0 Today tutorial is about Kali-Linux! It's not just one post, it's consecutive post.... Let us dive deep into the world of Kali Linux and understand the basic functionality of some of its most popular tools. We will begin by looking at the directory structure used by Kali. Understanding the memory layout Kali follows a directory structure that is similar to Ubuntu-based Linux. Some of the important locations to look for include the following: /etc/: Contains configuration files of the installed tools /opt/: Contains Metasploit and its relevant modules /sys/: Contains configuration files of external hardware and interfaces /root/: It is the root user directory /lib/: Contains libraries dependent on the operating system Most of the tools and software used for penetration testing and assessment can be found from the Applications menu on the desktop. The list is logically arranged based on the usability of the tools. To access them, browse to Applications| Kali Linux. **** Information gathering and sniffing with Kali Linux **** Kali Linux contains an exclusive set of tools that can help in the process of information gathering. Nmap (the network port mapper), DNSmap, and Trace are some important tools included. Let us cover some of the tools from specific categories. 1. DNSmap analysis Domain Name System(DNS) is a hierarchically distributed naming system of servers/resources connected to the Internet. The domain names are used to access that particular service. For example, www.packtpub.comis used to access the HTTP server hosted by Packt Publishing. Let us check out the DNSmap tool provided in Kali. DNSmap is a tool that is used to discover all the subdomains associated with a given domain. Passing the following command at the terminal will show complete DNS mapping for www.nazret.com root@kali:~ ‪#‎ dnsmap‬ nazret.com 2. Network scanners Network scanners are used to enumerate a public or a private network and to gain information about it. Nmapis by far the most popular information-gathering tool. It is a powerful tool that is used to scan a computer or a complete network for open ports along with services running on those ports. This information can be useful for professional auditors and pen-testers in order to target certain services to compromise the target. Passing the following command will list the various scan options available: root@kali:~ ‪#‎ namp‬–h A simple UDP scan can be launched using the following command: root@kali:~#namp –sU 192.168.5.0-255 3. Detecting live hosts Fpingis a popular tool used to identify whether a given host is connected to a network or not. root@kali:~ ‪#‎ fping‬ google.com google.com is live 4. SSL analysis SSLScanis a fast SSL port scanner that connects to the SSL port, determines which ciphers and SSL protocols are supported, and returns the SSL certificate. 5. Network sniffing Dsniffis a collection of tools that can perform a wide variety of sniffing tasks. These tools work by passively monitoring the network traffic for interesting data such as passwords, key transfers, and e-mails. Some of the tools in this suite include urlsnarf, WebSpy, mailsnarf, and so on. Netsniffis a fast and robust networking toolkit specifically designed for Linux platforms. It can be used for network development analysis, debugging, auditing, and so on. netsniff-ng is a fast network analyzer based on packet mmap(2) mechanisms. It can record .pcapfiles to a disc, replay them, and also perform an offline and online analysis. This enough for today.... we will continue about kali