what is Kali Linux?
Kali Linux is a Debian-based open source Linux distribution aimed at advanced Pen-testing. it contains several hundred tools which we can use to hack a social media account to satellite, Pen-testing, Security research, Computer Forensics, and Reverse Engineering.
.All the tools which are preinstalled in Kali can be downloaded and installed in any other Linux distribution also
Kali has more than 400 tools. but In reality, we are using hardly 20 tools
Kali has a different section for Information Gathering, exploitation, wifi Hacking and password hacking, pen-testing, password cracking, etc. You can find them easily on Kali Linux
So you don’t have to be expert in Kali Linux all you need is write tools an internet connection and your ability to understand what goes behind the scene, how the system works, how to find a loophole and exploit them.
There is a list of tools every hacker should learn
For information Gathering:
- Maltego for gathering information of people, websites.
- Nmap for finding open, closed ports, detecting IDS, firewall, Target’s Os and scanning networks, bypassing firewalls, etc,.
- Dmitry, the harvester and DNS map for digging websites information like IP addresses,sub-domains, emails, etc.
For Wifi:
Don’t waste your time on wifite, fern, etc. Practice aircrack-ng, wifiphisher, Kismet and linset.
For Hacking Website
1. if website is vulnerable for SQLinjection use SQLMAP.
2. Want to scan website for vulnerabilities use owasp-zap,vega.
3. Other utility tools : burpsuite.
For exploiting browser :
1.BEEF
For cracking passwords :
1.John the ripper.
For Social engineering :
1.Social Engineering Toolkit
2.Metasploit. You can do everything with it.
You can create payload for Android, windows, Linux. You can hack web servers, websites etc
Metasploit is not a single tool it is collection of tools . It has more than 1200 tools and hundreds of payloads tools , you can make your own payload if you know ruby
There are several tools External Tools which are not pre-installed with Kali. but they are important .
DVWA: Install install dvwa (Damn vulnerable web app) on Kali Linux 2.0 .
with DWVA we can test our web app pentesting skills on your local machine on legal environment.You can practice xss,sqli,lfi,rfi,bruteforcing etc.
Nessus: is monitoring tool you must have it How to install nessus on Kali Linux 2.0
Most important thing for Hackers is Anonymity.
So install tor with proxychains to anonymize your attacks and scans how to configure tor with proxychains in Kali Linux 2.0 .