Skip to content

Kali Linux🔗

Minimal Headless Kali Linux installation - Works for Cloud VM Installation (NO GUI)🔗

This is a simple guide to install Minimal Headless Kali Linux by converting a Debian Linux to Kali Linux distro without any unnecessary tools. Basicity you install the tools you need.

First of all we will need a clean Debian Linux local or at any cloud provider with ssh access

Let's convert! We will install two packages which allow as to replace Debian's repo to kali repo

apt update

apt install -y gnupg gnupg2

apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6

rm -rf /etc/apt/sources.list

echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list

Now after we replaced the repo to Kali we need to install the Basic Kali Linux core

apt -y update

apt-cache search kali-linux

apt install -y kali-linux-core

apt-get -y update

apt-get -y dist-upgrade

apt-get -y autoremove

Reboot the server to complete the conversion process.

In order to test that you are using Kali Linux

uname -a

After we got our new Minimal Kali ready we need to cleanup some Debian's leftovers to finnish

systemctl stop rpcbind.socket rpcbind smbd

systemctl disable rpcbind.socket rpcbind smbd

That's It, now we can install any package we need from Kali repo.

Here are some of my personal packages I use daily, you can install with

apt update && apt install -y \
curl wget git dnsutils whois open-vm-tools net-tools htop   \
dirb wfuzz dirbuster enum4linux gobuster nbtscan nikto nmap \
onesixtyone oscanner smbclient fern-wifi-cracker crowbar smbmap \
smtp-user-enum sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf \
sipvicious seclists wordlists hash-identifier hydra lib32z1 \
adb fastboot realtek-rtl88xxau-dkms docker docker-compose \
wifite apktool apksigner zipalign default-jre default-jdk \
screenfetch xsltproc binwalk python3-pip screenfetch \
subfinder chrony hcxtools libssl-dev hcxdumptool hashcat bully \
traceroute libpcap-dev npm sqlmap wpscan exploitdb netcat-openbsd \
man-db crunch python2.7-dev zlib1g-dev libpcap-dev

Metasploit Install🔗

apt install -y metasploit-framework postgresql

systemctl enable postgresql

systemctl start postgresql

msfdb init

Start:

msfconsole

AutoRecon Installation🔗

Based on this repo Tib3rius/AutoRecon

Install requirements:

apt install -y \
curl enum4linux gobuster nbtscan nikto seclists git \
nmap onesixtyone oscanner smbclient smbmap smtp-user-enum \
sslscan tnscmd10g whatweb snmpcheck wkhtmltopdf sipvicious

python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git

Bettercap 1.6.2 Installation🔗

Warning

If you have Bettercap 2.x you should change the environmental path for running both Bettercap versions to run properly

Install Ruby Gem

apt install -y ruby-full libpcap-dev
gem update --system
gem install bettercap

Basic SSL Strip Example

bettercap -X -T 192.168.1.104 --proxy

SSL Strip With XSS Example

bettercap -X -T 192.168.3.104 --proxy --proxy-module injectjs --js-data "<script>alert('SSL STRIP, Script Injection')</script>"

To find that Bettercap installation from ruby gems:

gem environment

the path should be under GEM PATHP for example:

/var/lib/gems/2.7.0/gems/bettercap-1.6.2

MobSF - Mobile Security Framework Docker🔗

Based on MobSF/Mobile-Security-Framework-MobSF

docker run \
-d \
-it \
-h mobsf \
-v /root/docker/mobSF:/root/.MobSF \
--name mobsf \
--restart always \
-e TZ=Asia/Jerusalem \
-p 50000:8000 \
opensecurity/mobile-security-framework-mobsf:latest

SSH Broken Pipe in Kali - Fix🔗

nano ~/.ssh/config

add this:

Host *
    IPQoS=throughput

Comments