TOP 10 KALI LINUX TOOLS:

1. Nmap (Network Mapper)
2. Wireshark
3. John the Ripper
4. THC Hydra
5. Better cap
6. Autopsy
7. Sqlmap
8. Burp Suite Scanner
9. Lynis
10. Netcat

1. Nmap (Network Mapper):

Network Mapper also known as Nmap, is a very simple and open source scanning tool used in Kali Linux, that works by sending packets and analyzing responses to uncover the host and services on a computer network. Nmap allows us to scan a system or scan a network. It sends packets to the host computer and then analyzes the response to create the desired result. Nmap tool allows you to scan all open ports, host discovery, NetBIOS, and even OS detection. Nmap is one of the best and most widely used Kali Linux tools for performing cyber attacks.

You can also install Nmap on any operating system. Here is a few basic uses of Nmap commands:

namp 192.168.0.1          ## Scan a single host 
namp 192.168.0.1-10       ## Scan a IP range 
namp 192.168.0.0/24       ## Scan a entire subnet 

2. Wireshark:

Wireshark is very famous among other Kali Linux tools. It is commonly defined as a network sniffer. By sniffing, we mean that it captures and analyze packets. This tool is used for network analysis which is commonly used for network security. It can analyze the data sent over a network in packets. Every packet has detailed information, including transmit time, source and destination IP addresses, type of protocol, and header data. These packets files have an extension of .pcap. These pcap files can be analyzed using Wireshark.

How to use Wireshark: You can use any pcap file and open it in Wireshark, and you will see the list of packets is displayed

3. John the Ripper:

John the Ripper is pre-packed in the pen-testing versions of Kali Linux.

John the Ripper is mainly an open-source password cracker commonly used during pen-testing exercises to help IT staff spot weak passwords and identify poor password policies. It is available for a huge number of operating systems. It also incorporates its wordlists of the maximum possible passwords available for 20+ languages. JtR wordlists provide a huge number of possible passwords from which it can create the comparing hash values to guess the target password. Since most people decide on simple to-recall passwords, it is regularly extremely successful, even with its out-of-the-crate wordlists of passwords.

JtR performs encryption on the hashed data and compares it to a file consisting of possible passwords. It simply stops hashing when it finds a match for the password.

4. THC Hydra:

THC Hydra is an extremely well-known, parallelized, and fast password cracker, making it possible for specialists and security experts to achieve access to any remote system. It is very easy to add new modules in hydra. It is a login cracker that works by using different approaches such as it uses a dictionary/brute-force attack against a number of applications. It makes a comparison of passwords using brute force attack or dictionary attack. When any of the web applications typically depend on login credentials for the user’s safety, a hacker or a pentester can easily use hydra to gain these credentials. It can automatically carry out rapid dictionary attacks against numerous protocols.

5. Better cap:

Bettercap is one of the top and very impressive Kali Linux tools. Better cap conducts Man-In-The-Middle attack. It is also capable of manipulating HTTP, HTTPS, and TCP traffic. In other words, it is also called the updated or better version of the Ettercap tool, which was used earlier, it means it does everything Ettercap did, but in this case, we do not need additional programs and a lot of open consoles.

BetterCap can crack SSL/TLS, HSTS, HSTS Preloaded. It uses SSLstrip+ and DNS server (dns2proxy) to perform a partial HSTS bypass. In this way, SSL/TLS connections are terminated. The downstream connection, however, between client and attacker remains decrypted and does not use SSL/TLS encryption. Bettercap also features performing attacks on wireless networks. It can also perform network monitoring and WiFi monitoring.

6. Autopsy

An Autopsy is basically a major tool of digital forensics, which comes pre-installed within Kali Linux. It is a graphical interface that is used to collect information from forensics. In the investigation process, we need to determine what happened and make use of Autopsy to investigate files or logs to learn what was done within the system. It can produce a real-time result, which makes it more compatible than other forensics tools.

In addition to the investigation process, an autopsy is also used to recover files from a memory card or a pen drive as recovery software.

Relatedly, the autopsy is a faster, stronger, and more efficient solution for the investigation of a hard drive.

How to use autopsy tool: As it is already pre-installed in kali Linux, just simply open the terminal and type autopsy.

7. Sql map

Sqlmap is specially designed to detect and take benefit of SQL injection vulnerabilities in web applications. Once it detects any of the SQL injections on the underlying target host, the user can choose among a variety of options to retrieve the DBMS session user and database, carry out an extensive back-end database management system fingerprint, enumerate users, password hashes, and a lot more

Sqlmap tool is generally considered one of the most useful tools to carry out SQL injection attacks. It automates the procedure of exploiting the SQL injection. SQL injection attacks are vulnerable as it gains control over the databases that use SQL. Sqlmap is a testing parameter for SQL injection flaws that is mainly used in penetration testing. It automates the exploitation of vulnerable parameters. It is an effective tool of Kali Linux as it detects the database by itself, so we have to equip a URL to check the vulnerable URL parameter. We can rather use the requested file to check for POST parameters.

8. Burp Suite Scanner:

Burp Suite Scanner is an incredible web security analysis tool. It is usually very famous for investigating vulnerabilities and also performing pen-testing. It is commonly known as “Burp”, which works As a proxy-based tool. Burp offers a GUI and many advanced tools, unlike other web application security scanners. Burp can be useful to determine the security of a web application and is majorly used for hands-on testing.

Nevertheless, the community edition exclusively specifies some fundamental manual tools’ features. For experts, you will have to suppose upgrading. Equivalent to the previous tool, this isn’t open-source either.

Using burp, a user controls all the actions that are performed. Its main function is to convey an HTTP request amongst the burp tools to perform specific tasks.

9. Lynis:

Lynis is a versatile tool that can be used for many different purposes, whether it is vulnerability detection, penetration testing, system hardening, compliance testing, or security auditing. Lynis can use only the available system tools and libraries, so it has modular and opportunistic scanning. The good side is that it needs no installation of other tools, so in this way, you can keep your systems tidy.

If you use lynis, this tool can execute with almost zero reliances. In addition to that, no audit will be the same, which means the more components it discovers, the more comprehensive the audit will be performed. Scans are tailored to your system.

For example, When Lynis scans that you are operating Apache, it will conduct `a test related to Apache. While performing the typical Apache tests, it may also uncover an SSL/TLS configuration. It then conducts additional auditing measures based on that. A good example is gathering any found certificates so that they can be scanned later as well.

10. Netcat

Netcat comes pre-installed with Kali Linux. Netcat also abbreviated as “nc”, uses TCP or UDP ports for reading and writing to a network connection. It is a networking tool that can perform various port scanning and port listening/port redirection.

Netcat is a back-end tool, which helps as a back door into other networked systems which means that you can transfer files directly through netcat.

This command can also be used in Network Debugging and can also be used for daemon testing. Netcat is also regarded as the pocket knife of networking tools.

To use netcat, you will use terminal and type nc or netcat. To use this tool, we can also do port listening as shown in the screenshot using separate terminals.

Conclusion

These are a few of many Kali Linux tools. These users are generally used by ethical hackers and also penetration testers. Kali Linux is developed actively by offensive security. Many of these tools come pre-installed with Kali Linux and as far as their usage is concerned, most of them are extremely easy to use. Infosec companies and ethical hackers make use of its most common security distribution.

These tools are carefully added in Kali Linux after reviewing BackTrack, as many tools are eliminated that did not work or had similar functionality.

The post Top 10 Ethical Hacking Tools in Kali Linux appeared first on TecAdmin.

Once you are connected to a remote host file time via SSH, the SSH clients check for the host key file under the known_hosts file. If the key is found, you will be connected to a remote server after authentication, but if key doesn’t found in the known_hosts file, the command will show a warning message and a prompt to accept or reject the connection request. Once you accepted the by typing “yes”, the key is added in the known_hosts file.

Here is an example to of command:

ssh ubuntu@remote-host 

Output 
The authenticity of host 'remote-host (123.45.67.89)' can't be established.
RSA key fingerprint is 9f:48:89:f5:68:2f:cd:b3:19:95:40:43:98:09:0a:1a.
Are you sure you want to continue connecting (yes/no)?

But in some situations, like shell scripts, we need to disable the strict host check. Continue to read this article to understand the way to disable strict host check in the SSH clients on Linux systems.

Disable with SSH Command

You can define the StrictHostKeyChecking=no command line argument to ssh command to skip the host key checking.

ssh -o StrictHostKeyChecking=no user@remote-host 

Using Config File

You can also define the strings to disable host key checking in the configuration file. You need to create a ~/.ssh/config file and disable strict host key checking by adding the content.

vi ~/.ssh/config 

Host *
    StrictHostKeyChecking no

This will disable host checking for all hosts you connect to. Rather than disabling host check for all Host “*”, it would be safer to specify a particular host.

Host 192.168.1.10
    StrictHostKeyChecking no

Also, set the proper permissions on the file to make it read-only for the user.

sudo chmod 400 ~/.ssh/config 

That’s it. You have successfully disabled the strict host key checking in SSH.

Conclusion

In this tutorial, you have learned, how to disable strict host key check during ssh key connection to a remote host.

The post How to Disable Strict Host Key Checking in SSH appeared first on TecAdmin.

In this guide, we’ll be focusing on setting up SSH keys-based authentication for a CentOS 8 server. SSH keys offer a straightforward, steady technique of communicating with remote servers and are encouraged for all users.

Creating SSH Keys in Linux

To generate a new 2048-bit RSA key pair, open up the terminal and execute the below-given command:

ssh-keygen 

After pressing the enter, you will see the following output:

If you press Enter, by default, it will save the key pair in the .ssh subdirectory of your_home folder. You can also provide the alternate path of where you want to save the key pair but it is recommended to use the default directory to save the key pair:

If you have created a key pair before on your client machine then you will be prompted to overwrite it. It’s totally up to you to choose yes or no but be careful to choose the ‘y’ option. If you choose the ‘y’ option, you will not be able to use the previous key pair to log in to the server.

Now you will be asked to provide a passphrase to add an extra layer of security that prevents unauthorized users from accessing the server. Just press Enter if you do not want to provide any passphrase:

After providing the passphrase, you will see the following output:

Now you have successfully generated an SSH key pair, to verify this run the below-given command:

ls -l ~/.ssh/id_*.pub 

The command given above will output the path to the file which contains the SSH key pair. If it outputs an error like “No such file or directory found” then that means that the key pair was not successfully created and you will have to repeat the process again.

Adding the SSH Key to Remote System

Once you have created the key pair you need to add the SSH key to the CentOS server. The fastest way is to use the ssh-copy-id method. In some cases, you might not have the ssh-copy-id method available on your local machine. In this case, you can use an alternate method to add the SSH key to the CentOS Server.

Adding SSH Key via ssh-copy-id Command

Your local machine will most probably have the ssh-copy-id method by default. This method will only work in case you have password-based SSH access to the server:

ssh-copy-id username@server_host

For my server I will use:

ssh-copy-id Rahul@192.168.18.76 

The IP address is your system’s IP, type yes and press Enter, you will be prompted to enter the remote user’s password:

Once the user completes all steps, the public key will be copied to the server:

Adding the SSH Key Without ssh-copy-id

In case your local machine doesn’t have the ssh-copy-id method installed, which is highly unlikely, then you will have to run this command to add the ssh keys to the server.

For my local server I will use:

cat ~/.ssh/id_rsa.pub | ssh Rahul@192.168.18.76 "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys" 

How to Login to the Server using SSH keys

Now that you have successfully added the key to the server, you should be able to login into the server without the user’s password:

$ ssh username@server_ip_address

For my server I will use the following command:

ssh Rahul@192.168.18.76 

If you didn’t set the passphrase then you can log in without authentication. It is the fastest way to log in to the server otherwise you have to pass through the authentication stage.

Step 3 – How to Disable SSH Password Authentication

You can add an extra security layer by disabling the password authentication for SSH. Before the beginning process, ensure that you are able to access your server without the password as a root user or as a non-root user with sudo privileges.

To disable SSH password Authentication, the first log in to the server:

ssh Rahul@192.168.18.76 

Now we will open and modify the SSH configuration file located at /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config 

After opening the configuration file make the following changes:

PasswordAuthentication no

Uncomment the above-given lines if they are commented by removing the # sign and set their value to no.

After modification of the SSH file you need to save and close the file by pressing Ctrl + X and restart SSH service using the following command:

sudo systemctl restart sshd 

By doing all steps, password-based authentication is disabled successfully.

Conclusion

SSH is a secure network protocol that is used for communication between a remote server and a client; It is more secure than FTP for file transfers between a client and a server. In this article, we learned to generate SSH key pairs and set up SSH-based authentication for CentOS 8 based servers, we also learned to disable the SSH password authentication.

The post How To Set Up SSH Keys in Linux appeared first on TecAdmin.

It’s not a good practice to disable SELinux on a system, especially on production servers. For developer systems, you can disable it only if facing issues due to its policies.

In this how-to-guide, you will learn to disable SELinux on a CentOS 8 or RHEL 8 Linux system.

SELinux Modes

SELinux has three modes to run as described below. The default SELinux runs in Enforcing mode on a CentOS or RHEL Linux system.

• Enforcing – SELinux security policy is enforced.
• Permissive – SELinux allows access but prints warnings on rules violations.
• Disabled – No SELinux policy is loaded.

In this article, we will discuss how to change SELinux mode to permissive or disable it completely on a CentOS and RedHat Linux system.

Check SELinux Status

You can use getenforce command to view the status of SELinux. Another command sestatus gives you more details about SELinux status.

Press CTRL+ALT+T to launch a terminal and type:

sestatus 

You will see the output like:

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33

The above status shows that SELinux is enabled and enforcing.

Disable SELinux on CentOS/RHEL 8

Update the SELinux configuration file and set SELINUX=disabled to permanently disable the SELinux on your system. This will completely disable all the SELinux context.

sudo nano /etc/selinux/config 

Set SELINUX value to disabled:

SELINUX=disabled

Reboot your instance to apply changes.

You can again activate the SELinux by setting SELINUX=enforcing in configuration file. Instead of disabling SELinux, you can set it to permissive mode.

Set SELinux in Permissive Mode (Temporary)

The permissive mode means the SELinux policy is not enforced. SELinux does not deny any operations even they do policy violations. It only creates logs, which is helpful for debugging.

You can set the SELinux in permissive mode temporarily by using one of the below commands.

sudo setenforce 0 

sudo setenforce Permissive 

Once the system rebooted, the temporary mode will be disabled and SELinux will again in enforcing. Use the next method to apply changes permanently.

Set SELinux in Permissive Mode (Permanent)

You can also Configure SELinux Permissive Mode Permanently by editing the configuration file. Edit the configuration in in your favorite text edit:

sudo nano /etc/selinux/config 

Set the SELINUX value to permissive.

SELINUX=permissive

Save your file and close. Then reboot your system to apply changes.

Concusion

In this tutorial, you have learned about disable SELinux permanently or configure it to permissive mode CentOS 8 or RHEL 8 Linux systems.

You can read more about SELinux on its official site: What is SELinux?

The post How to disable SELinux on CentOS 8 & RHEL 8 appeared first on TecAdmin.

We never recommend disabling SELinux on your system, especially on production servers. For developer systems, you can disable it only if hampering your work due to its policies.

SELinux Modes:

SELinux has three modes to run as described below. The default SELinux runs in Enforcing mode on a Fedora Linux system.

• Enforcing – SELinux security policy is enforced.
• Permissive – SELinux allows access but prints warnings on rules violations.
• Disabled – No SELinux policy is loaded.

In this article, we will discuss how to change SELinux mode to permissive or disable it completely on a Fedora Linux system.

Check SELinux Status

You can use getenforce command to view the status of SELinux. Another command sestatus gives you more details about SELinux status.

Open a terminal on your Fedora systems and type:

sestatus 

You will see the ouptut as:

SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33

The above status shows that SELinux is enabled and enforced.

Set SELinux in Permissive Mode (Temporary)

The permissive mode means the SELinux policy is not enforced. SELinux does not deny any operations even if they do policy violations. It only creates logs, which is helpful for debugging.

You can set the SELinux in permissive mode temporarily by using one of the below commands.

sudo setenforce 0 

sudo setenforce Permissive 

Once the system is rebooted, the temporary mode will be disabled and SELinux will again in enforcing. Use the next method to apply changes permanently.

Set SELinux in Permissive Mode (Permanent)

You can also Configure SELinux Permissive Mode Permanently by editing the configuration file. Edit the configuration in in your favorite text edit:

sudo nano /etc/selinux/config 

Set the SELINUX value to permissive.

SELINUX=permissive

File changes will reflect after the system reboot.

Permanently Disable SELinux on Fedora

Update the SELinux configuration file and set SELINUX=disabled to permanently disable the SELinux on your system. This will completely disable all the SELinux contexts.

sudo nano /etc/selinux/config 

Set SELINUX value to disabled:

SELINUX=disabled

Reboot your instance after making changes.

Note – You can again activate the SELinux by setting SELINUX=enforcing in configuration file.

Concusion

In this tutorial, you have learned about configuring SELinux in permissive mode or disabling it completely on a Fedora Linux system. This tutorial can be followed on other Redhat-based distributions like CentOS, RHEL, etc.

The post How to Disable SELinux on Fedora appeared first on TecAdmin.

SELinux Modes:

SELinux has three modes to run. By default, SELinux runs in Enforcing mode on CentOS 7

• Enforcing – SELinux security policy is enforced.
• Permissive – SELinux allows access but prints warnings on rules voilation.
• Disabled – No SELinux policy is loaded.

Check SELinux Status

You can use getenforce command to view the status of SELinux. Another command sestatus gives you more details about SELinux status.

Press CTRL+ALT+T to launch a terminal and type:

sestatus 

Output:
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

The above status shows that SELinux is enabled and enforcing.

How to disable SELinux on CentOS 7

You can disable SELinux permanently by edition the /etc/selinux/config file in CentOS 7 and RHEL 7 systems. Edit the SELinux configuration file and set SELINUX=disabled to permanently disable the SELinux on a CentOS 7 system. This will completely disable all the SELinux context.

sudo nano /etc/selinux/config 

Set SELINUX value to disabled:

SELINUX=disabled

Reboot your instance to apply changes.

You can again activate the SELinux by setting SELINUX=enforcing in configuration file. Instead of disabling SELinux, you can set it to permissive mode.

Set SELinux in Permissive Mode (Temporary)

The permissive mode means the SELinux policy is not enforced. SELinux does not deny any operations even they do policy violations. It only creates logs, which is helpful for debugging.

You can set the SELinux in permissive mode temporarily by using one of the below commands.

sudo setenforce 0 

sudo setenforce Permissive 

Once the system rebooted, the temporary mode will be disabled and SELinux will again in enforcing. Use the next method to apply changes permanently.

Set SELinux in Permissive Mode (Permanent)

You can also Configure SELinux Permissive Mode Permanently by editing the configuration file. Edit the configuration in in your favorite text edit:

sudo nano /etc/selinux/config 

Set the SELINUX value to permissive.

SELINUX=permissive

Save your file and close. Then reboot your system to apply changes.

Concusion

In this tutorial, you have learned how to disable SELinux on CentOS 7. Additionally discussed disabling SELinux permanently or set this to permissive mode on CentOS 7 or RHEL 7 Linux systems.

You can read more about SELinux on its official site: What is SELinux?

The post How To disable SELinux on CentOS 7 appeared first on TecAdmin.