Kali Linux is a Linux distribution designed for use by penetration testers and information security professionals/enthusiasts. I’ve been using it since it was known as BackTrack Linux. In that time, I’ve gathered my own collection of customisations to enhance the functionality of Kali. This article describes my standard changes and additions, which I hope other cybersecurity enthusiasts will find useful.
First of all, you’ll need an installation of Kali Linux if you don’t already have one. These notes have been written for Kali 2018.1 but should apply equally well to future versions.
My choice of ‘spin’ is the 64-bit XFCE version. I’ve never liked KDE and went off GNOME with all their design shenanigans on version 3 so tend to use XFCE now. You can use the KDE or GNOME spins though, it’s largely a cosmetic preference.
Download Kali from here and install it on your dedicated pen-test machine/partition or a virtual machine.
In the UNIX/Linux world, dotfiles are configuration files for applications and shells that are stored in user home directories. They determine how the environment will look and function. I keep my dotfiles under version control (GitHub), which gives some significant benefits such as portability of personal settings between machines, backups of configuration, etc.
If you have your own collection of dotfiles, install them now. If you don’t, check out my dotfiles on GitHub and consider starting your own collection. It’s a super useful idea. Either way, at this point open a root terminal in Kali and install these common packages that my dotfiles include:
At this point, I usually make various tweaks to the XFCE desktop environment – changing colours, fonts, icons, docks – but that will be left as an exercise to the reader. You can take some inspiration from the screenshot above.
A Note on Terminator
Terminator is a Linux terminal emulator that presents multiple resizable terminals in a single window. I suppose it’s a bit like screen or tmux except designed for use within an X Windows GUI. It also supports command ‘macros’ that can be executed from a right-click menu. My dotfiles include various pen-test related Terminator macros - I find it’s a good timesaver. If you’re not familiar with Terminator, you just installed it above, so go check it out!
Update & Install Packages
OK, so now let’s get down to business. First, update the new installation to the latest patches:
apt-get update && apt-get --assume-yes upgrade
Next, I install the kali-linux-all package. This contains pretty much every Kali-specific security tool. It will take up a few gigabytes of disk space and take a while to download. It’s worthwhile though to ensure you don’t find yourself missing a tool when working somewhere with no (or slow) Internet access. Run the following command in the terminal:
If you’re using a virtualised environment, install Open VM Tools to support file drag & drop, resizing of windows, etc. with this command:
apt-get install open-vm-tools-desktop fuse
I don’t recommend manually install VMWare Tools with Kali if you are using VMWare, just use Open VM Tools.
At this point (on virtual machine), I usually disable the XFCE automatic screenlock via the XFCE Power Manager interface.
Over and above the extra packages installed by the kali-linux-all group, I also install the following packages. These are more general tools like system administration tools which come from the upstream Debian repositories rather than the Kali specific ones. This is basically a list of extras that I have picked up over time from CTFs and challenges like OSCP. Run the following in a root terminal:
There are a number of useful security related plugins for Firefox which are not installed by default. Again, these are just my personal preferences based on previous activities – feel free to add your own.
OpenVAS is an open source vulnerability scanner similar to Nessus or Nexpose. I’m not a big user of it but it does occasionally come in handy.
Run the OpenVAS Initial Setup script from the Kali applications menu. When it’s finished, start Firefox and bookmark the local URL for OpenVAS on the bookmarks bar. Save the login password you created during the initial setup in Firefox.
Veil Framework Initialisation
Veil Framework is a tool designed to generate Metasploit payloads which bypass common anti-virus scanners.
Start the Veil Framework for the first time from the Kali Applications menu. This will take a little while as various Windows support files are installed.
MSF Database Initialisation
The Metasploit Framework can use a database backend for storing project data. In Kali this needs to be initialised before use by running the following commands as root:
update-rc.d postgresql enable
service postgresql start
Kali includes a number of useful Windows security tools. Quite a few of these live in /usr/share/windows-binaries/ but there are some others scattered around. I create some symlinks to centralise everything in the windows-binaries directory with the following commands:
I also download a variety of 3rd party Windows binaries and installers. These tools are generally associated with Windows privilege escalation, forensics or pivoting activities. Download and unpack the tools with the following commands (you can copy and paste the whole thing in to the terminal in one go):
Wordlists are useful for identifying weak password use. Kali includes a handful of these lists as standard but I like to have a larger selection on hand. These lists will take up an extra ~1GB of storage when unpacked.
Download and unpack additional wordlists with the following commands:
Rainbow tables are also a useful tool in this area, but due to their size I store mine outside of Kali. If you don’t have any, check out the 0phcrack tables page.
There are some Linux based security tools which are not included in the Kali distribution, perhaps because they are quite new or a bit obscure. I download these extra tools to the /opt directory with the following commands:
Eagle-eyed readers will notice a couple of tools in the above list which are included in Kali. There are reasons for this – usually the GitHub versions have more features or have important bugfixes that have not found their way to Kali (yet).
The /user/share/webshells/ directory in Kali has a number of useful web server shell scripts. Something that is not present that I got tired of typing out is a simple “phpinfo()” script. Such a script can be prepared with the following command:
echo"<html><body><p>PHP INFO PAGE</p><br /><?php phpinfo(); ?></body></html>" > /usr/share/webshells/php/php-info.php
PyInstaller is a handy tool to “compile” Python scripts (e.g., exploit code) to a standalone executable file. Often, I’ll use a dedicated Windows virtual machine for making such files, but it is useful to have PyInstaller configured within Kali via Wine for convenience.
Download and install Python and PyInstaller inside Wine with the following commands (there will likely be a newer version of Python available by the time you read this):
Python scripts can then be “compiled” to EXEs inside Kali using commands such as wine pyinstaller --onefile exploit.py. Occasionally with more complex Python scripts this doesn’t work properly and must be done inside Windows, but it’s still a good day-to-day timesaver.
I keep all of these steps documented here in a Markdown file on GitHub. The version on GitHub is maintained and up to date, so if you are reading this a long time after I published this article, you may want to go there for the latest version. If you have any suggestions for other tools/changes, by all means get in touch and let me know.
Did you like this article? Please consider supporting this site.