Why Kali Linux for Pentesting

                  Kali Linux For Pentesting

With a plathora of operating systems, there exists operating systems such as kali linux. Kali linux is an open source project that is maintained and funded by Offensive Security.

Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services.

Kali Linux is specifically geared to meet the requirements of professional penetration testing and security auditing. To achieve this, several core changes have been implemented in Kali Linux which reflect these needs:

1. Single user, root access by design: Due to the nature of security audits, Kali Linux is designed to be used in a “single, root user” scenario. Many of the tools used in penetration testing require escalated privileges, and while it’s generally sound policy to only enable root privileges when necessary, in the use cases that Kali Linux is aimed at, this approach would be a burden.
2. Network services disabled by default: Kali Linux contains sysvinit hooks which disable network services by default. These hooks allow us to install various services on Kali Linux, while ensuring that our distribution remains secure by default, no matter what packages are installed. Additional services such as Bluetooth are also blacklisted by default.
3. Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless injection.
4. A minimal and trusted set of repositories: given the aims and goals of Kali Linux, maintaining the integrity of the system as a whole is absolutely key. With that goal in mind, the set of upstream software sources which Kali uses is kept to an absolute minimum. Many new Kali users are tempted to add additional repositories to their sources.list, but doing so runs a very serious risk of breaking your Kali Linux installation.

Is Kali Linux Right For You?

Kali is a Linux distribution specifically targated for professional penetration testers and security specialists, and is generally not recommanded distribution if you are unfamilliar with Linux or looking for a general purpose linux desktop distribution for development, web design, gaming, etc.

For security reasons the developement team behind the kali linux is small and trusted with packages signed by the individual committer and the team both. Further, the set of upstream repositories from which updates and new packages are drawn is very small. Adding repositories to your software sources which have not tested by the Kali Linux Development team can lead to a unstable system. Trying to install Steam on your Kali Linux desktop is an experiment that will not end well. Even getting a package as mainstream as NodeJS onto a Kali Linux installation can take a little extra effort and tinkering.
If you are unfamiliar with Linux generally, if you do not have at least a basic level of competence in administering a system, if you are looking for a Linux distribution to use as a learning tool to get to know your way around Linux, or if you want a distro that you can use as a general purpose desktop installation, Kali Linux is probably not what you are looking for.

In addition, misuse of security and penetration testing tools within a network, particularly without specific authorization, may cause irreparable damage and result in significant consequences, personal and/or legal. “Not understanding what you were doing” is not going to work as an excuse.

However, if you’re a professional penetration tester or are studying penetration testing with a goal of becoming a certified professional, there’s no better toolkit — at any price — than Kali Linux.

If you are looking for a Linux distribution to learn the basics of Linux and need a good starting point, Kali Linux is not the ideal distribution for you. You may want to begin with Ubuntu, Mint, or Debian instead. If you’re interested in getting hands-on with the internals of Linux, take a look the “Linux From Scratch” project.

The Hacker's Culture

                   

         The Hacker's Culture

"Whatever you may have heard about hackers, the truth is they do something really, really well: discover. Hackers are motivated, resourceful, and creative. They get deeper into how things work, to the point that they know how to take control of them and change them into something else. This lets them re-think even big ideas because they can really dig to the bottom of how things function. Furthermore, they aren't afraid to make the same mistake twice just out of a kind of scientific curiosity, to see if that mistake always has the same results. That's why hackers don't see failure as a mistake or a waste of time because every failure means something and something new to be learned. And these are all traits any society needs in order to make progress."


The quoted text is an excerpt from the Lessons Of HackerHighschool. You can explore more by clicking here.

So, we have got a lot of hacker talks ongoing in the planet, discussions revolving around who is a hacker, hackers and their types and so on. So what essentially is Hacker's Culture. Let's explore further.


There exists a community, a community of hackers with a shared culture of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. Community includes hobbyists who break into systems without harming others, just to analyze and gather information so that they understand the system well enough, and to creatively craft the system to make it the best version of itself.


The hacker culture can be interpreted as a subculture of individuals who enjoy the intellectual challenges of creatively overcoming limitations of software systems to achieve novel and clever outcomes. And the attitude of hacker is the vital element to make the culture of hackers to remain defined.


Left to his or her own devices, a hacker can spend hours working on a computer program while neglecting everything else but individually, many hackers are not antisocial.


The Hacker Attitude

Hackers love to solve problems and make things up and running, and they believe in freedom of their own kind. Hackers voluntary for mutual help. To be like hackers and to be accepted by them, you have to behave as though you have this kind of attitude yourself and you have to really believe the attitude.


Becoming the kind of person who believes these things is important for us - for helping you learn and keeping you motivated with all creative arts, the most effective way to become a master is to imitate the mind-set of masters-not just intellectually but emotionally as well.


Or, as the following modern Zen poem has it:


    To follow the path:

    look to the master,

    follow the master,

    walk with the master,

    see through the master,

    become the master.


So to be one of them you have to believe in the Hacker Attitude:

1. The world is full of fascinating problems waiting to be solved.

To be a hacker is lots of fun but, its a kind of fun that takes lots of effort consistency and motivation. To be a hacker you have to get a basic thrill from solving problems, sharpening our skills, and exercising our intelligence.

Similarly, to be a hacker you have to get a basic thrill from solving problems, sharpening your skills, and exercising your intelligence.

If you aren't the kind of person that feels this way naturally, you'll need to become one in order to make it as a hacker.

You also have to develop a kind of faith in your own learning capacity, a belief that even though you may not know all of what you need to solve a problem, if you tackle just a piece of it and learn from that, you'll learn enough to solve the next piece, and so on, until you're done.


2. No problem should ever have to be solved twice.

Creative brains are a valuable, limited resource. They shouldn't be wasted on re-inventing the wheel when there are so many fascinating new problems waiting out there. To behave like a hacker, you have to believe that the thinking time of other hackers is precious, so much so that it's almost a moral duty for you to share information, solve problems and then give the solutions away just so other hackers can solve new problems instead of having to perpetually re-address old ones.


Note, however, that "No problem should ever have to be solved twice." does not imply that you have to consider all existing solutions sacred, or that there is only one right solution to any given problem. Often, we learn a lot about the problem that we didn't know before by studying the first cut at a solution. It's OK, and often necessary, to decide that we can do better. What's not OK is artificial technical, legal, or institutional barriers (like closed-source code) that prevent a good solution from being re-used and force people to re-invent wheels.

(You don't have to believe that you're obligated to give all your creative product away, though the hackers that do are the ones that get the most respect from other hackers. It's consistent with hacker values to sell enough of it to keep you in food and rent and computers. It's fine to use your hacking skills to support a family or even get rich, as long as you don't forget your loyalty to your art and your fellow hackers while doing it.)


3. Boredom and drudgery are evil.

Hackers (and creative people in general) should never be bored or have to drudge at stupid repetitive work because when this happens it means they aren't doing what only they can do, solve new problems. This wastefulness hurts everybody. Therefore boredom and drudgery are not just unpleasant but actually evil. To behave like a hacker, you have to believe this enough to want to automate away the boring bits as much as possible, not just for yourself but for everybody else (especially other hackers).


There is one apparent exception to this. Hackers will sometimes do things that may seem repetitive or boring to an observer as a mind-clearing exercise, or in order to acquire a skill or have some particular kind of experience, you can't have otherwise. But this is by choice, nobody who can think should ever be forced into a situation that bores them.


4. Freedom is good.
 

Hackers are naturally anti-authoritarian. Anyone who can give you orders can stop you from solving whatever problem you're being fascinated by, and, given the way authoritarian minds work, will generally find some appallingly stupid reason to do so. So the authoritarian attitude has to be fought wherever you find it, lest it smothers you and other hackers. (This isn't the same as fighting all authority. Children need to be guided and criminals restrained. A hacker may agree to accept some kinds of authority in order to get something he wants more than the time he spends following orders. But that's a limited, conscious bargain; the kind of personal surrender authoritarians want is not on offer.)


Authoritarians thrive on censorship and secrecy. And they distrust voluntary cooperation and information-sharing, they only like ‘cooperation’ that they control. So to behave like a hacker, you have to develop an instinctive hostility to censorship, secrecy, and the use of force or deception to compel responsible adults. And you have to be willing to act on that belief.


5. Attitude is no substitute for competence.

To be a hacker, you have to develop some of these attitudes. But copping an attitude alone won't make you a hacker, any more than it will make you a champion athlete or a rock star. Becoming a hacker will take intelligence, practice, dedication, and hard work. Therefore, you have to learn to distrust the attitude and respect competence of every kind. Hackers won't let posers waste their time, but they worship competence, especially competence at hacking, but competence at anything is valued. Competence in demanding skills that few can master is especially good, and competence at demanding skills that involve mental acuteness, craft, and concentration is best.


If you revere competence, you'll enjoy developing it in yourself, the hard work and dedication will become a kind of intense play rather than drudgery. That attitude is vital to becoming a hacker.

Hacker Emblem - Glider from Connwey's Game of Life

    

                Hacker Emblem - The Glider

The Linux folks got their penguin and the BSD users have their daemon. Pearl got a camel and so on. Historically, the hacker community is not yet represented by some internationally accepted logo or we can say emblem. But it seems that the adoption of Glider From Conway's Game Of Life Algorithm is in its alpha-testing stage.

About half the hackers this idea was alpha-tested on instantaneously said "Wow! Cool!" without needing any further explanation.

The graphic at the adjacent of the page is called a glider. It's a pattern from a mathematical simulation called the Game of Life. In this simulation, very simple rules about the behavior of dots on a grid give rise to wonderfully complex emergent phenomena. The glider is the simplest Life pattern that moves, and the most instantly recognizable of all Life patterns.

Why this emblem?

The glider is an appropriate emblem on many levels. Start with history: the Game of Life was first publicly described in Scientific American in 1970. It was born at almost the same time as the Internet and Unix. It has fascinated hackers ever since.
In the Game of Life, simple rules of cooperation with what's nearby lead to unexpected, even startling complexities that you could not have predicted from the rules (emergent phenomena). This is a neat parallel to the way that startling and unexpected phenomena like open-source development emerge in the hacker community.
The glider fulfills the criteria for a good logo. It's simple, bold, hard to mistake for anything else, and easy to print on a mug or T-shirt. It could be varied, combined with other emblems, or modified and infinitely repeated for use as a background.

Can We use it?

The glider is not copyrighted or trademarked.
When you use the glider on our web page or put it on clothing or use it in some other way, then you are visibly associating yourself with the hacker culture.
This is not quite the same thing as claiming to be a hacker yourself. But by using this emblem, you express sympathy with hackers' goals, hackers' values, and the hacker way of living.

There are mugs and T-shirts available with the emblem.

Where to buy?

Follow the links below to know more about. The links may go stale at any time.

• Zortmeister on Zazzle
• hackerlogo.com