SomaliSocial
by on August 17, 2017
62 views
Undeniably, Kali is the best choice of Linux distro for Penetration Testers, Bug Bounty Hunters, and Security Researchers (if you think differently, please comment below). It carries a completely open source tools to perform the “Kill Chain“.
However, many users tend to overlook the aspect of fine tuning the arsenal and launching a Vulnerability Assessment and PenTest (VAPT) right away.
As a best practice, hardening and tweaking should be the first thing to do in every operating system after the installation. And here below are the simple steps after the Kali installation.
1. Switch to root user account and change the “toor” password
sudo su –
passwd
2. Add repository
Edit “/etc/apt/sources.list” with your favorite editor; pico, vi, vim, nano, or leap. Then add the following repository below if missing.
# start here
deb kali main non-free contrib
deb kali/updates main contrib non-free
deb-src kali main non-free contrib
deb-src kali/updates main contrib non-free
deb kali-bleeding-edge main
deb kali-rolling main non-free contrib
deb all main
# end here
3. Clean, Update, Upgrade and Dist-Upgrade your arsenal.
apt-get clean && apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
4. Start your favorite Tool
-Configure the Metasploit logging. Sample version below is MSF4
echo “spool /root/msf_console.log” > /root/.msf4/msfconsole.rc
-Start the database, web server, and Metasploit
service postgresql start && update-rc.d postgresql enable
service apache2 start
msfdb init
msfconsole
5. Update the VMware tool if you are using Kali on VMware
cp /media/cdrom0/* /tmp && cd /tmp && tar xvf /tmp/VMwareTools*
cd vmware-tools-distrib
./vmware-install.pl –default
vmware-toolbox-cmd upgrade status
*REMOVE the CD-Rom media then *restart the Kali.
6. Modify the machine hostname to your Hacker’s code (mine is Strainer)
vi /etc/hostname
vi /etc/hosts
#Reboot required to take effect
7. Tweaking your Kali to make faster
-Edit the desktop config file /usr/share/applications/nautilus.desktop and change the Startup Notification to “false”
StartupNotify=false
-Install the bleachbit to clean the System and Free Disk Space
apt-get install bleachbit
bleachbit > clean
-Remove the iceweasel web browser if opt to
apt-get remove iceweasel
-Install Mozilla web browser
echo -e “ndeb all main” | tee -a /etc/apt/sources.list > /dev/null
apt-get install firefox-mozilla-build
8. Enjoy hacking … ethically 🙂 !!!
Topics: reboot
Page generated in 0.1764 seconds with 53 queries and GZIP enabled on 45.56.101.149.