Wireshark dialog for creating a capture filter

Filtering Packets In Wireshark on Kali Linux

Introduction

Filtering allows you to focus on the exact sets of data that you are interested in reading. As you have seen, Wireshark collects everything by default. That can get in the way of the specific data that you are looking for. Wireshark provides two powerful filtering tools to make targeting the exact data you need simple and painless.

There are two way that Wireshark can filter packets. It can filter an only collect certain packets, or the packet results can be filtered after they are collected. Of course, these can be used in conjunction with one another, and their respective usefulness is dependent on which and how much data is being collected.

Read more

Introduction to Nmap on Kali Linux

Introduction

Nmap is a powerful tool for discovering information about machines on a network or the Internet. It allows you to probe a machine with packets to detect everything from running services and open ports to the operating system and software versions.

Like other security tools, Nmap should not be misused. Only scan networks and machines that you own or have permission to investigate. Probing other machines could be seen as an attack and be illegal.

That said, Nmap can go a long way in helping to secure your own network. It can also help you to ensure that your servers are properly configured and don’t have any open and unsecured ports. It will also report if your firewall is correctly filtering ports that should not be externally accessible.

Nmap is installed by default on Kali Linux, so you can just open it up and get started.

Read more

crunch kali brute force password attack

Creating Wordlists with Crunch on Kali Linux

crunch kali brute force password attack

Introduction

Wordlists are a key part of brute force password attacks. For those readers that aren’t familiar, a brute force password attack is an attack in which an attacker uses a script to repeatedly attempt to log into an account until they receive a positive result. Brute force attacks are fairly overt and can cause a properly configured server to lock out an attacker or their IP.

This is the point of testing the security of log in systems this way. Your server should ban attackers that attempt these attacks, and should report the increased traffic. On the user end, passwords should be more secure. It’s important to understand how the attack is carried out to create and enforce a strong password policy.

Kali Linux comes with a powerful tool for creating wordlists of any length. It’s a simple command line utility called Crunch. It has simple syntax and can easily be adjusted to suit your needs. Beware, though, these lists can be very large and can easily fill an entire hard drive.

Read more

burp web penetration testing guide

Learn Burp Suite on Kali Linux: Part 2

web penetration testing tool on kali linux

Introduction

In this second part of the Burp Suite series you will lean how to use the Burp Suite proxy to collect data from requests from your browser. You will explore how an intercepting proxy works and how to read the request and response data collected by Burp Suite.

The third part of the guide will take you through a realistic scenario of how you would use the data collected by the proxy for a real test.

There are more tools built in to Burp Suite that you can use the data that you collect with, but those will be covered in the fourth and final part of the series.

Read more

burp web penetration testing guide

Learn Burp Suite on Kali Linux: Part 3

brute force test penetration web kali burp

Introduction

In this third part of the Burp Suite series, you will learn how to actually collect proxied traffic with Burp Suite and use it launch and actual brute force attack. It will run somewhat parallel to our guide on Testing WordPress Logins with Hydra. In this case, though, you will use Burp Suite to gather information on WordPress.

The purpose of this guide is to illustrate how the information gathered by Burp Suite’s proxy can be used to conduct a penetration test. Do Not use this on any machines or networks that you do not own.

For this guide, you will also need Hydra installed. It’s not going to go into depth on how to use Hydra, you can check out our Hydra SSH guide for that. Kali Linux already has Hydra installed by default, so if you’re using Kali, don’t worry. Otherwise, Hydra should be in your distro’s repositories.

Read more

wordpress login test penetration test

Test WordPress Logins With Hydra on Kali Linux

wordpress login test penetration test

Introduction

There are web forms all over the Internet. Even sites that don’t usually allow regular users to log in probably have an admin area. It’s important when running and deploying a site to make sure that the passwords gating access to sensitive controls and admin panels are as secure as possible.

There are different ways to attack a web application, but this guide is going to cover using Hydra to perform a brute force attack on a log in form. The target platform of choice is WordPress. It is easily the most popular CMS platform in the world, and it is also notorious for being managed poorly.

Remember, this guide is intended to help you protect your WordPress or other website. Use on a site that you don’t own or have written permission to test is illegal.

Read more

How to change MAC address using macchanger on Kali Linux

Objective

The objective is to change or fake an original network card’s hardware MAC address. The following article will show how to change MAC address using macchanger on Kali Linux.

Requirements

Privileged access to you Kali Linux system.

Difficulty

EASY

Conventions

  • # – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
  • $ – requires given linux commands to be executed as a regular non-privileged user

Instructions

Change to a Random MAC address

First, let’s see how we can use macchanger to change network card’s hardware MAC address to a random address. We can start by investigating our current MAC address of eg eth0 network interface. To do this we execute macchanger with an option -s and an argument eth0.

Read more

Kali Linux Burp Suite Tutorial

When it comes to testing the security of web applications, you’d have a hard time finding a set of tools better than Burp Suite from Portswigger web security. It allows you to intercept and monitor web traffic along with detailed information about the requests and responses to and from a server.

This tutorial covers setting up Burp Suite and using it as a proxy for Firefox, how to gather information and use the Burp Suite proxy, a realistic testing scenario using information gathered through the Burp Suite proxy and many of the other features that Burp Suite has to offer.

Read more

Kali Linux Install Boot Menu

How to install Kali Linux

Objective

Install Kali Linux

Distributions

You’ll just need a working install of something to make the install USB

Requirements

A free hard drive to install Kali

Difficulty

Easy

Conventions

  • # – requires given linux command to be executed with root privileges either directly as a root user or by use of sudo command
  • $ – given linux command to be executed as a regular non-privileged user

Introduction

Kali Linux is a powerful toolkit for security testing. In most cases, you can simply run it temporarily from a USB drive, but there are occasions when you want a dedicated Kali install for longer term testing.

Please keep in mind that Kali is not a general purpose Linux distribution. It is not intended for daily use and may(ironically) prove insecure.

Read more

password attack hydra kali linux

SSH Password Testing With Hydra on Kali Linux

password attack hydra kali linux

Introduction

Hail Hydra! Okay, so we’re not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials.

Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and manage their systems. Sure, cPanel is a thing, but SSH is still there even when cPanel is being used.

This guide makes use of wordlists to provide Hydra with passwords to test. If you aren’t familiar with wordlists yet, go check out our Crunch guide.

Warning: Hydra is a tool for attacking. Only use it on your own systems and networks unless you have the written permission of the owner. Otherwise, it is illegal.

Read more