Join Malcolm Shore for an in-depth discussion in this video A Kali refresher, part of Penetration Testing Essential Training.
- [Instructor] If you haven't worked with Kali yet, you should take a look at my introduction to Kali course. For the purposes of this course, I'll assume that you've at least used Kali. And for the refresher, I'll have a look at some of the lesser-used tools in Kali. Let's just take a look at how we change Kali's settings. I'll click on the top-right black bar, and get the drop-down panel. The bottom-left icon provides a window with settings. Let's look at Privacy.
We can seen the Screen Lock is on, which means we have to re-enter our password if we don't use Kali for a short period. Let's click on that, and turn off Automatic Screen Lock. Okay, we'll go back, and select Power. We're set to blank the screen after five minutes. I'll set that to Never, because I'm only using Kali when our main's powered.
Before I look at tools, I'll run the update and upgrade commands to make sure Kali's up to date. Okay, we're up to date now. Let's change our MAC address. We can do this using the application's Sniffing & Spoofing menu tool, macchanger. When I run ifconfig, I can see my current settings.
I'll now run macchanger and change my MAC address. Okay, we can see my MAC address is shown as the current address, and that I've been provided with a new one. Sure enough, when we run ifconfig again, it's changed. It's sometimes useful to be able to identify what vulnerabilities are known for a specific system. And we can do that in Kali with searchploit, which is in the application's Exploitation Tools menu.
This tool connects to the exploit db exploitation database. It's pretty simple to use. We just give it the term we want, and it lists the known vulnerabilities containing that term. We can limit the results by using a second term.
Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code