(PEN) TESTING
TOOLKITS:
BACKBOX & KALI LINUX
JELMER DE REUS
2014/01/07 LINUX/UNIX Night @msterdam
�Overview
What are testing toolkits used for
What you can do with off-the-shelf distros
Comparing BackBox and Kali Linux
Considerations
�What are testing toolkits used for?
Enumeration
Open
ports
Firewall/IDS testing
Topology mapping
Software version indexing
Vulnerability scan
Penetration testing
Social Engineering
Forensics
�What are testing toolkits used for?
Enumeration
Vulnerability scan
Finding
software editions & leaks
Finding bad configurations
Faster insight than a whitebox scan
Penetration testing
Social Engineering
Forensics
�What are testing toolkits used for?
Enumeration
Vulnerability scan
Penetration testing
Creatively,
and with the help of tools, exploring the
security boundaries for opportunities to exploit
WIFI cracking
Social Engineering
Forensics
�What are testing toolkits used for?
Enumeration
Vulnerability scan
Penetration testing (incl. WIFI cracking)
Social Engineering
E.g.
emailing with hidden links in iFrames to get
malicious software on your target
Inject malicious software in regular software and
spread it
�What are testing toolkits used for?
Social Engineer
Toolkit
Web
attack
�What are testing toolkits used for?
Enumeration
Vulnerability scan
Penetration testing
Social Engineering
WIFI cracking
Cracking
wireless keys
Redirecting/tapping WIFI users
Social engineering (e.g. redirect to a fake website, collect pw)
Exploiting browsers
�What are testing toolkits used for?
There can be also different use cases like
Network troubleshooting
Firewall
handling for fragmented packets
Stress testing networks and servers
DoS defense testing
�BackBox Linux in short
Properties
Ubuntu user experience
Many functions through
the start menu
Not extensively
documented
However
its just Ubuntu
Non-root user
Smaller selection of
tools
Sorted
by technology
Updates of tools are
integrated and easy
�Kali Linux in short
Properties
Custom Gnome2
ARM support (for
your Pi)
Extensive
documentation
Videos and books
Root user
Extensive collection
of tools
Sorted
by activity
Arduino IDE
�Differences in menu structure
�Differences in menu structure
�BackBox Linux documentation
Forum
Technical
questions
Tooling requests
Howtos
Blog articles
(links at the end)
�BackBox Linux Tutorials on sinflood.net
�Kali Linux documentation
Extensive documentation
Securitytube
Youtube
(links at the end)
�Kali Linux Books & Tutorials
Packt Publishing (5x)
Securitytube
�DEMO GUI overview
BackBox Linux
Kali Linux
�Tooling
What is it really about when choosing either?
Installed and available tools (very personal)
Keeping track of various types of updates, e.g.
Metasploit
Framework
OpenVAS signatures
Documentation and personal knowledge
Platform support (e.g. ARM)
�Tooling - advice
Penetration Testing Execution Standard
PTES Technical Guidelines
Structured
index of available tools andn
technologies
Tools with an active community are more
reliable on the long term.
�Tooling some favorites
Useful
Fragtest
Hping3
MSF Auxiliary scanners
Very dangerous
Social engineer toolkit
Sslsniff/sslstrip (this says more about SSL/TLS)
�Tip: use databases in Metasploit
�Tip: use databases in Metasploit
�DEMO tooling overview
�Thanks for your time! More
info:
Kali Linux
Main:
http://www.kali.org
Official Docs: http://www.kali.org/official-documentation /
BackBox Linux
Main:
http://www.backbox.org
Forum/Howto: http://forum.backbox.org /
Penetration Testing Execution Standard
http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
Metasploit Unleashed
http://www.offensive-security.com/metasploit-unleashed/Main_Page
