IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [kali-linux]

Offensive Security's penetration testing Linux distribution.

Kali Linux, formerly BackTrack Linux, is a Linux distribution made for the purpose of penetration testing. The tag-line of the software is "The quieter you become, the more you are able to hear".

The distribution contains a great many security tools like the Metasploit pentesting framework, port scanners, traffic analysis tools, and password crackers.

It is bootable from a CD, DVD or USB storage.

Official site: Kali.org
Official site of BackTrack (no longer maintained): backtrack-linux.org

346 questions
6
votes
1 answer

Pen Testing ASP.NET application with Backtrack

We have developed an ASP.NET Based Enterprise Application which is is soon to be released. Now, we are concerned about the security aspects of the application. I've been looking into Backtrack 5 and visited a lot of websites about pen testing too…
N.p Subedi
  • 161
  • 1
  • 4
6
votes
1 answer

Bettercap sniff HTTPS login credentials using proxy

I was wondering how I could sniff HTTPS credentials using the Bettercap proxy. I am using the following command: bettercap -I wlan0 -T 10.0.0.23 -X --proxy-https And when I setup the proxy on my android (In WiFi settings), with the address as…
Jacob Collins
  • 61
  • 1
  • 1
  • 3
6
votes
6 answers

Can you recommend a good book on Backtrack/Metasploit?

I have just downloaded Backtrack 5 R2 with Gnome and, while it looks cool, I don't really know where to start. I see it comes with Metasploit but, to be blunt, I still don't really understand what Metasploit is. A quick disclaimer, I'm a Windows guy…
JMK
  • 2,436
  • 7
  • 27
  • 38
6
votes
2 answers

How does IP tracking work?

Excuse the naive question (I'm more of a dev than a web-sec person) In the past I've had webservers hacked and usually i've traced it to some random machines which seem to have been compromised (i assume part of a botnet etc trying to find a way to…
Alex
  • 305
  • 1
  • 3
  • 7
6
votes
3 answers

Running Ophcrack against Windows 10

I'm putting together a demo of Ophcrack for my team here. It's been a while since I used it, like 7-10 years. Booting up into either the Ophcrack live CD or using it in Kali, I'm seeing samdump2 and pwdump showing the same SID/hash for all users…
Stateful
  • 161
  • 1
  • 4
6
votes
3 answers

Why use a USB WiFi adapter with Aircrack-ng?

What are the limitations we have when we are performing aircrack-ng pen testing using laptop's built-in WiFi adapter? Many pen testers are using USB WiFi dongles for this purpose and I wonder why. What are the best available WiFi USB adapters for…
user3496510
  • 1,257
  • 2
  • 12
  • 26
6
votes
1 answer

Set Session Metasploit

Metasploit exploits (exploits/windows/local/virtual_box_opengl_escape in specific) have an option called Session. What is this is to be set to? I am running Kali on virtual box on a Windows machine
Anuraag Baishya
  • 205
  • 1
  • 2
  • 8
6
votes
1 answer

Evil twin access point with WPA/WPA2

When I created an evil twin AP with an SSID of someone else's Wi-Fi network e.g. MyWifiNet, I could see two APs on my phone/laptop with the SSID MyWiFiNet, however the legitimate one was secured with WPA2 and the evil one was unsecured. Can I create…
tester125
  • 71
  • 3
5
votes
1 answer

Proxychains + dnscrypt + Tor

I'm currently working in Kali and I'm trying to boost my security and anonymity online. Please, bear with me for I am no expert yet. Googling and searching here has yielded useful info but not enough so I though I'd ask a more specific…
Void
  • 51
  • 1
  • 3
5
votes
1 answer

Why some routers ask for PIN but can't be cracked using PIN-based attacks?

I've been working with WPS assessment tools like Reaver and Bully for some time and i could successfully crack my router's PIN code and find its password on both QSS PBC and QSS PIN code. when each of those options was enabled on my router, it…
user60980
5
votes
5 answers

Cloud provider for Penetration Testing

I wish to set up a Kali Linux box on a cloud provider in order to perform same day penetration tests. The issue I am having is finding a cloud provider such as AWS, Azure etc. for this. For AWS they require an application to be filled for each…
K92
  • 81
  • 7
5
votes
2 answers

Reverse connection Metasploitable 2 -> Kali Linux (Samba 3.x) without Metasploit

I am trying to exploit Metasploitable 2 without the use of Metasploit, with the aim of learning. In this case, I am focusing on Samba 3.x (Port TCP 139, 445) In this link http://www.rwbnetsec.com/samba-3-x/ two different methods are explained to…
J.g.
  • 53
  • 1
  • 6
5
votes
4 answers

Does aircrack-ng use GPU/CUDA capabilities?

As stated, does aircrack-ng when brute forcing a WPA2 handshake capture use GPU/CUDA resources such as a program like Hashcat does?
Norr
  • 199
  • 1
  • 2
  • 8
5
votes
3 answers

Metasploitable ports closed and web server unavailable

I have setup a fresh VirtualBox install of both Kali Linux and Metasploitable. I did an ifconfig on the Metasploitable VM and tried to access it through the browser, but that gives the message The 10.0.2.15 page isn’t working From Kali I am able to…
bigtunacan
  • 163
  • 1
  • 1
  • 5
5
votes
1 answer

How can I decrypt traffic on a WEP encrypted network?

Let's say that I am connected to a WEP Access Point and I want to sniff all wireless traffic inside that network. How can I decrypt the traffic even though I don't have the cryptographic key? I found a link that shows how to decrypt live wireless…
Backtrack
  • 53
  • 1
  • 5
1
2
3
23 24