Kali linux black hat

Hacking with Kali at Black Hat USA 2016

We have really enjoyed doing the Dojo at Black Hat the last few years. It’s been a great opportunity to show off some of the lesser known (but oh so useful) features of Kali Linux as well as interact with the user base. But one of the limitations of the previous structure was that while this was a hands-on exercise, many attendees moved at different paces from each other. So we wanted to move towards more of a “self service” model where attendees can drop in, have access to the training material, and will be free to work at their own pace. We accomplished with the new model we will be premiering this year, allowing everyone to take as much, or as little, time needed to get a working Kali install customized to their desires. While this is being done, Kali developers will be onsite and interacting with everyone on a consistent basis.

Hacking the playground with Kali Linux

This leads to the next major change in structure, as in previous years a commonly heard question was “Great! I have this beautiful Kali install, now what do I do with it?”. This year, we have a great answer for this: Hack our systems!

Our good friends at OffSec have been gracious enough to provide us with a number of systems that have been preconfigured with interesting and unique vulnerabilities. This environment will will be setup in the room, and attendees can connect into it and put Kali Linux to use, hacking these systems to your hearts content. Whats more, we will be providing some extra incentive for you to hack all the things, by giving away prizes to those that obtain the highest score.

Our cool giveaways in the Playground CTF

Here are a few pics of the Kali hardware we’ll be giving away to our contest winners in the Kali Dojo CTF:

What to bring if you want to attend:

Now that we have your attention, here’s what you need to bring!

• Powerful 64bit laptop with Kali Rolling (!) installed in a VM or natively.
• At least 40 GB free space in the VM or laptop for generating ISOs
• 8GB USB 3.0 stick (or larger) for creating Kali Live USBs.

We will have Kali VMWare images for you to download on site — so if you choose this option, make sure you have the latest VMware Workstation of Fusion installed. Yes, make sure it’s the LATEST version!

Come say hello!

Thats right. You can get a pre-release version of Kali Linux before its available to the public, you can customize it to yours hearts content. And then you can use it to hack vulnerable machines to accumulate points. And we will give you free stuff for doing all this. We know there is a lot going on at Black Hat Vegas, as the convention gets better every year. We do hope that you budget some time to drop on the Kali Dojo on Aug. 4th, as we will be going all day.

Источник

Kali Linux 2017.1 Release

Finally, it’s here! We’re happy to announce the availability of the Kali Linux 2017.1 rolling release, which brings with it a bunch of exciting updates and features. As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools — but this release has a few more surprises up its sleeve.

Support for RTL8812AU Wireless Card Injection

A while back, we received a feature request asking for the inclusion of drivers for RTL8812AU wireless chipsets. These drivers are not part of the standard Linux kernel, and have been modified to allow for injection. Why is this a big deal? This chipset supports 802.11 AC, making this one of the first drivers to bring injection-related wireless attacks to this standard, and with companies such as ALFA making the AWUS036ACH wireless cards, we expect this card to be an arsenal favourite.

The driver can be installed using the following commands:

Streamlined Support for CUDA GPU Cracking

Installing proprietary graphics drivers has always been a source of frustration in Kali. Fortunately, improvements in packaging have made this process seamless — allowing our users a streamlined experience with GPU cracking. Together with supported hardware, tools such as Hashcat and Pyrit can take full advantage of NVIDIA GPUs within Kali. For more information about this new feature, check out the related blog post and updated official documentation.

Amazon AWS and Microsoft Azure Availability (GPU Support)

Due to the increasing popularity of using cloud-based instances for password cracking, we decided to focus our efforts into streamlining Kali’s approach. We noticed that Amazon’s AWS P2-Series and Microsoft’s Azure NC-Series allow pass-through GPU support so we made corresponding AWS and Azure images of Kali that support CUDA GPU cracking out of the box. You can check out our Cracking in the Cloud with CUDA GPUs post we released a few weeks back for more information.

OpenVAS 9 Packaged in Kali Repositories

One of the most lacking tool categories in Kali (as well as the Open-source arena at large) is a fully-fledged vulnerability scanner. We’ve recently packaged OpenVAS 9 (together with a multitude of dependencies) and can happily say that, in our opinion, the OpenVAS project has matured significantly. We still do not include OpenVAS in the default Kali release due to its large footprint, but OpenVAS can easily be downloaded and installed using the following commands:

Kali Linux Revealed Book and Online Course

To those of you following our recent announcement regarding the Kali Linux Certified Professional program, we’re happy to say that we’re spot on schedule. The Kali Linux Revealed book will be available in early July, and the free online version will be available shortly after that. We’re really excited about both the book and the online course and are anxiously waiting for this release — it marks a real cornerstone for us, as our project continues to grow and mature. To keep updated regarding the release of both the book and the online course, make sure to follow us on Twitter.

Kali Linux at Black Hat Vegas 2017

This year, we are fortunate enough to debut our first official Kali Linux training at the Black Hat conference in Las Vegas, 2017. This in-depth, four day course will focus on the Kali Linux platform itself (as opposed to the tools, or penetration testing techniques), and help you understand and maximize the usage of Kali from the ground up. Delivered by Mati Aharoni and Johnny Long, in this four day class you will learn to become a Kali Linux ninja. We will also be delivering another Dojo event this year — more details about that to come at a later date.

Kali ISO Downloads, Virtual Machines and ARM Images

The Kali Rolling 2017.1 release can be downloaded via our official Kali Download page. If you missed it, our repositories have recently been updated to support HTTPS, as well as an HTTPS apt transport. This release, we have also updated our Kali Virtual Images and Kali ARM Images downloads. As usual, if you’ve got Kali already installed, all you need to do to be fully updated is:

We hope you enjoy this fine release!

Источник

Приятный сюрприз перед ИБ-ивентами: вышла Kali Linux 2022.3

В новой версии дистрибутива появились 5 новых инструментов, обновлено ядро Linux и много-много всего.

• Подготовлен релиз NetHunter 2022.3 , окружения для мобильных устройств на базе платформы Android с подборкой инструментов для тестирования систем на наличие уязвимостей.
• Теперь образы VirtualBox собираются в формате VDI (родном формате VirtualBox, с метаданными .vbox), который сжимается лучше, чем OVA-образы. К тому же, пользоваться VirtualBox станет немного проще – теперь образ достаточно просто скопировать в папку VirtualBox и запустить.
• Добавлены новые инструменты:
  • BruteShark – анализатор сети;
  • DefectDojo – инструмент для управления информацией об уязвимостях;
  • phpsploit – это фреймворк для удалённого контроля, предназначенный для обеспечения скрытого, интерактивного подключения через HTTP между клиентом и веб-сервером;
  • shellfire – инструментарий для эксплуатации RFI/LFI уязвимостей и командных инъекций;
  • SprayingToolkit – инструмент для совершения атаки «Password spraying» на устройства Lync/S4B, OWA и O365;
  • Для всех устройств с платой Raspberry Pi ядро обновлено до версии 5.15;
  • Создан arm.kali.org для сбора обзорной информации и статистики по kali-arm;
  • ARM с Kali на борту теперь имеют 256 МБ загрузочного раздела по умолчанию;
  • В Pinebook были удалены неработающие режимы сна;
  • USBArmory MKII перенесен в сборку u-boot 2022.04.

  Кроме того, теперь после каждого релиза новой версии Kali Linux можно будет поговорить с разработчиками на их Discord-сервере .

  Как удалить свой ЦИФРОВОЙ СЛЕД в интернете?

  Подпишитесь на наш ТГ канал и обретите свою цифровую свободу.

  Источник

  Kali Linux Dojo at Black Hat Vegas 2016

  The folks at Black Hat have been kind enough to invite us once again to deliver a Kali Dojo in Las Vegas this year. The event will be held on the 4th of August at the Mandalay Bay hotel, and will be open to all Black Hat pass types. This year our Dojo will be set up differently, allowing for a larger crowd and much more interaction. We are going to hold a full day event, featuring several main activity areas :

  

  Area 1: Customising Kali ISOs using live-build

  One to the most important aspects of Kali Linux is it ability to be customized based on your unique and specific needs. Define your toolsets, your desktop environment, customised scripts and wallpapers — and of course, preseed your installation media as needed. This area of the Dojo will feature the ever popular custom ISO generation on Kali Rolling.

  

  Area 2: Kali Live USB with Persistence and LUKS

  USB speeds keep getting faster and faster, to the point now where they are viable storage for a secondary system. In this area we will help you understand how to deploy your customized Kali ISO to a secure, encrypted, USB install. Complete with Kali specific features such as multiple persistent stores and LUKS Nuke!

  

  Area 3: Hacking with Kali Linux — Test the tools

  Now that you have tweaked out and customized Kali install, what do you do with it? Hack stuff! In this area we will provide you with a safe and secure area to put Kali to use, with real world attack vectors. Get your hands dirty and hack our stuff! And did we mention prizes? Oh yeah, there will be prizes! Including give aways of Kali NetHunter devices, Kali Flip laptops, and OffSec Penetration Testing with Kali Linux courses!

  

  Area 4: The wonderful world of Kali ARM devices

  One of the most exciting developments in modern Linux is non-traditional computing devices. Kali has always been at the forefront of ARM support, and has aggressively added support for a wide range of unique and specialized ARM devices. In this area, you will get a chance to see and go hands-on with a number of these unique devices. Additionally, you will be provided the opportunity to interact directly with Kali Developers!

  

  Come to the Dojo and say “Hi”

  We are extremely excited about this years Kali Dojo. This new format will facilitate more attendees (no more getting turned away at the door because we are full!) as well as more direct one on one interaction with Kali Developers and the OffSec team. If you have even a passing interest in Kali Linux, drop on in and say hi, hit us up with questions, and put Kali to use for a chance to win some awesome prizes! For more information about the Kali Dojo, check the Dojo Black Hat page.

  Kali Linux 2016.2 Release

  As we do every year, we will have some fresh pre-release Kali Linux 2016.2 ISOs fresh from the oven exclusively for our students, Dojo attendees and anyone else who wants to peek at our upcoming version of Kali Linux. Our final 2016.2 release will happen once we’re back from the conferences and fully recovered.

  Источник