Kali Linux🔗
Minimal Headless Kali Linux installation - Works for Cloud VM Installation (NO GUI)🔗
This is a simple guide to install Minimal Headless Kali Linux by converting a Debian Linux to Kali Linux distro without any unnecessary tools. Basicity you install the tools you need.
First of all we will need a clean Debian Linux local or at any cloud provider with ssh access
Let's convert! We will install two packages which allow as to replace Debian's repo to kali repo
apt update
apt install -y gnupg gnupg2
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
rm -rf /etc/apt/sources.list
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list
Now after we replaced the repo to Kali we need to install the Basic Kali Linux core
apt -y update
apt-cache search kali-linux
apt install -y kali-linux-core
apt-get -y update
apt-get -y dist-upgrade
apt-get -y autoremove
Reboot the server to complete the conversion process.
In order to test that you are using Kali Linux
uname -a
After we got our new Minimal Kali ready we need to cleanup some Debian's leftovers to finnish
systemctl stop rpcbind.socket
systemctl stop rpcbind
systemctl stop smbd
systemctl disable rpcbind.socket
systemctl disable rpcbind
systemctl disable smbd
That's It, now we can install any package we need from Kali repo.
Here are some of my personal packages I use daily, you can install with
apt install -y \
curl git open-vm-tools net-tools htop docker docker-compose \
dirb wfuzz dirbuster enum4linux gobuster nbtscan nikto nmap \
onesixtyone oscanner smbclient fern-wifi-cracker smbmap \
smtp-user-enum sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf \
sipvicious seclists wordlists hash-identifier hydra lib32z1 \
android-tools-adb android-tools-fastboot realtek-rtl88xxau-dkms \
wifite apktool apksigner
If you need Metasploit, run this to install it
apt install -y metasploit-framework postgresql
systemctl enable postgresql
systemctl start postgresql
msfdb init
msfconsole
AutoRecon Installation🔗
Based on this repo Tib3rius/AutoRecon
Install requirements:
apt install -y \
curl enum4linux gobuster nbtscan nikto seclists git \
nmap onesixtyone oscanner smbclient smbmap smtp-user-enum \
sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf sipvicious
python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git
Bettercap 1.6.2 Installation🔗
Install Ruby Gem
apt install -y ruby-full libpcap-dev
gem update --system
gem install bettercap
find where gems are installed:
Run and look for "- GEM PATHS:"
gem environment
follow the path and append gem. for example:
/var/lib/gems/2.5.0/gems/bettercap-1.6.2
Create a environmental symlink to Bettercap to root directory
ln -s /var/lib/gems/2.5.0/gems/bettercap-1.6.2/bin/bettercap /root/bettercap-1.6.2
run from root directory
./bettercap-1.6.2
Basic SSL Strip Example
bettercap-1.6.2 -X -T 192.168.1.104 --proxy
SSL Strip With XSS Example
bettercap-1.6.2 -X -T 192.168.3.104 --proxy --proxy-module injectjs --js-data "<script>alert('SSL STRIP, Script Injection')</script>"
Subfinder🔗
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well.
Installation:
Compiled file can be found here: Github Subfinder - Releases
Copy the link of the release from above The following exmaple is for release 2.3.3
wget https://github.com/projectdiscovery/subfinder/releases/download/v2.3.3/subfinder-linux-amd64.tar
tar -xvf subfinder-linux-amd64.tar
mv subfinder-linux-amd64 /usr/bin/subfinder
To Update - Repeat the Installation with the latest release
MobSF - Mobile Security Framework Docker🔗
Based on MobSF/Mobile-Security-Framework-MobSF
docker run \
-d \
-it \
-h mobsf \
-v /root/docker/mobSF:/root/.MobSF \
--name mobsf \
--restart always \
-e TZ=Asia/Jerusalem \
-p 50000:8000 \
opensecurity/mobile-security-framework-mobsf:latest
SSH Broken Pipe in Kali - Fix🔗
nano ~/.ssh/config
add this:
Host *
IPQoS=throughput