Kali Linux Burp Suite Tutorial

When it comes to testing the security of web applications, you’d have a hard time finding a set of tools better than Burp Suite from Portswigger web security. It allows you to intercept and monitor web traffic along with detailed information about the requests and responses to and from a server.

This tutorial covers setting up Burp Suite and using it as a proxy for Firefox, how to gather information and use the Burp Suite proxy, a realistic testing scenario using information gathered through the Burp Suite proxy and many of the other features that Burp Suite has to offer.

Read more

How to check Local and External IP address on Kali Linux


The following article will illustrate some of the common ways on how to determine a local and public IP address on Kali Linux.

External IP Address

Using WEB Browser

Perhaps the simplest way on how to determine your Local and Public IP address is by using your web browser. Follow this link to view your Local and Public IP address instantly on your web browser. This page was specifically created for the purpose to promptly help our readers with this kind information.

Read more

Kali Linux Install Boot Menu

How to install Kali Linux


Install Kali Linux


You’ll just need a working install of something to make the install USB


A free hard drive to install Kali




  • # – requires given linux command to be executed with root privileges either directly as a root user or by use of sudo command
  • $ – given linux command to be executed as a regular non-privileged user


Kali Linux is a powerful toolkit for security testing. In most cases, you can simply run it temporarily from a USB drive, but there are occasions when you want a dedicated Kali install for longer term testing.

Please keep in mind that Kali is not a general purpose Linux distribution. It is not intended for daily use and may(ironically) prove insecure.

Read more

password attack hydra kali linux

SSH Password Testing With Hydra on Kali Linux

password attack hydra kali linux


Hail Hydra! Okay, so we’re not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials.

Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and manage their systems. Sure, cPanel is a thing, but SSH is still there even when cPanel is being used.

This guide makes use of wordlists to provide Hydra with passwords to test. If you aren’t familiar with wordlists yet, go check out our Crunch guide.

Warning: Hydra is a tool for attacking. Only use it on your own systems and networks unless you have the written permission of the owner. Otherwise, it is illegal.

Read more