initially designed to run off a USB drive directly thereby requiring very minimal requirements from a hardware perspective like just 320 MB of RAM and no graphical acceleration needed this means parro security is much more feasible for people who are not able to devot massive resources to either their virtual machine or on their laptop hard disk directly with the comparison done between both of these operating systems let's take a look at the type of users both of these are catered to one can go with K Linux if they want the extensive Community Support offered by its users if they want to go with a trusted development team that have been working on this distribution since many years if they have a powerful system which can run K Linux optimally without having to bottleneck performance and if they are comfortable with a semi-professional envir environment which may or may not be very useful for new beginners one can decide to go with par security if they want to go with a very lightweight and lean distribution that can run pretty much on all systems it also has a lot of tools pre-installed and some of them are not even present on G Linux it is much more suitable for underpowered DS where users do not have a lot of Hardware resources to provide to the operating system and thereby it is much more feasible for people with underpowered laptops or no graphical acceleration compared to K Linux par securi desktop environment is also relatively easier to use for new beginners for people who are just getting into ethical hacking par security does a relatively better job of introducing them to the operating system and to the various toools without having to dump them into the entire intricacies if you are a Linux developer or you are preparing for a Linux developer role so this video is for you hello everyone and welcome back to another video by simply learn this is anub and in this video we will be learning about Linux interview questions but before we begin if you haven't subscribed to our Channel already make sure to hit the Subscribe button and press the Bell icon so you will never miss any update from Simply learn so without further Ado let's begin and see what's in it for you first we will see the introduction to Linux after that we will see Trends and recent changes in Linux commands moving ahead we will see how to become a Linux developer after that we will see the opportunities and salaries of Linux developers and after that we will see Linux command interview questions Linux platform gives its open source Natures has integrated a wide range of innovation Minds who have given their best to introduce world changing ideas into reality Linux is basically an operating system which is popular for its efficiency as well as its performance it can run on various Hardware platforms manufactured by IBM Intel and HP now let's see some Trends and recent changes in Linux commands Linux is super Computing the development and deployment of Linux powered super computors is a trend that shows no signs of abing given the flexibility structure of the Linux system as well as the compatibilities it has the usage of Linux as a super computer operating system is guaranteed to remain one of the most important Linux Trends in 2022 let's see the next Point New Linux based Hardware the Linux platform has gained a repulsion since Raspberry Pi and Chromebooks gained the attention of the particular domain of viewers these Linux based components are breaking new grounds as the new pass thanks to their small from size and ability to perform routine task with ease the platform has now witnessed Advanced implementations throughout the prior calendar year now the next point we will be discussing is the cloud and the Linux although Linux is popular in the technological Community it is going to continue to increase in popularity in line with the open-minded techniques of 2022 as cloud-based Technologies and the Linux system are so interconnected the Linux system is expected to grow with the cloudbased alternative now let's see the next point which is Chromebooks and Chrome OS Chrome OS has transformed into the most flexible operating system available in the market Chrome OS just obtain the ability to connect with Google Play Store and run just about any Android app giving user one of the most strange web ciruit experience possible talking into consideration the improvements on the operating system it is too soon going to be on a quick survey towards possibilities becoming the most flexible platform compatible on running Android and Linux softwares now let's see how to become a Linux developer let us take a look at the required skills needed to make a career as a Linux developer first one is learn C programming the first and the foremost thing which is needed is learn C programming most of the part of Linux are written in C if you want to contribute lowlevel parts of the system you should should know the Assembly Language as well however intentionally it is important to learn the C language next step is to learn algorithms and data structure to become a Linux developer you should have a fundamental knowledge of data structure and algorithms and algorithm is basically a step-by-step approach to solve a particular problem on the other hand data structure works on organization data both these components help the programmers to solve the problem within a minute The Next Step you should learn is operating system now that you have acquired some knowledge of the programming the next thing on your to-do list should be learn everything about the operating system and then do some programming competitive programming can help you Master's algorithms and data structures it also shows you how to solve a program in a short short period of time a competitive programmer must be able to solve an issue in a short amount of time now let's see the opportunities and salaries of Linux programmers when it comes to Linux professionals you have two choices you can either work towards becoming a developer or you can go into Administration furthermore the professional option are not limited to Linux platform they Encompass the wide range of applications the following are the areas where hiring managers are looking for hiring Linux developers first one is system architecture Linux system architecture salary in India rang between 6.3 lakhs to 44 lakh with an average annual salary of 21.1 lakhs the next one is system administration the average salary of a system administration in India range between R 2.4 lakh perom to rupes 4.5 lakh perm the next one is web developer and development Linux developer average annual salary in India range from rupees 3 lakh to 8.9 lakhs and for desktop and app development aage starting salary for Linux developer and app developer is in India is rupees 3 lakh per year now we'll move ahead with the Linux command interview questions the first question that we will discuss is what is Linux Linux is a uni based open source operating system Linux to walls was the first to introduce Linux the primary goal of Linux was to give a free and lowcost operating system for people who couldn't buy Windows iOS or Unix now the next question is Define Linux kernel is it legal to addit Linux kernel the answer is the Linux kernel is a low-level Software System it is used to keep track of resources and give a user interface yes it is legal to edit Linux kernel Linux is released under the journal public license which is GPL and any project which is released under GPL can be edited and Modified by the end users let's move on to the next question which is what is Li l o l l denotes Linux loader it is basically Linux boot loader which loads Linux operating system into a main memory to start execution most of the computer systems are featured with boot loaders for certain versions for Mac OS or Windows OS so if you want to use Linux OS you have to install a special boot loader for it when a computer gets started bios conducts small initial test and transfer control to the master boot roader for from here L loads the Linux OS and started the benefit of utilizing L loo is that it ensures a quick boot of the Linux operating system moving ahead let's move on to the next question which is what are the basic components of Linux the following are the basic components of Linux first one is share it is a Linux interpreter which is used for executing commands the next one is Kernel kernel is the co-art of the operating system which is used to manage hardware and operations after that the next one is system utilities these are the software functions which help users to manage their computers the next one is GUI GUI donates graphical user interface through which the user can interact with the system but unline CLI GUI compresses buttons images and text boxes for interaction the next one is application programs software programs are designed to complete a particular task now the next question is which shell are used in Linux the following are the most common types of shell used in in Linux the first one is fish friendly interactive shell offers some special features such as web based configuration fully scriptable and auto suggestions with clean scripts the next one is Bash borine again shell is the default for most of the Linux distributions the next one is zsh z shell offers unique features like startup files file name generation login or log out watching and closing comments the next one is CHS cshell follows C like syntax and has features like spelling correction as well as job control now let's move on to the next question what is swab space swab space is the extra space utilized by Linux to temporarily keep concurrently running processes when Ram space is sufficient when you start a program it is stored in Ram so that the CPU can quickly retrieve data if you have more running programs then Ram can accommodate the swap space is used to store these programs the processor will now search for the RAM and swap space for data swap space is used in the form of execution of ram by Unix let's move move on to the next question which is differentiate between dos and Bash Bash is a command which is K sensitive and dos commands are not K sensitive in bash there are eight characters for file name post fixed with three characters for the extension and in DOS no naming conventions are used again bash is used as an escape character and is used in the form of directory sper now let's move on to the next question which is what is file permission in Linux the following are the three types of permission in Linux first one is the read it allows its user to open and read the file the next one is write it allows its user to open and edit the file and the third and the last one is execute it allows its use user to run the file the next question is what are iode and process ID inode is a unique name provided by the operating system for each file similarly process ID is also a unique ID provided to each process what are Linux directory commands given below are the five main directory commands in Linux the first one is pwt it displays the path of the present working directory the next one is is list all the directories and files in the present working directory CD it is used for changing the present working directory rmd it deletes a directory and mkdir it is used to create a new directory mkd is also known as make directory now let's move on to the next question what are the various processes States in Linux given below are the process states of Linux the first one denotes ready the process is ready to run the second one running is the process has been executed the third one is wait or blocked this shows the process is waiting for the input after that it's completed or terminated this process shows com the process is completed execution or was terminated by the system the last one is zombie the process terminated by the information is still available in the process table let's move on to the next question what are Process Management System call calls the following are the system calls used to manage the process the first function is Fork function it is used for creating a new process then next is a exec function which is used for executing a new program the third one is a wait function wait until the process completes the execution after that it's exit function it is used to exit from the process after that it's get P ID function get the unique process ID of the process and the last one is get PP ID function gets the parent process unique ID let's move on to the next question what are the redirection operators the redirection operator is used for redirecting the output of the specific command as an input to another command the following are the two ways to use this the first one is this symbol which is overwrites the files existing content or creates a new one the second one is the symbol which shows the add the new content to the end of an existing file or create a new one let's move on to the next question which is explain a latch a latch is a temporary storage of device that is controlled by a training signal which can be either stored as zero or One A latch is a primarily used to retain State information and has two stable States high output or one or low output or zero as long as a latch is powered on it can store one piece of data the next question is is what is microprocessor a microprocessor is a device which is used for execution instructions it is a single chip device that fetches the instructions from the memory decodes set and executes it the following are the three basic functions which are carried out by a microprocessor the first one is addition subtraction multiplication and division are example of mathematical operations the next one is make decision based on the circumstances and then jump to the new different instructions as needed last one is move data from one position in memory to another now let's move on to the next question how to rename files in Linux there is no such particular command for renaming a file in Linux however you can use thee copy or move command to renew a file the First Command which we use is move command we write it like dollar sign MV which donate at move old name and then the new name of the file like this only we will write a copy command in that there will be a dollar sign CP means copy old name of the file and then the new name of the file like that only if we want to delete a command we'll write dollar sign RM which donates as remove and the file name let's move on to the next question how to write the output of a command to a file you have to use the redirection operator to do this write dollar sign the command which you want to use and the greater sign and then the file name the next question is how to copy files to a floppy disk the following steps will guide you to copy file to a floppy disk the first one is Mount to floppy disc the second one is copy the files and the last one is unmount the floppy disc let's move on to the next question how how should we identify which shell you are using open the terminal and run dollar sign e c o which is Echo and then again dollar sign and shell all in capital let's move on to the last and final question for this interview question series how would you sort the entities in a text file in ascending order you can do this by using the sort command for this you have to write the dollar sign sort simple. text simple. text is the file name that I'm using here you can use the name of your file you which you want to do a sending order operation so here we wrap up Kali Linux course if you have any queries feel free to add them in the comment section below and our experts will be happy to help consider subscribing to Simply learn and hit the Bell icon to never miss any updates from us thanks for watching staying ahead in your career requires continuous learning and upskilling whether you're a student aiming to learn today's top skills or a working professional looking to advance your career we've got you covered explore our impressive catalog of certification programs in cuttingedge domains including data science cloud computing cyber security AI machine learning or more digital marketing designed in collaboration with leading universities and top corporations and delivered by industry experts choose any of our programs and set yourself on the path to Career Success click the link in the description to know more hi there if you like this video subscribe to the simply learn YouTube channel and click here to watch similar videos to nerd up and get certified click here

Info

Channel: Simplilearn

Views: 30,703

Rating: undefined out of 5

Keywords: kali linux course, kali linux tutorial 2023, kali linux full course, kali linux, kali linux full customization, kali linux for beginners, kali linux install windows 10, kali linux full hacking course, kali linux hacking tutorials, kali linux tutorial, kali linux install, full kali linux tutorial, full kali linux installation, full kali linux on android, full kali linux setup, how to learn kali linux, learn how to use kali linux, kali linux setup, simplilearn

Id: ty8bEFuVM-I

Channel Id: undefined

Length: 134min 21sec (8061 seconds)

Published: Sun Nov 05 2023