SlideShare a Scribd company logo

penetration test using Kali linux seminar report

•
A
AbhayNaik8

This document is a seminar report submitted by Mr. Naik Abhay Suresh to fulfill requirements for a Bachelor of Engineering degree. The report discusses penetration testing using Kali Linux. It provides background on Kali Linux, including its history and relationship to Debian. It then describes the methodology of penetration testing, including phases such as information gathering, scanning, exploitation, and post-exploitation. The report discusses advantages and applications of using Kali Linux for penetration testing.

Technology
1 of 24
Downloaded 30 times
1
2
Most read
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Most read
Visvesvaraya Technological University Belagavi-590 014, Karnataka A Seminar Report on “Penetration Test Using Kali Linux” Submitted in partial fulfilment of the requirements for the award of Bachelor of Engineering In Computer Science and Engineering Submitted By Mr. Naik Abhay Suresh 2JI15CS025 Under the Guidance of Dr. Dinesha H. A. Department of Computer Science and Engineering Sri Bhagawan Mahaveer Jain Educational & Cultural Trust’s Jain College of Engineering Belagavi-590 014 Academic Year 2018-19
Sri Bhagawan Mahaveer Jain Educational & Cultural Trust’s Jain College of Engineering Belagavi-590 014 Department Of Computer Science and Engineering Certificate This is to certify that the seminar entitled “Penetration Test Using Kali Linux” is carried out by Mr. Naik Abhay Suresh, bearing USN-2JI15CS025, a bonafide student of Jain College of Engineering, Belagavi, in partial fulfilment for the award of Bachelor of Engineering in Computer Science and Engineering from Visvesvaraya Technological University, Belagavi, during the academic year 2018- 19. It is certified that all corrections/suggestions indicated for internal assessment have been incorporated in the report. The seminar report has been approved as it satisfies the academic requirements in respect of seminar work prescribed for the said degree. -------------------------- ------------------------------------ Dr. Dinesha H. A. Prof. Praveen Y Chitti GUIDE HOD, CSE Name of Examiner Signature of Examiner 1.______________ 1. ________________ 2.______________ 2. ________________
ACKNOWLEDGEMENT The satisfaction and euphoria that accompany the progress and completion of any task would be incomplete without the mention of the people who made it possible, whose constant guidance and encouragement ground my efforts with success. I consider it is a privilege to express my sincere gratitude and respect to all those who guided and inspired me. I express my sincere thanks and gratitude to our guide Prof. Dr. Dinesha. H. A, Department of Computer Science & Engineering, JCE, Belagavi, for his constant guidance and suggestions. His incessant encouragement and invaluable support has been of immense help. It’s a great privilege to express my respect to Prof. Praveen Chitti, HOD, Department of Computer Science & Engineering, JCE, Belagavi, who had been great source of inspiration towards taking up this project and its successful completion. I am thankful to Dr. K. G. Vishwanath, Principal, JCE, Belagavi for providing us with the necessary facilities for carrying out this project work successfully.
ABSTRACT Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. It is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing services to the users. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering etc.
TABLE OF CONTENTS 1. Introduction……………………………………………………………………...1 2. Literature Survey...…………....…………………………………………………6 3. Methodology.……………………….…………………………..…………….…7 4. Advantages Of Kali Linux..……………...………………..……………………11 5. Applications Of Kali Linux ..…...……………...………………………………14 Conclusion ………………………………………….………………………….....18 References…………...………...……………………………….……………..…..19
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 1 CHAPTER – 1 INTRODUCTION 1.1 WHAT IS KALI LINUX As we are very well aware of the dynamic Linux platform and the increase in the utilization of the Linux system, so the need to provide the secure environment also increased by the Linux experts. To curb the secure Linux browsing a Kali Linux has been introduced on 13th March 2013. Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing services to the users. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering etc. This fully awesome security package of Kali Linux is adhesively developed, funded and maintained by Offensive Security, which is one of the leading information security training company and has achieved numerous excellence in the field of the digital security system. In true sense, Kali Linux is an overall make over of the BackTrack Linux, but in this Linux, all the limitations of BackTrack Linux have been removed with some new and better security tools. 1.2 HISTORY OF KALI LINUX Knoppix, ancestor of Kali Linux was the first ever bootable Live Linux Operating system, which is still in existence. Knoppix project was then forked into Whoppix and then re-forked into WHAX. WHAX was then re-branded and streamlined into the BackTrack, the predecessor of Kali Linux. BackTrack had a long reign of almost seven years as the pen- testers and hackers choice. BackTrack is a customised native environment dedicated to hacking. As of 2011 it was used by more than four million amateur and professional security researchers. The latest version, BackTrack 5, is built on Ubuntu Lucid and contains some 350 penetration testing tools. However, as of March 2013 the venerated distro was decommissioned and replaced by Kali Linux. The main issue with BackTrack v1-v5 was that it was a headache for dependencies. Too many pentesting tools embedded within Back Track all struggled to co- exist within the dependencies. The solution was to rebuild the distro bottom-up by making Kali Debian based. Kali Linux has 300 tools which automatically work within the Kali ecosphere. Kali also has been created with the clean “File system Hierarchy Standard” and offers vast plug and play wireless support. The main attraction was the ARM support
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 2 provided by Kali Linux. Incidentally, you can also create your own .iso file with Kali through the Debian life build feature. Figure 1.1 Kali Linux Family Tree 1.3 Relationship with Debian The Kali Linux distribution is based on Debian Testing. Therefore, most of the packages available in Kali Linux come straight from this Debian repository. While Kali Linux relies heavily on Debian, it is also entirely independent in the sense that we have our own infrastructure and retain the freedom to make any changes we want. 1.3.1 The Flow of Packages On the Debian side, the contributors are working every day on updating packages and uploading them to the Debian Unstable distribution. From there, packages migrate to the Debian Testing distribution once the most troublesome bugs have been taken out. The migration process also ensures that no dependencies are broken in Debian Testing. The goal is that Testing is always in a usable (or even releasable!) state. Debian Testing’s goals align quite well with those of Kali Linux so we picked it as the base. To add the Kali-specific packages in the distribution, we follow a two-step process.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 3 First, we take Debian Testing and force-inject our own Kali packages (located in our kali- dev-only repository) to build the kali-dev repository. This repository will break from time to time: for instance, our Kali-specific packages might not be installable until they have been recompiled against newer libraries. In other situations, packages that we have forked might also have to be updated, either to become installable again, or to fix the installability of another package that depends on a newer version of the forked package. In any case, kali-dev is not for end-users. kali-rolling is the distribution that Kali Linux users are expected to track and is built out of kali-dev in the same way that Debian Testing is built out of Debian Unstable. Packages migrate only when all dependencies can be satisfied in the target distribution. 1.3.2. Managing the Difference with Debian As a design decision, we try to minimize the number of forked packages as much as possible. However, in order to implement some of Kali’s unique features, some changes must be made. To limit the impact of these changes, we strive to send them upstream, either by integrating the feature directly, or by adding the required hooks so that it is straightforward to enable the desired features without further modifying the upstream packages themselves. The Kali Package Tracker10 helps us to keep track of our divergence with Debian. At any time, we can look up which package has been forked and whether it is in sync with Debian, or if an update is required. All our packages are maintained in Git repositories11 hosting a Debian branch and a Kali branch side-by-side. Thanks to this, updating a forked package is a simple two- step process: update the Debian branch and then merge it into the Kali branch. While the number of forked packages in Kali is relatively low, the number of additional packages is rather high: in April 2017 there were almost 400. Most of these packages are free software complying with the Debian Free Software Guidelines12 and our ultimate goal would be to maintain those packages within Debian whenever possible. That is why we strive to comply with the Debian. Unfortunately, there are also quite a few exceptions where proper packaging was nearly impossible to create. As a result of time being scarce, few packages have been pushed to Debian.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 4 Figure 1.2 Logo Of Kali Linux 1.4 BASIC PENETRATION TESTING TERMINOLOGY Penetration Testing is the massive field in security systems. It deals with most of common things that usually a developer forgets to cover during the development process. But, by the magic of Penetration Testing it is possible to remove such kind of holes in the application or in any system. This is as crucial as development process since a single hole can spoil the whole system without even knowing that this is actually being happened. So, in this research in order to understand the concept of Penetration Testing some terms related to it must be understood, the terms like: 1.4.1 Introduction to Penetration Penetration Testing is the process of simulating attacks (on purpose) on the system that needs to be flawed-free (i.e., there should not be any holes) in order to stop a hacker or attacker to follow out an attack along the organization. Hacker are Penetration Tester (Pen-Tester)? So, there is a major difference between a hacker and pen-tester, a hacker implements an attack on a system without having rights to do this that is, in simple words hacker is doing these activities in an unauthorized manner. But, a Pen-Tester is having all the rights to simulate such attacks in order to make the system secure from hackers. A pen-tester may be having a full access or a partial access to the system. Penetration Testing is also known as:
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 5  Pen-Test  PT  Ethical Hacking  White Hat Hacking  Offensive Security  Red Teaming Penetration Testing is basically done to make sure that the attacker(mainly a Hacker) should not enter into the network, system or an application from any other way i.e., without being authorized. 1.4.2. Legality Let’s make it pretty clear: Penetration testing requires that you get permissions from the person who owns the system. Otherwise, as mentioned above you are doing the hacking. And you may be charged under the I.T. Act 2000 Section (66) for performing illegal activities or hacking acts. 1.4.3. Introduction to Vulnerability Vulnerability is a security hole in a Software, Operating System, and Web Application or in any Network that allows an attacker to enter into it without having the permissions of the owner.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 6 CHAPTER – 2 LITERATURE SURVEY Devanshu Bhatt’s in his work on Modern Day Penetration Testing Distribution Open Source Platform Kali Linux, concluded that By utilizing Kali Linux–Open source Distribution Framework and number of applications it supports like Dmitry and Metasploit, he’s been able to get access on the target Debian Linux machine. Kali Linux's Dmitry and Metasploit Framework offers significant variety of exploits with the collection of all operating system with available versions and service packs. Specifically in actual world situation; it is essential to include complete variety of threats and available most critical categories applications from Kali Linux. The assessment need to be carried out on systems with anti-virus and firewalls to get the precise final result. And all those resources need to be utilized which have most recent vulnerability exploits. [1] Gurdeep Singh and Jaswinder Singh in their paper on Evaluation of Penetration Testing Tools of KALI LINUX, concluded that Web applications are becoming popular and have wide spread interaction medium in our daily lives. But at same point many vulnerabilities explore sensitive data. The different web application vulnerabilities based on the security properties that web application should be preserved. However vulnerability assessment tools are automated one which saves time and money and also defend the web applications from modern threats. At the last the new advanced security attacks are always emerging, requires the security professional to have positive security solution without putting huge number of web applications at risk. [2]
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 7 CHAPTER – 3 METHODOLOGY 3.1 PHASES OF PENETRATION TESTING Basically, the overall process of penetration testing can be carved up into a no. of steps that make an inclusive methodology of penetration testing. The main purpose behind using methodology is that it allows you to divide a complex process into a series of simple, more manageable tasks or modules. Different methodologies use different names for the steps, although the purpose or tasks are similar. For example, some methodologies use the term “Information Gathering”, whereas others use the term “Reconnaissance” or “Recon” The phases of penetration testing are as follows:  Information Gathering  Scanning  Exploitation  Post Exploitation & Maintaining Access Figure 3.1 Zero Entry Pen-Testing Methodology Figure.3.1 shows the “Zero Entry Penetration Testing Methodology”. The purpose of using the inverted triangle is that it allows to describe the steps from broader to more specific manner. For example, the information gathering stage produces a massive information regarding the target, so the triangle shows the broad step, indicating that the data produced by this step or phase is big or large. The first phase involves gathering or exploring all the necessary details of the target such as the target IP (Internet Protocol) address or in case of physical devices the MAC address is
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 8 also required. The second phase includes a deep scanning of the target (obviously, not the antivirus scanning). So that the tracks (holes or backdoors) can be found to get the access into the system or application. In simple words, the second phase is about exploring the vulnerabilities in the target using variety of tools. In the third phase we use the results of previous phases (like, target and its vulnerabilities) in order to exploit the system or application. The final phase include maintaining access over the target after the exploitation, which is quite tricky. Oftentimes, the payloads delivered by the exploits give temporary access over the target. 3.1.1. Information Gathering (Reconnaissance) This phase needs patience and lots of time, since this phase generates a massive amount of information about the target. The deeper you go, the more information you explore about the target that helps in the further activities like finding vulnerabilities of the target. In this research Kali Linux tools are being used to simulate the testing on the target. So, Kali Linux provides a variety of tools for gathering information about the target. To be successful at reconnaissance, there must be a proper strategy. The most essential thing is the power of internet. There are two types of reconnaissance:  Active Reconnaissance: Where the pen-tester directly interacts with the target. During this type of process the target may record the pen-testers IP address and other activity log.  Passive Reconnaissance: In this type of reconnaissance, the use of enormous amount of information available on the web come into the picture. The benefit is that the target cannot track the pen-tester at all (i.e., pen-tester’s IP address or activity logs). The main motto of Information Gathering is to collect as much information as possible on the target. The information that has been explored in this phase must be centrally organized and that too in electronic format. The reason behind storing the information in electronic format is that it allows easier data processing such as, data editing, sorting, searching and data retrieval later on whenever required. Most of the times, if you are going for the web application penetration testing then the very first thing required is the website of that web-application. Which is not a hard part of the phase as we can make use of any search engine to locate the website. 3.1.2. Scanning This stage is the most important phase where the pen-tester needs to identify the exposures of the target. This can be also referred to as “Vulnerability Assessment”. The pen-tester uses different tools and utilities to reveal the holes in the services, ports and applications running on the host. The typical path is to skim for the ports on the web server and find the open port for granting the access into it.Webservers use different TCP ports, and luckily you may encounter any one of them opened. Many protocols on the servers are handled through
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 9 readable non-encrypted text. Table-II gives a list of common port numbers and their corresponding service. So, let‟s take a look at some of the tools available in Kali Linux for finding the vulnerabilities of the target 1) Webshag: Webshag is a multi-threaded multi-platform tool used to audit the web servers. The tool gathers some common functionalities of a web server such as port scanning, URL scanning and file fuzzing (security loophole). It can be used to scan a web server in HTTP or HTTPS, using a proxy or HTTPS authentication. This tool can also perform fingerprinting of the web pages. 2) Vega: Vega is a security testing tool used to crawl a website and analyse page content to find links as well as form parameters. To launch Vega in Kali Linux, go to Web Applications > Web Vulnerability Scanners and select Vega. The tool can work as a proxy as well as a scanner so in this research scanner is required to scan the target 3.1.3. Exploitation Now, the environment is set up and the vulnerabilities of the target are also discovered. Now it’s time to take over the target through the holes (vulnerabilities) of the target. This process is nothing but the Exploitation process. In simple words gaining access to the target using its vulnerabilities is known as Exploitation. Exploitation delivers the payloads on the target in order to forcefully grant the access into the target. Some vulnerabilities such as default password are easy to exploit, it hardly feels like exploitation is being done. There are different types of exploits available over the Internet, but the widely used is the “Metasploit Project”. 1) Metasploit Project: The Metasploit is a computer security project that provides information about security vulnerabilities and aids in penetration testing. Metasploit is pre-loaded in Kali Linux and can be used in either GUI environment or through the command line interface. 3.1.4. Post Exploitation and Marinating Access This phase plays a crucial role in the penetration testing process. Maintaining access to the target after the exploitation is a very serious activity and needs to done carefully. Several years ago, hackers were used to exploit the target, steal the data or manipulate the data or crash the files and leave. But now a day‟s many modern attackers (hackers) are interested in long-term or even permanent access to the target. Thus, in order to achieve this “backdoors” are required to be created and needs to be loaded on the target. Backdoors are nothing but a piece of software that allows the unauthorized user
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 10 to get into the target at any time. Basically, backdoors are the background process that is hidden from the normal user. Some exploits are fleeting (short-lived). In simple words, some exploits allow access as only as the exploited target is running. If the target reboots or the exploit stops then the connection is lost to the target. There are different backdoor tools in Kali Linux like: Netcat, Cryptcat, WeBaCoo (Web Backdoor Cookie), etc…
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 11 CHAPTER – 4 ADVANTAGES OF KALI LINUX 4.1 Advanced Penetration Testing tools. In the Kali Linux, more than 600+ super amazing advanced Penetration’ Testing tools are incorporated. The tools of BackTrack Linux which are not up to the mark or repeated in many ways has been replaced in the Kali Linux system with the advanced Penetration testing tools. 4.2 Ultimate free Linux tool. The Kali Linux system is totally free like the BackTrack Linux and will always offer their users the free life time services. This is huge plus factor which forces people to use this system. 4.3 Open sourced Git tree. This Kali Linux is openly sourced system and can be easily accessed by the users. All the codes in the Kali Linux can be viewed easily by the anyone and the open development tree makes easy to view the development of coding at every step. 4.4 FHS support. Kali adheres to the File-system Hierarchy Standard, allowing Linux users to easily locate binaries, support files, libraries, etc. This is the very important feature of the Kali Linux that makes it stand out among the other Linux systems. 4.5 Cool Wireless support. Kali Linux stands out in the department of connecting with the wireless support systems as you can connect it with as many WiFi spots or USB ports you want to connect at one time. Kali Linux allows it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices. 4.6 Custom kernel patched for injection. As penetration testers, the development team often needs to do wireless assessments so the kali linux kernel has the latest injection patches included.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 12 4.7 Secure development environment. The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols. 4.8 GPG signed packages and repos. All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well. 4.9 Kali is linguistic. As the Kali Linux has all the Penetration’ tools in the English language, but other than that it allows users to work in numerous languages and get the comfort of their local language. 4.10 Completely Customizable. Kali Linux is built by penetration testers for penetration testers but we understand that not everyone will agree with our design decisions or choice of tools to include by default. With this in mind, we always ensure that Kali Linux is easy to customize based on your own needs and preferences. To this end, we publish the live-build configuration used to build the official Kali images so you can customize it to your liking. It is very easy to start from this published configuration and implement various changes based on your needs thanks to the versatility of live-build. Live-build includes many features to modify the installed system, install supplementary files, install additional packages, run arbitrary commands, and change the values pre-seeded to debconf. 4.11 ARMEL and ARMHF support. As the ARM-based single-board systems like the Raspberry Pi and BeagleBone Black, among others, are becoming more and more prevalent and inexpensive, so in their substitute, Kali’s ARM support would need to be as robust as a management tool, with fully working installations for both ARMEL and ARMHF systems. Kali is currently available for the following ARM devices:  rk3306 mk/ss808  Raspberry Pi  ODROID U2/X2  Samsung Chromebook  EfikaMX
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 13  Beaglebone Black  CuBox  Galaxy Note 10.1
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 14 CHAPTER – 5 APPLICATIONS OF KALI LINUX While Kali’s focus can be quickly summarized as “penetration testing and security auditing”, there are many different tasks involved behind those activities. Kali Linux is built as a framework, because it includes many tools covering very different use cases (though they may certainly be used in combination during a penetration test). For example, Kali Linux can be used on various types of computers: obviously on the laptops of penetration testers, but also on servers of system administrators wishing to monitor their network, on the workstations of forensic analysts, and more unexpectedly, on stealthy embedded devices, typically with ARM CPUs, that can be dropped in the range of a wireless network or plugged in the computer of target users. Many ARM devices are also perfect attack machines due to their small form factors and low power requirements. Kali Linux can also be deployed in the cloud to quickly build a farm of password-cracking machines and on mobile phones and tablets to allow for truly portable penetration testing. But that is not all; penetration testers also need servers: to use collaboration software within a team of pen-testers, to set up a web server for use in phishing campaigns, to run vulnerability scanning tools, and other related activities. Once you have booted Kali, you will quickly discover that Kali Linux’s main menu is organized by theme across the various kind of tasks and activities that are relevant for pen-testers and other information security professionals as shown in Figure, “Kali Linux’s Applications Menu”.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 15 Figure 5.1. Kali Linux’s Applications Menu 5.1 Application menu includes • Information Gathering: Collecting data about the target network and its structure, identifying computers, their operating systems, and the services that they run. Identifying potentially sensitive parts of the information system. Extracting all sorts of listings from running directory services. • Vulnerability Analysis: Quickly testing whether a local or remote system is affected by a number of known vulnerabilities or insecure configurations. Vulnerability scanners use databases containing thousands of signatures to identify potential vulnerabilities. • Web Application Analysis: Identifying misconfigurations and security weaknesses in web applications. It is crucial to identify and mitigate these issues given that the public availability of these applications makes them ideal targets for attackers. • Database Assessment: From SQL injection to attacking credentials, database attacks are a very common vector for attackers. Tools that test for attack vectors ranging from SQL injection to data extraction and analysis can be found here.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 16 • Password Attacks: Authentication systems are always a go-to attack vector. Many useful tools can be found here, from online password attack tools to offline attacks against the encryption or hashing systems. • Wireless Attacks: The pervasive nature of wireless networks means that they will always be a commonly attacked vector. With its wide range of support for multiple wireless cards, Kali is an obvious choice for attacks against multiple types of wireless networks. • Reverse Engineering: Reverse engineering is an activity with many purposes. In support of offensive activities, it is one of the primary methods for vulnerability identification and exploit development. On the defensive side, it is used to analyze malware employed in targeted attacks. In this capacity, the goal is to identify the capabilities of a given piece of tradecraft. • Exploitation Tools: Exploiting, or taking advantage of a (formerly identified) vulnerability, allows you to gain control of a remote machine (or device). This access can then be used for further privilege escalation attacks, either locally on the compromised machine, or on other machines accessible on its local network. This category contains a number of tools and utilities that simplify the process of writing your own exploits. • Sniffing & Spoofing: Gaining access to the data as they travel across the network is often advantageous for an attacker. Here you can find spoofing tools that allow you to impersonate a legitimate user as well as sniffing tools that allow you to capture and analyze data right off the wire. When used together, these tools can be very powerful. • Post Exploitation: Once you have gained access to a system, you will often want to maintain that level of access or extend control by laterally moving across the network. Tools that assist in these goals are found here. • Forensics: Forensic Linux live boot environments have been very popular for years now. Kali contains a large number of popular Linux-based forensic tools allowing you to do everything from initial triage, to data imaging, to full analysis and case management. • Reporting Tools: A penetration test is only complete once the findings have been reported. This category contains tools to help collate the data collected from information-gathering tools, discover non-obvious relationships, and bring everything together in various reports.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 17 • Social Engineering Tools: When the technical side is well-secured, there is often the possibility of exploiting human behavior as an attack vector. Given the right influence, people can frequently be induced to take actions that compromise the security of the environment. Did the USB key that the secretary just plugged in contain a harmless PDF? Or was it also a Trojan horse that installed a backdoor? Was the banking website the accountant just logged into the expected website or a perfect copy used for phishing purposes? This category contains tools that aid in these types of attacks. • System Services: This category contains tools that allow you to start and stop applicationsthat run in the background as system services.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 18 CONCLUSION Kali Linux is proved to be very useful and completely free Operating System that can be used for the penetration testing. Penetration testing requires lots of time and patience to get the results and to get them repaired. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing. Penetration Testing can be implemented using Kali Linux for future security regarding the applications that require high level of security. Security for such applications or systems can be tested for any risks that may or may not be associated with it with the help of Zero Entry Methodology of penetration testing. This will lead to cover all the vulnerabilities (if any) of the developed system or an application. Penetration Testing or Pen-Testing is the most essential focus of any system, it may be a web application or a standalone machine. Penetration testing allows the developer to ascertain and define the security issues associated with the system that he/she has acquired.
Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 19 REFERENCES [1] Devanshu Bhatt’s paper on Modern Day Penetration Testing Distribution Open Source Platform -Kali Linux. International journal of scientific & technology research volume 7, issue 4 , April 2018. [2] Gurdeep Singh and Jaswinder Singh’s paper on Evaluation of Penetration Testing Tools of KALI LINUX. International Journal of Innovations & Advancement in Computer Science IJIACS ISSN 2347 – 8616 Volume 5, Issue 9, September 2016. [3] Matthew Denis, Carlos Zena and Thaier Hayajneh’s paper on Penetration Testing: Attack Methods, and Defence Strategies. IEEE paper, 29 April 2016. [4] Suraj S. Mundalik’s paper on Penetration Testing: An Art of Securing the System (Using Kali Linux). International Journal of Advanced Research in Computer Science and Software Engineering Volume 5, Issue 10, October-2016. [5] Kali Linux Revealed “Mastering the Penetration Testing Distribution” text book by Raphaël Hertzog, Jim O’Gorman and Mati Aharoni 2017. [6] Dr K. Raja Kumar’s paper on Penetration Testing using Linux Tools: Attacks and Defense Strategies. International Journal of Engineering Research & Technology (IJERT), Vol. 5 Issue 12, December-2016 [7] Harmandeep Singh’s paper on Penetration Testing: Analyzing the Security of the Network by Hacker’s Mind, IEEE paper Volume V, Issue V, May 2016. [8] Ms. Shyaml Virnodkar, Rahul Gupta, Tejas Bharambe’s paper on Cross Platform Penetration Testing Suite. International Research Journal of Engineering and Technology (IRJET), Volume: 05 Issue: 03, Mar-2018. [9] Young B. Choi’s paper on Building a Penetration Testing Device for Black Box using Modified Linux for Under $50. (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 8, No. 1, 2017. [10] Jyoti Pathak, Afzl Ayyub, Satyendra Mohan Srivastava’s paper on Penetration Testing: Rolling Kali Linux. IJSRD - International Journal for Scientific Research & Development, Vol. 4, Issue 12, 2017.

More Related Content

PPTX
Introduction to penetration testing
Nezar Alazzabi
 
PPTX
What is Penetration Testing?
btpsec
 
PDF
Air Line Management System | DBMS project
AniketHandore
 
PDF
Penetration Testing Execution Phases
Nasir Bhutta
 
PPTX
Ragging
donthuraj
 
PDF
[131]해커의 관점에서 바라보기
NAVER D2
 
DOCX
Sample minutes of meeting
Estrella Piccio
 
PDF
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Introduction to penetration testing
Nezar Alazzabi
 
What is Penetration Testing?
btpsec
 
Air Line Management System | DBMS project
AniketHandore
 
Penetration Testing Execution Phases
Nasir Bhutta
 
Ragging
donthuraj
 
[131]해커의 관점에서 바라보기
NAVER D2
 
Sample minutes of meeting
Estrella Piccio
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 

What's hot (20)

PPTX
Kali Linux
Shubham Agrawal
 
PDF
penetration test using Kali linux ppt
AbhayNaik8
 
PDF
Cloud Native Bern 05.2023 — Zero Trust Visibility
RaphaĂŤl PINSON
 
PDF
Elastic Security: Unified protection for everyone
Elasticsearch
 
PPTX
Application Autoscaling Made Easy with Kubernetes Event-Driven Autoscaling (K...
Codit
 
PDF
DevSecOps What Why and How
NotSoSecure Global Services
 
PDF
Cloud Native Engineering with SRE and GitOps
Weaveworks
 
PDF
Red Hat Internship report
Monfort Florian
 
PDF
Network access control (nac)
cyberlocke
 
PDF
DevSecOps and the CI/CD Pipeline
James Wickett
 
PDF
Google Cloud Networking Deep Dive
Michelle Holley
 
PDF
Scaling DevSecOps Culture for Enterprise
Opsta
 
PDF
Introduction to Kubernetes Security
All Things Open
 
PDF
Elastic SIEM (Endpoint Security)
Kangaroot
 
PDF
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
PDF
The Paved Road at Netflix
Dianne Marsh
 
PDF
Ansible
Knoldus Inc.
 
PPTX
DevSecOps : an Introduction
Prashanth B. P.
 
PDF
GitOps 101 Presentation.pdf
ssuser31375f
 
PDF
Shift Left Security
BATbern
 
Kali Linux
Shubham Agrawal
 
penetration test using Kali linux ppt
AbhayNaik8
 
Cloud Native Bern 05.2023 — Zero Trust Visibility
RaphaĂŤl PINSON
 
Elastic Security: Unified protection for everyone
Elasticsearch
 
Application Autoscaling Made Easy with Kubernetes Event-Driven Autoscaling (K...
Codit
 
DevSecOps What Why and How
NotSoSecure Global Services
 
Cloud Native Engineering with SRE and GitOps
Weaveworks
 
Red Hat Internship report
Monfort Florian
 
Network access control (nac)
cyberlocke
 
DevSecOps and the CI/CD Pipeline
James Wickett
 
Google Cloud Networking Deep Dive
Michelle Holley
 
Scaling DevSecOps Culture for Enterprise
Opsta
 
Introduction to Kubernetes Security
All Things Open
 
Elastic SIEM (Endpoint Security)
Kangaroot
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
The Paved Road at Netflix
Dianne Marsh
 
Ansible
Knoldus Inc.
 
DevSecOps : an Introduction
Prashanth B. P.
 
GitOps 101 Presentation.pdf
ssuser31375f
 
Shift Left Security
BATbern
 
Ad

Similar to penetration test using Kali linux seminar report (20)

PDF
Operating system
KartikeyBanjara1
 
PDF
(03 2013) guide to kali linux
julius77
 
PDF
Unleash the Power: How to Install Kali Linux With a Twist
FredReynolds2
 
PPTX
Kali linux
futaimbinlahej
 
DOCX
What is Kali Linux_ A Comprehensive Guide for Beginners (1).docx
Oscp Training
 
PPTX
Kali Linux - Falconer - ISS 2014
TGodfrey
 
DOCX
Operating project
ISMAT CH
 
DOCX
Mastering Ethical Hacking with Kali Linux in 2025.docx
Oscp Training
 
PPTX
Kali Linux - CleveSec 2015
TGodfrey
 
PPTX
Kali linux
MaryamAlR
 
PPTX
Jenkins - From Continuous Integration to Continuous Delivery
Virendra Bhalothia
 
DOCX
What is Kali Linux_ A Comprehensive Guide to Ethical Hacking.docx
Oscp Training
 
PPTX
Getting Started with Azure Artifacts
Callon Campbell
 
PDF
Kali linux 2021.2
avinashkumar1912
 
DOCX
Mastering Kali Linux_ A Comprehensive Guide for Beginners.docx
Oscp Training
 
PDF
Continuous Delivery With Containers
All Things Open
 
PPTX
Kali linux
maryamalmarrii
 
PDF
[FREE PDF sample] Containerizing Continuous Delivery in Java 1st Edition Dani...
ohorofinuf6h
 
PPTX
Jenkins introduction
Gourav Varma
 
PPTX
Jenkins introduction
Kalkey
 
Operating system
KartikeyBanjara1
 
(03 2013) guide to kali linux
julius77
 
Unleash the Power: How to Install Kali Linux With a Twist
FredReynolds2
 
Kali linux
futaimbinlahej
 
What is Kali Linux_ A Comprehensive Guide for Beginners (1).docx
Oscp Training
 
Kali Linux - Falconer - ISS 2014
TGodfrey
 
Operating project
ISMAT CH
 
Mastering Ethical Hacking with Kali Linux in 2025.docx
Oscp Training
 
Kali Linux - CleveSec 2015
TGodfrey
 
Kali linux
MaryamAlR
 
Jenkins - From Continuous Integration to Continuous Delivery
Virendra Bhalothia
 
What is Kali Linux_ A Comprehensive Guide to Ethical Hacking.docx
Oscp Training
 
Getting Started with Azure Artifacts
Callon Campbell
 
Kali linux 2021.2
avinashkumar1912
 
Mastering Kali Linux_ A Comprehensive Guide for Beginners.docx
Oscp Training
 
Continuous Delivery With Containers
All Things Open
 
Kali linux
maryamalmarrii
 
[FREE PDF sample] Containerizing Continuous Delivery in Java 1st Edition Dani...
ohorofinuf6h
 
Jenkins introduction
Gourav Varma
 
Jenkins introduction
Kalkey
 
Ad

Recently uploaded (20)

PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Software Development Methodologies in 2025
KodekX
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PPTX
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
PPTX
The Future of AI & Machine Learning.pptx
pritsen4700
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Software Development Methodologies in 2025
KodekX
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
What-is-the-World-Wide-Web -- Introduction
tonifi9488
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Get More from Fiori Automation - What’s New, What Works, and What’s Next.pdf
Precisely
 
The Future of AI & Machine Learning.pptx
pritsen4700
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
Doc9.....................................
SofiaCollazos
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 

penetration test using Kali linux seminar report

  • 1. Visvesvaraya Technological University Belagavi-590 014, Karnataka A Seminar Report on “Penetration Test Using Kali Linux” Submitted in partial fulfilment of the requirements for the award of Bachelor of Engineering In Computer Science and Engineering Submitted By Mr. Naik Abhay Suresh 2JI15CS025 Under the Guidance of Dr. Dinesha H. A. Department of Computer Science and Engineering Sri Bhagawan Mahaveer Jain Educational & Cultural Trust’s Jain College of Engineering Belagavi-590 014 Academic Year 2018-19
  • 2. Sri Bhagawan Mahaveer Jain Educational & Cultural Trust’s Jain College of Engineering Belagavi-590 014 Department Of Computer Science and Engineering Certificate This is to certify that the seminar entitled “Penetration Test Using Kali Linux” is carried out by Mr. Naik Abhay Suresh, bearing USN-2JI15CS025, a bonafide student of Jain College of Engineering, Belagavi, in partial fulfilment for the award of Bachelor of Engineering in Computer Science and Engineering from Visvesvaraya Technological University, Belagavi, during the academic year 2018- 19. It is certified that all corrections/suggestions indicated for internal assessment have been incorporated in the report. The seminar report has been approved as it satisfies the academic requirements in respect of seminar work prescribed for the said degree. -------------------------- ------------------------------------ Dr. Dinesha H. A. Prof. Praveen Y Chitti GUIDE HOD, CSE Name of Examiner Signature of Examiner 1.______________ 1. ________________ 2.______________ 2. ________________
  • 3. ACKNOWLEDGEMENT The satisfaction and euphoria that accompany the progress and completion of any task would be incomplete without the mention of the people who made it possible, whose constant guidance and encouragement ground my efforts with success. I consider it is a privilege to express my sincere gratitude and respect to all those who guided and inspired me. I express my sincere thanks and gratitude to our guide Prof. Dr. Dinesha. H. A, Department of Computer Science & Engineering, JCE, Belagavi, for his constant guidance and suggestions. His incessant encouragement and invaluable support has been of immense help. It’s a great privilege to express my respect to Prof. Praveen Chitti, HOD, Department of Computer Science & Engineering, JCE, Belagavi, who had been great source of inspiration towards taking up this project and its successful completion. I am thankful to Dr. K. G. Vishwanath, Principal, JCE, Belagavi for providing us with the necessary facilities for carrying out this project work successfully.
  • 4. ABSTRACT Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. It is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing services to the users. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering etc.
  • 5. TABLE OF CONTENTS 1. Introduction……………………………………………………………………...1 2. Literature Survey...…………....…………………………………………………6 3. Methodology.……………………….…………………………..…………….…7 4. Advantages Of Kali Linux..……………...………………..……………………11 5. Applications Of Kali Linux ..…...……………...………………………………14 Conclusion ………………………………………….………………………….....18 References…………...………...……………………………….……………..…..19
  • 6. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 1 CHAPTER – 1 INTRODUCTION 1.1 WHAT IS KALI LINUX As we are very well aware of the dynamic Linux platform and the increase in the utilization of the Linux system, so the need to provide the secure environment also increased by the Linux experts. To curb the secure Linux browsing a Kali Linux has been introduced on 13th March 2013. Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing services to the users. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering etc. This fully awesome security package of Kali Linux is adhesively developed, funded and maintained by Offensive Security, which is one of the leading information security training company and has achieved numerous excellence in the field of the digital security system. In true sense, Kali Linux is an overall make over of the BackTrack Linux, but in this Linux, all the limitations of BackTrack Linux have been removed with some new and better security tools. 1.2 HISTORY OF KALI LINUX Knoppix, ancestor of Kali Linux was the first ever bootable Live Linux Operating system, which is still in existence. Knoppix project was then forked into Whoppix and then re-forked into WHAX. WHAX was then re-branded and streamlined into the BackTrack, the predecessor of Kali Linux. BackTrack had a long reign of almost seven years as the pen- testers and hackers choice. BackTrack is a customised native environment dedicated to hacking. As of 2011 it was used by more than four million amateur and professional security researchers. The latest version, BackTrack 5, is built on Ubuntu Lucid and contains some 350 penetration testing tools. However, as of March 2013 the venerated distro was decommissioned and replaced by Kali Linux. The main issue with BackTrack v1-v5 was that it was a headache for dependencies. Too many pentesting tools embedded within Back Track all struggled to co- exist within the dependencies. The solution was to rebuild the distro bottom-up by making Kali Debian based. Kali Linux has 300 tools which automatically work within the Kali ecosphere. Kali also has been created with the clean “File system Hierarchy Standard” and offers vast plug and play wireless support. The main attraction was the ARM support
  • 7. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 2 provided by Kali Linux. Incidentally, you can also create your own .iso file with Kali through the Debian life build feature. Figure 1.1 Kali Linux Family Tree 1.3 Relationship with Debian The Kali Linux distribution is based on Debian Testing. Therefore, most of the packages available in Kali Linux come straight from this Debian repository. While Kali Linux relies heavily on Debian, it is also entirely independent in the sense that we have our own infrastructure and retain the freedom to make any changes we want. 1.3.1 The Flow of Packages On the Debian side, the contributors are working every day on updating packages and uploading them to the Debian Unstable distribution. From there, packages migrate to the Debian Testing distribution once the most troublesome bugs have been taken out. The migration process also ensures that no dependencies are broken in Debian Testing. The goal is that Testing is always in a usable (or even releasable!) state. Debian Testing’s goals align quite well with those of Kali Linux so we picked it as the base. To add the Kali-specific packages in the distribution, we follow a two-step process.
  • 8. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 3 First, we take Debian Testing and force-inject our own Kali packages (located in our kali- dev-only repository) to build the kali-dev repository. This repository will break from time to time: for instance, our Kali-specific packages might not be installable until they have been recompiled against newer libraries. In other situations, packages that we have forked might also have to be updated, either to become installable again, or to fix the installability of another package that depends on a newer version of the forked package. In any case, kali-dev is not for end-users. kali-rolling is the distribution that Kali Linux users are expected to track and is built out of kali-dev in the same way that Debian Testing is built out of Debian Unstable. Packages migrate only when all dependencies can be satisfied in the target distribution. 1.3.2. Managing the Difference with Debian As a design decision, we try to minimize the number of forked packages as much as possible. However, in order to implement some of Kali’s unique features, some changes must be made. To limit the impact of these changes, we strive to send them upstream, either by integrating the feature directly, or by adding the required hooks so that it is straightforward to enable the desired features without further modifying the upstream packages themselves. The Kali Package Tracker10 helps us to keep track of our divergence with Debian. At any time, we can look up which package has been forked and whether it is in sync with Debian, or if an update is required. All our packages are maintained in Git repositories11 hosting a Debian branch and a Kali branch side-by-side. Thanks to this, updating a forked package is a simple two- step process: update the Debian branch and then merge it into the Kali branch. While the number of forked packages in Kali is relatively low, the number of additional packages is rather high: in April 2017 there were almost 400. Most of these packages are free software complying with the Debian Free Software Guidelines12 and our ultimate goal would be to maintain those packages within Debian whenever possible. That is why we strive to comply with the Debian. Unfortunately, there are also quite a few exceptions where proper packaging was nearly impossible to create. As a result of time being scarce, few packages have been pushed to Debian.
  • 9. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 4 Figure 1.2 Logo Of Kali Linux 1.4 BASIC PENETRATION TESTING TERMINOLOGY Penetration Testing is the massive field in security systems. It deals with most of common things that usually a developer forgets to cover during the development process. But, by the magic of Penetration Testing it is possible to remove such kind of holes in the application or in any system. This is as crucial as development process since a single hole can spoil the whole system without even knowing that this is actually being happened. So, in this research in order to understand the concept of Penetration Testing some terms related to it must be understood, the terms like: 1.4.1 Introduction to Penetration Penetration Testing is the process of simulating attacks (on purpose) on the system that needs to be flawed-free (i.e., there should not be any holes) in order to stop a hacker or attacker to follow out an attack along the organization. Hacker are Penetration Tester (Pen-Tester)? So, there is a major difference between a hacker and pen-tester, a hacker implements an attack on a system without having rights to do this that is, in simple words hacker is doing these activities in an unauthorized manner. But, a Pen-Tester is having all the rights to simulate such attacks in order to make the system secure from hackers. A pen-tester may be having a full access or a partial access to the system. Penetration Testing is also known as:
  • 10. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 5  Pen-Test  PT  Ethical Hacking  White Hat Hacking  Offensive Security  Red Teaming Penetration Testing is basically done to make sure that the attacker(mainly a Hacker) should not enter into the network, system or an application from any other way i.e., without being authorized. 1.4.2. Legality Let’s make it pretty clear: Penetration testing requires that you get permissions from the person who owns the system. Otherwise, as mentioned above you are doing the hacking. And you may be charged under the I.T. Act 2000 Section (66) for performing illegal activities or hacking acts. 1.4.3. Introduction to Vulnerability Vulnerability is a security hole in a Software, Operating System, and Web Application or in any Network that allows an attacker to enter into it without having the permissions of the owner.
  • 11. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 6 CHAPTER – 2 LITERATURE SURVEY Devanshu Bhatt’s in his work on Modern Day Penetration Testing Distribution Open Source Platform Kali Linux, concluded that By utilizing Kali Linux–Open source Distribution Framework and number of applications it supports like Dmitry and Metasploit, he’s been able to get access on the target Debian Linux machine. Kali Linux's Dmitry and Metasploit Framework offers significant variety of exploits with the collection of all operating system with available versions and service packs. Specifically in actual world situation; it is essential to include complete variety of threats and available most critical categories applications from Kali Linux. The assessment need to be carried out on systems with anti-virus and firewalls to get the precise final result. And all those resources need to be utilized which have most recent vulnerability exploits. [1] Gurdeep Singh and Jaswinder Singh in their paper on Evaluation of Penetration Testing Tools of KALI LINUX, concluded that Web applications are becoming popular and have wide spread interaction medium in our daily lives. But at same point many vulnerabilities explore sensitive data. The different web application vulnerabilities based on the security properties that web application should be preserved. However vulnerability assessment tools are automated one which saves time and money and also defend the web applications from modern threats. At the last the new advanced security attacks are always emerging, requires the security professional to have positive security solution without putting huge number of web applications at risk. [2]
  • 12. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 7 CHAPTER – 3 METHODOLOGY 3.1 PHASES OF PENETRATION TESTING Basically, the overall process of penetration testing can be carved up into a no. of steps that make an inclusive methodology of penetration testing. The main purpose behind using methodology is that it allows you to divide a complex process into a series of simple, more manageable tasks or modules. Different methodologies use different names for the steps, although the purpose or tasks are similar. For example, some methodologies use the term “Information Gathering”, whereas others use the term “Reconnaissance” or “Recon” The phases of penetration testing are as follows:  Information Gathering  Scanning  Exploitation  Post Exploitation & Maintaining Access Figure 3.1 Zero Entry Pen-Testing Methodology Figure.3.1 shows the “Zero Entry Penetration Testing Methodology”. The purpose of using the inverted triangle is that it allows to describe the steps from broader to more specific manner. For example, the information gathering stage produces a massive information regarding the target, so the triangle shows the broad step, indicating that the data produced by this step or phase is big or large. The first phase involves gathering or exploring all the necessary details of the target such as the target IP (Internet Protocol) address or in case of physical devices the MAC address is
  • 13. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 8 also required. The second phase includes a deep scanning of the target (obviously, not the antivirus scanning). So that the tracks (holes or backdoors) can be found to get the access into the system or application. In simple words, the second phase is about exploring the vulnerabilities in the target using variety of tools. In the third phase we use the results of previous phases (like, target and its vulnerabilities) in order to exploit the system or application. The final phase include maintaining access over the target after the exploitation, which is quite tricky. Oftentimes, the payloads delivered by the exploits give temporary access over the target. 3.1.1. Information Gathering (Reconnaissance) This phase needs patience and lots of time, since this phase generates a massive amount of information about the target. The deeper you go, the more information you explore about the target that helps in the further activities like finding vulnerabilities of the target. In this research Kali Linux tools are being used to simulate the testing on the target. So, Kali Linux provides a variety of tools for gathering information about the target. To be successful at reconnaissance, there must be a proper strategy. The most essential thing is the power of internet. There are two types of reconnaissance:  Active Reconnaissance: Where the pen-tester directly interacts with the target. During this type of process the target may record the pen-testers IP address and other activity log.  Passive Reconnaissance: In this type of reconnaissance, the use of enormous amount of information available on the web come into the picture. The benefit is that the target cannot track the pen-tester at all (i.e., pen-tester’s IP address or activity logs). The main motto of Information Gathering is to collect as much information as possible on the target. The information that has been explored in this phase must be centrally organized and that too in electronic format. The reason behind storing the information in electronic format is that it allows easier data processing such as, data editing, sorting, searching and data retrieval later on whenever required. Most of the times, if you are going for the web application penetration testing then the very first thing required is the website of that web-application. Which is not a hard part of the phase as we can make use of any search engine to locate the website. 3.1.2. Scanning This stage is the most important phase where the pen-tester needs to identify the exposures of the target. This can be also referred to as “Vulnerability Assessment”. The pen-tester uses different tools and utilities to reveal the holes in the services, ports and applications running on the host. The typical path is to skim for the ports on the web server and find the open port for granting the access into it.Webservers use different TCP ports, and luckily you may encounter any one of them opened. Many protocols on the servers are handled through
  • 14. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 9 readable non-encrypted text. Table-II gives a list of common port numbers and their corresponding service. So, let‟s take a look at some of the tools available in Kali Linux for finding the vulnerabilities of the target 1) Webshag: Webshag is a multi-threaded multi-platform tool used to audit the web servers. The tool gathers some common functionalities of a web server such as port scanning, URL scanning and file fuzzing (security loophole). It can be used to scan a web server in HTTP or HTTPS, using a proxy or HTTPS authentication. This tool can also perform fingerprinting of the web pages. 2) Vega: Vega is a security testing tool used to crawl a website and analyse page content to find links as well as form parameters. To launch Vega in Kali Linux, go to Web Applications > Web Vulnerability Scanners and select Vega. The tool can work as a proxy as well as a scanner so in this research scanner is required to scan the target 3.1.3. Exploitation Now, the environment is set up and the vulnerabilities of the target are also discovered. Now it’s time to take over the target through the holes (vulnerabilities) of the target. This process is nothing but the Exploitation process. In simple words gaining access to the target using its vulnerabilities is known as Exploitation. Exploitation delivers the payloads on the target in order to forcefully grant the access into the target. Some vulnerabilities such as default password are easy to exploit, it hardly feels like exploitation is being done. There are different types of exploits available over the Internet, but the widely used is the “Metasploit Project”. 1) Metasploit Project: The Metasploit is a computer security project that provides information about security vulnerabilities and aids in penetration testing. Metasploit is pre-loaded in Kali Linux and can be used in either GUI environment or through the command line interface. 3.1.4. Post Exploitation and Marinating Access This phase plays a crucial role in the penetration testing process. Maintaining access to the target after the exploitation is a very serious activity and needs to done carefully. Several years ago, hackers were used to exploit the target, steal the data or manipulate the data or crash the files and leave. But now a day‟s many modern attackers (hackers) are interested in long-term or even permanent access to the target. Thus, in order to achieve this “backdoors” are required to be created and needs to be loaded on the target. Backdoors are nothing but a piece of software that allows the unauthorized user
  • 15. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 10 to get into the target at any time. Basically, backdoors are the background process that is hidden from the normal user. Some exploits are fleeting (short-lived). In simple words, some exploits allow access as only as the exploited target is running. If the target reboots or the exploit stops then the connection is lost to the target. There are different backdoor tools in Kali Linux like: Netcat, Cryptcat, WeBaCoo (Web Backdoor Cookie), etc…
  • 16. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 11 CHAPTER – 4 ADVANTAGES OF KALI LINUX 4.1 Advanced Penetration Testing tools. In the Kali Linux, more than 600+ super amazing advanced Penetration’ Testing tools are incorporated. The tools of BackTrack Linux which are not up to the mark or repeated in many ways has been replaced in the Kali Linux system with the advanced Penetration testing tools. 4.2 Ultimate free Linux tool. The Kali Linux system is totally free like the BackTrack Linux and will always offer their users the free life time services. This is huge plus factor which forces people to use this system. 4.3 Open sourced Git tree. This Kali Linux is openly sourced system and can be easily accessed by the users. All the codes in the Kali Linux can be viewed easily by the anyone and the open development tree makes easy to view the development of coding at every step. 4.4 FHS support. Kali adheres to the File-system Hierarchy Standard, allowing Linux users to easily locate binaries, support files, libraries, etc. This is the very important feature of the Kali Linux that makes it stand out among the other Linux systems. 4.5 Cool Wireless support. Kali Linux stands out in the department of connecting with the wireless support systems as you can connect it with as many WiFi spots or USB ports you want to connect at one time. Kali Linux allows it to run properly on a wide variety of hardware and making it compatible with numerous USB and other wireless devices. 4.6 Custom kernel patched for injection. As penetration testers, the development team often needs to do wireless assessments so the kali linux kernel has the latest injection patches included.
  • 17. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 12 4.7 Secure development environment. The Kali Linux team is made up of a small group of trusted individuals who can only commit packages and interact with the repositories while using multiple secure protocols. 4.8 GPG signed packages and repos. All Kali packages are signed by each individual developer when they are built and committed and the repositories subsequently sign the packages as well. 4.9 Kali is linguistic. As the Kali Linux has all the Penetration’ tools in the English language, but other than that it allows users to work in numerous languages and get the comfort of their local language. 4.10 Completely Customizable. Kali Linux is built by penetration testers for penetration testers but we understand that not everyone will agree with our design decisions or choice of tools to include by default. With this in mind, we always ensure that Kali Linux is easy to customize based on your own needs and preferences. To this end, we publish the live-build configuration used to build the official Kali images so you can customize it to your liking. It is very easy to start from this published configuration and implement various changes based on your needs thanks to the versatility of live-build. Live-build includes many features to modify the installed system, install supplementary files, install additional packages, run arbitrary commands, and change the values pre-seeded to debconf. 4.11 ARMEL and ARMHF support. As the ARM-based single-board systems like the Raspberry Pi and BeagleBone Black, among others, are becoming more and more prevalent and inexpensive, so in their substitute, Kali’s ARM support would need to be as robust as a management tool, with fully working installations for both ARMEL and ARMHF systems. Kali is currently available for the following ARM devices:  rk3306 mk/ss808  Raspberry Pi  ODROID U2/X2  Samsung Chromebook  EfikaMX
  • 18. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 13  Beaglebone Black  CuBox  Galaxy Note 10.1
  • 19. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 14 CHAPTER – 5 APPLICATIONS OF KALI LINUX While Kali’s focus can be quickly summarized as “penetration testing and security auditing”, there are many different tasks involved behind those activities. Kali Linux is built as a framework, because it includes many tools covering very different use cases (though they may certainly be used in combination during a penetration test). For example, Kali Linux can be used on various types of computers: obviously on the laptops of penetration testers, but also on servers of system administrators wishing to monitor their network, on the workstations of forensic analysts, and more unexpectedly, on stealthy embedded devices, typically with ARM CPUs, that can be dropped in the range of a wireless network or plugged in the computer of target users. Many ARM devices are also perfect attack machines due to their small form factors and low power requirements. Kali Linux can also be deployed in the cloud to quickly build a farm of password-cracking machines and on mobile phones and tablets to allow for truly portable penetration testing. But that is not all; penetration testers also need servers: to use collaboration software within a team of pen-testers, to set up a web server for use in phishing campaigns, to run vulnerability scanning tools, and other related activities. Once you have booted Kali, you will quickly discover that Kali Linux’s main menu is organized by theme across the various kind of tasks and activities that are relevant for pen-testers and other information security professionals as shown in Figure, “Kali Linux’s Applications Menu”.
  • 20. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 15 Figure 5.1. Kali Linux’s Applications Menu 5.1 Application menu includes • Information Gathering: Collecting data about the target network and its structure, identifying computers, their operating systems, and the services that they run. Identifying potentially sensitive parts of the information system. Extracting all sorts of listings from running directory services. • Vulnerability Analysis: Quickly testing whether a local or remote system is affected by a number of known vulnerabilities or insecure configurations. Vulnerability scanners use databases containing thousands of signatures to identify potential vulnerabilities. • Web Application Analysis: Identifying misconfigurations and security weaknesses in web applications. It is crucial to identify and mitigate these issues given that the public availability of these applications makes them ideal targets for attackers. • Database Assessment: From SQL injection to attacking credentials, database attacks are a very common vector for attackers. Tools that test for attack vectors ranging from SQL injection to data extraction and analysis can be found here.
  • 21. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 16 • Password Attacks: Authentication systems are always a go-to attack vector. Many useful tools can be found here, from online password attack tools to offline attacks against the encryption or hashing systems. • Wireless Attacks: The pervasive nature of wireless networks means that they will always be a commonly attacked vector. With its wide range of support for multiple wireless cards, Kali is an obvious choice for attacks against multiple types of wireless networks. • Reverse Engineering: Reverse engineering is an activity with many purposes. In support of offensive activities, it is one of the primary methods for vulnerability identification and exploit development. On the defensive side, it is used to analyze malware employed in targeted attacks. In this capacity, the goal is to identify the capabilities of a given piece of tradecraft. • Exploitation Tools: Exploiting, or taking advantage of a (formerly identified) vulnerability, allows you to gain control of a remote machine (or device). This access can then be used for further privilege escalation attacks, either locally on the compromised machine, or on other machines accessible on its local network. This category contains a number of tools and utilities that simplify the process of writing your own exploits. • Sniffing & Spoofing: Gaining access to the data as they travel across the network is often advantageous for an attacker. Here you can find spoofing tools that allow you to impersonate a legitimate user as well as sniffing tools that allow you to capture and analyze data right off the wire. When used together, these tools can be very powerful. • Post Exploitation: Once you have gained access to a system, you will often want to maintain that level of access or extend control by laterally moving across the network. Tools that assist in these goals are found here. • Forensics: Forensic Linux live boot environments have been very popular for years now. Kali contains a large number of popular Linux-based forensic tools allowing you to do everything from initial triage, to data imaging, to full analysis and case management. • Reporting Tools: A penetration test is only complete once the findings have been reported. This category contains tools to help collate the data collected from information-gathering tools, discover non-obvious relationships, and bring everything together in various reports.
  • 22. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 17 • Social Engineering Tools: When the technical side is well-secured, there is often the possibility of exploiting human behavior as an attack vector. Given the right influence, people can frequently be induced to take actions that compromise the security of the environment. Did the USB key that the secretary just plugged in contain a harmless PDF? Or was it also a Trojan horse that installed a backdoor? Was the banking website the accountant just logged into the expected website or a perfect copy used for phishing purposes? This category contains tools that aid in these types of attacks. • System Services: This category contains tools that allow you to start and stop applicationsthat run in the background as system services.
  • 23. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 18 CONCLUSION Kali Linux is proved to be very useful and completely free Operating System that can be used for the penetration testing. Penetration testing requires lots of time and patience to get the results and to get them repaired. The Kali is a tool for the Linux users to provide them numerous tricks in the security department. Kali is packed with the tools which helps in achieving goals towards various information security tasks, such as Penetration Testing. Penetration Testing can be implemented using Kali Linux for future security regarding the applications that require high level of security. Security for such applications or systems can be tested for any risks that may or may not be associated with it with the help of Zero Entry Methodology of penetration testing. This will lead to cover all the vulnerabilities (if any) of the developed system or an application. Penetration Testing or Pen-Testing is the most essential focus of any system, it may be a web application or a standalone machine. Penetration testing allows the developer to ascertain and define the security issues associated with the system that he/she has acquired.
  • 24. Penetration Test Using Kali Linux Dept. of CSE JCE-Belagavi Page 19 REFERENCES [1] Devanshu Bhatt’s paper on Modern Day Penetration Testing Distribution Open Source Platform -Kali Linux. International journal of scientific & technology research volume 7, issue 4 , April 2018. [2] Gurdeep Singh and Jaswinder Singh’s paper on Evaluation of Penetration Testing Tools of KALI LINUX. International Journal of Innovations & Advancement in Computer Science IJIACS ISSN 2347 – 8616 Volume 5, Issue 9, September 2016. [3] Matthew Denis, Carlos Zena and Thaier Hayajneh’s paper on Penetration Testing: Attack Methods, and Defence Strategies. IEEE paper, 29 April 2016. [4] Suraj S. Mundalik’s paper on Penetration Testing: An Art of Securing the System (Using Kali Linux). International Journal of Advanced Research in Computer Science and Software Engineering Volume 5, Issue 10, October-2016. [5] Kali Linux Revealed “Mastering the Penetration Testing Distribution” text book by RaphaĂŤl Hertzog, Jim O’Gorman and Mati Aharoni 2017. [6] Dr K. Raja Kumar’s paper on Penetration Testing using Linux Tools: Attacks and Defense Strategies. International Journal of Engineering Research & Technology (IJERT), Vol. 5 Issue 12, December-2016 [7] Harmandeep Singh’s paper on Penetration Testing: Analyzing the Security of the Network by Hacker’s Mind, IEEE paper Volume V, Issue V, May 2016. [8] Ms. Shyaml Virnodkar, Rahul Gupta, Tejas Bharambe’s paper on Cross Platform Penetration Testing Suite. International Research Journal of Engineering and Technology (IRJET), Volume: 05 Issue: 03, Mar-2018. [9] Young B. Choi’s paper on Building a Penetration Testing Device for Black Box using Modified Linux for Under $50. (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 8, No. 1, 2017. [10] Jyoti Pathak, Afzl Ayyub, Satyendra Mohan Srivastava’s paper on Penetration Testing: Rolling Kali Linux. IJSRD - International Journal for Scientific Research & Development, Vol. 4, Issue 12, 2017.