Linux Security Distributions (W1) - Pentestmag

Learn risk mitigation strategies, install and configure "K" Linux and "K" Linux 2.0 and understand the penetration testing standards.

We sincerely hope that this course will acheive its goal, which is if you have a problem in "K", you can find the solution in one place.
Get trained with real world examples of the best tools in "K" 1.0 and "K" 2.0, from a team of penetration testers, with years of experience.


4CPE CREDICTS


The access to this course is restricted to PenTest Premium or IT Pack Premium Subscription


After completing this course you will be able to: 

  • Create your own custom "K" ISO, operation and configuration, attack scenarios, secrets of password security, list of useful tools and explanations.
  • Get to know about almost every tool available in the OS, their advantages and disadvantages, as well as how to use them and for what.

How does the training look like?

Twice in a month the instructor provides the students with the materials regarding the topic of this particular issue. Each portion of the delivered materials is gathered in a form of an in-depth article describing and explaining the topic. Additionally the instructor is sharing other media files, like videos, if applicable.
Except of the article, each lesson includes homework to test the gained knowledge and skills of the student. Once the homework is done, the student is sharing his results with the instructor and having a live chat with him in the appointed hours.
Additionally, for the course period, the instructor is available via e-mail for students to ask questions and confront their thoughts with the instructor.
The additional option of the courses is the possibility for the students to interact with themselves, seeking some support or just discussing some course related issues.


COURSE SYLLABUS

What will you learn in this workshop


“K” Linux 1.0 Training (Introduction + 7 modules + Test):

 

  • Introduction
    This is a brief article with the goal of introducing the reader to the awesome world of "K" Linux. This is not an exhaustive introduction to this Operating System (OS), but its purpose is just to give an idea of the many possibilities provided by this Linux OS which is born as Pen Testing distro but can be used in several others ways.

 

  • Snifng
    Management, Control, and Data frames are unencrypted and can thus be easily read by someone who is monitoring the air space. It is important to note that the data packet payload can be protected using encryption to keep it confidential. The Pen Tester can register the airspace by putting our card into monitor mode. The instructor has started a monitor mode interface in order to sniff wireless packets on the air. Then, with a network analyzer (Wireshark), he has registered the traffic on the monitor mode interface (furthermore, he has filtered packets by means of filter expressions used to monitor only selected packets from devices he was interested in). He shows that the packet headers of Management, Control, and Data Wi-Fi frames are clear and do not contain any encryption. It is important to note that anyone can modify these packets and retransmit them, since there is no integrity or replay attack avoidance methods in the protocol. In order to mitigate this weakness, the author suggests the use of strong encryption methods applied to Wi-Fi connections.

  • WEP
    In this article the instructor has described two WEP attacks, the rst was a bypass authentication attack where an attackers fakes the WEP authentication. The latter shows how to crack a WEP PSK. Hence, WEP is a weak authentication protocol that even with complex keys could be cracked by specic tools (in our case Aircrack-ng tool and its utilities was used) when a sucent large number of encrypted data packets was captured.

  • WPA
    Since WPA-PSK is vulnerable to a dictionary attack, the instructor feeds the capture le containing the WPA four-way handshake and a list of common passwords to Aircrack-ng. Since the password used by the target was present in the le, Aircrack-ng was able to crack the WPA PSK. Notice that in the dictionary based attacks, you are just as good as the dictionary you have. Thus, it is important to obtain a large and elaborate dictionary before you begin.

  • Rogue Access Points
    This articles reports two important threats regarding Wi-Fi networks, they’re called Cae Latte attack and Rougue Access Point (AP). Both threats uses the Honeypot philosophy, where a malicious device is set up in order to cheat a client to use it instead the legitimate AP. The rst one is a particular technique used to crack a WEP PSK, the latter is usually used in order to gain the access to a private Local Area Network (LAN).

  • Cafe Latte
    This article has described two important threats belonging to Wi-Fi networks. Moreover, the commands that should be typed by a Pen Tester on a "K" Linux box in order to accomplish this technique was reported step by step by the author. Finally, the countermeasures which should be taken by users and network administrators in order to avoid this threats are reported too.

  • Man in the Middle
    In this article the instructor has described what is an Evil Twin AP and how to set up it by mean of a "K" Linux Box. Moreover, both commercial and accademic contermeasures was reported in order to show to the reader some solutions to this threat.

 

  • Session Hijacking
    Through this article, a session hijacking attack was discussed and presented by the instructor. At the beginning and by means of an MITM setup, the Pen Tester was able to see and sniff all the packets sent by the victim. And using the Dnsspoof tool that was run on the Pen Tester’s device, fake DNS responses are being sent to the victim’s machine with the Pen Tester device’s IP address, as it is the requested domain. The victim’s laptop accepted the response and the browser sent an HTTP request to the Pen Tester’s IP address on port 80 where a web server was settled up.

 


 “K” Linux 2.0 Training (Introduction + 5 modules + Test):


How to create your own custom "K" ISO, operation and configuration, attack scenarios, secrets of password security, list of useful tools and explanations. You will also get to know about almost every tool available in the OS, their advantages and disadvantages, as well as how to use them and for what.We sincerely hope that this course will acheive its goal, which is if you have a problem in "K", you can find the solution in one place.

With this course, security engineers and penetration testers can take a first look into the new powerful OS from Offensive Security, "K" 2.0. Get trained with real world examples of the best tools in "K" 2.0, from a team of penetration testers, with years of experience.


 

  • INTRODUCTION:
  1. Make a bootable "K" Linux 2.0 USB and install "K" 2.0 from it, into a Virtual Machine with encryption.
  2. Find a way to install the drivers on your AMD graphics card PC (OpenCL).
  3. Use Oclhashcat to crack a WPA passphrase with GPU power.
  4. Use the nuke way to destroy and then restore your virtual machine "K" 2.0 installation.

  • Module 1.
  1. Make a bootable "K" Linux 2.0 USB and install "K" 2.0 from it, into a Virtual Machine with encryption.
  2. Find a way to install the drivers on your AMD graphics card PC (OpenCL).
  3. Use Oclhashcat to crack a WPA passphrase with GPU power.
  4. Use the nuke way to destroy and then restore your virtual machine "K" 2.0 installation. (It will be hard, so feel free to ask anything in the forums).

 


  • Module 2.

In this module of Penetration Testing with "K"2.0, we dive into password attacking, with methods of testing the strength of our passwords, using the most famous and powerful tools of "K" 2.0. We cover topics from CPU to GPU cracking, with a big variety of services, hashes and file types for cracking. In the end we take a small glimpse into the world of reverse engineering and the tools that come with "K" 2.0.

  1. Find the file in a windows machine that contains a WPA2 network password and try to crack it with hashcat.
  2. Do the same thing with OclHashCat and compare the time that the 2 tools need for the completion of the task.
  3. Use a "vista" rainbow table in ophcrack to try and crack a Windows 10 password.
  4. Find the location and crack a Mac OS X 10.4+ salted SHA-1 password hash, with John the ripper.
  5. Crack the same thing with Johnny and compare the time that the 2 tools need for the completion of the task.

    • Instructor’s guidance;
    • Exercises and challenges;
    • Open discussion with the instructor and other students;
    • An e-book of all the materials in pdf and epub formats;
    • Certificate of Completion;
    • Media files, like video.

Your instructor: Mirko Raimondi

mirkoMirko Raimondi obtained his Master’s degree in Computer Science from the University of Milan – Computer Science Dept. He has been working as a Software Engineer and he has been a CCNA-security in course. He’s interested in VoIP, network security and steganography methods.

SW Engineer at AIM Sportline
Programming: C, C++ and Java;
Networking: TCP, UDP, IP multicasting, IPv4/6, NAT-T, DNS, DHCP, Firewalling, Routing, 802.1q, 802.3, 802.11x;
VoIP: RTP, RTCP, SRTP, RTSP, SIP, de-Jittering, Timing, QoS, CoS;
Audio Codecs: G711, G729, G723, AMR-NB, AMR-WB;
Penetration Testing: WiFi and VoIP infrastuctures;
Linux Systems: Bash, Netfilter/IPtables, RedHat, Kali.

 

 


Contact
Questions? Reach out to us at [email protected]

Course Reviews

4

4
6 ratings
  • 5 stars1
  • 4 stars4
  • 3 stars1
  • 2 stars0
  • 1 stars0
  1. more depth in wireless based

    3

    good to go

  2. Great Course

    4

    Enjoyed the course.

    Gained good knowledge, thanks for the great work!

  3. Great Course ...

    4

    Great Experience

  4. Nice!

    4

    Good work.

    What I also liked was that there was not only writen how to do it, but also the countermeasures. Also handy to know.

  5. Nice Work !!

    4

    Good Documentation, and brief explanation of stuff, i like this course.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023