Skip to content

Kali Linux🔗

Minimal Headless Kali Linux installation - Works for Cloud VM Installation (NO GUI)🔗

This is a simple guide to install Minimal Headless Kali Linux by converting a Debian Linux to Kali Linux distro without any unnecessary tools. Basicity you install the tools you need.

First of all we will need a clean Debian Linux local or at any cloud provider with ssh access

Let's convert! We will install two packages which allow as to replace Debian's repo to kali repo

apt update
apt install -y gnupg gnupg2
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
rm -rf /etc/apt/sources.list
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list

Now after we replaced the repo to Kali we need to install the Basic Kali Linux core

apt -y update
apt-cache search kali-linux
apt install -y kali-linux-core
apt-get -y update
apt-get -y dist-upgrade
apt-get -y autoremove

Reboot the server to complete the conversion process.

In order to test that you are using Kali Linux

uname -a

After we got our new Minimal Kali ready we need to cleanup some Debian's leftovers to finnish

systemctl stop rpcbind.socket rpcbind smbd
systemctl disable rpcbind.socket rpcbind smbd

That's It, now we can install any package we need from Kali repo.

Here are some of my personal packages I use daily, you can install with

apt install -y \
curl git open-vm-tools net-tools htop docker docker-compose \
dirb wfuzz dirbuster enum4linux gobuster nbtscan nikto nmap \
onesixtyone oscanner smbclient fern-wifi-cracker smbmap \
smtp-user-enum sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf \
sipvicious seclists wordlists hash-identifier hydra lib32z1 \
adb fastboot realtek-rtl88xxau-dkms \
wifite apktool apksigner zipalign default-jre default-jdk \
screenfetch xsltproc binwalk python3-pip screenfetch \
subfinder chrony hcxtools libssl-dev hcxdumptool hashcat bully \
traceroute libpcap-dev npm

Metasploit Install🔗

apt install -y metasploit-framework postgresql
systemctl enable postgresql
systemctl start postgresql
msfdb init

Start:

msfconsole

AutoRecon Installation🔗

Based on this repo Tib3rius/AutoRecon

Install requirements:

apt install -y \
curl enum4linux gobuster nbtscan nikto seclists git \
nmap onesixtyone oscanner smbclient smbmap smtp-user-enum \
sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf sipvicious
python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git

Bettercap 1.6.2 Installation🔗

Warning

If you have Bettercap 2.x you should change the environmental path for running both Bettercap versions to run properly

Install Ruby Gem

apt install -y ruby-full libpcap-dev
gem update --system
gem install bettercap

Basic SSL Strip Example

bettercap -X -T 192.168.1.104 --proxy

SSL Strip With XSS Example

bettercap -X -T 192.168.3.104 --proxy --proxy-module injectjs --js-data "<script>alert('SSL STRIP, Script Injection')</script>"

To find that Bettercap installation from ruby gems:

gem environment

the path should be under GEM PATHP for example:

/var/lib/gems/2.7.0/gems/bettercap-1.6.2

MobSF - Mobile Security Framework Docker🔗

Based on MobSF/Mobile-Security-Framework-MobSF

docker run \
-d \
-it \
-h mobsf \
-v /root/docker/mobSF:/root/.MobSF \
--name mobsf \
--restart always \
-e TZ=Asia/Jerusalem \
-p 50000:8000 \
opensecurity/mobile-security-framework-mobsf:latest

SSH Broken Pipe in Kali - Fix🔗

nano ~/.ssh/config

add this:

Host *
    IPQoS=throughput

Comments