Training Kali Linux Dojo
From BruCON 2014
Contents
- 1 Kali Linux Dojo by Mati Aharoni "Muts"
- 2 Course Contents
- 2.1 Part #1: Kali Linux - Under the Hood
- 2.2 Part #2: Rolling you Own - Generating Custom Kali Linux ISOs
- 2.3 Part #3: Pre-seeding, Automating and Managing Kali installations
- 2.4 Part #4: Penetration Testing from your Pocket - Kali Linus on ARM and Android Devices
- 2.5 Part #5: The Ultimate Hardware Backdoor - Kali Linux Edition
- 3 Prerequisites
- 4 Trainer Biography
Kali Linux Dojo by Mati Aharoni "Muts"
Course Description
The developers of Kali Linux present the first official all-day Kali Linux event at BruCON 2014. Consisting of five, one-hour workshops, we will take you on a unique journey through Kali Linux while providing rare insights and an in-depth look at the most powerful features available in our advanced penetration-testing platform.
Created by the Kali Linux development team and debuted in Europe at BruCON 2014, this event will also includes an interactive Q&A session with the developers, hands on instructions on creating your own custom Kali Linux ISOs, automatic unattended installations of Kali Linux, enterprise management of the distribution, building and utilizing Kali Linux on ARM platforms, and a step by step creation of a custom Raspberry Pi image – transforming it into an effective hardware backdoor. If you’ve ever wished for fluent proficiency with Kali Linux, this workshop is for you.
If you want to play along with us, you’ll need to come prepared with a fast laptop running an updated version of Kali Linux. For more details about the workshop and its requirements, check out our "Kali Linux Workshop Release Notes."
Course Contents
Part #1: Kali Linux - Under the Hood
In this workshop, we will introduce the Kali Linux security auditing distribution, its history, development, architecture, and features. We will delve into how we got to where we are today, how penetration-testing tools are evaluated for inclusion in the distribution, and a look at the road ahead. If we have enough time, we’ll also dabble with altering and patching Kali packages.
At the end of this session, we will also conduct a Q & A session where individuals can ask the Kali developers questions about the project. If you are new to Kali Linux and need a guided introduction, or you have specific questions for the Kali team, this is the workshop for you.
Workshop Goals – Get to know the developers, get warmed up and set-up, build some basic Kali Packages.
Part #2: Rolling you Own - Generating Custom Kali Linux ISOs
One of the most powerful features of Kali Linux is the ability to create your own flavors of the distribution containing customized tools, desktop managers, and services. This workshop will show you how to create your own personalized Kali Linux ISO, customizing virtually every aspect using the live-build utility and making efficient use of the various meta-packages available in Kali.
Workshop Goals – Attendees should be able to understand and independently build complex Kali images, such as the Kali Linux ISO of Doom.
Part #3: Pre-seeding, Automating and Managing Kali installations
Kali Linux supports several interesting installation and deployment options, which will be explored in depth. In this workshop, we’ll show you how to deploy Kali over the network with PXE and iPXE technologies, pre-seed installations, deploy custom Kali setups, and then use the Salt management and configuration package to manage multiple installations of Kali throughout the enterprise.
Workshop Goals – Attendees should be able to install and automate Kali Linux instances to fit specific needs. Fluency in Network installs, pre-seeding and slipstreaming packages. If time permits, enterprise management of Kali with Salt.
Part #4: Penetration Testing from your Pocket - Kali Linus on ARM and Android Devices
Kali Linux supports ARMEL and ARMHF architectures. This allows us to put Kali on a variety of interesting hardware platforms, as well as easily conduct chroot installs of Kali Linux on Android. In this workshop, we will show you how to install Kali Linux within a chroot environment on an Android device.
Workshop Goals – Attendees should be able to manually create custom Kali ARM images for use as chroot environments such as Android devices. Attendees should also be able to deploy these images on their Android cellphones, and be fluent with supportive Android applications such as Linux Deploy.
Part #5: The Ultimate Hardware Backdoor - Kali Linux Edition
This will be the concluding session, where we’ll use methods demonstrated throughout the day to show you how to create your very own “Raspberry Pi of Doom,” based off Kali Linux and a Raspberry Pi. The configuration involves creating an image file that contains a minimal Kali installation, which on boot, connects back to the penetration tester over a VPN connection and bridges the remote target network with the testers’. This image can then also be used on an Android device – proving to be perhaps the most potent hardware backdoor of them all. Workshop Goals – Attendees should be able to manually create custom native Kali ARM images for a Raspberry Pi, which have similar properties to the “ISO of Doom." This includes compiling a custom ARM kernel for the Raspberry Pi.
Prerequisites
The workshop is both computer and network intensive. We’ve got the network part covered, but as you’ll be using your own laptops for the exercises, we’ve got some recommendations for you:
- Familiarity with Linux is a must. We will be whizzing across modules, racing you with exercises. You wont be able to keep up if you’re not familiar with the Linux command line (needed for workshops 2-5).
- Bring a powerful laptop with a 1 Gbps network port and a fast hard drive. Bootstrapping and building ISOs will take a very long time on a machine which isn’t up to spec and you will likely be left behind (needed for workshops 1-5).
- Your laptop should have a full installation of 64 bit Kali Linux, either as a native installation, or as a virtual machine. Make sure it’s fully updated and that you have at least 80 GB of free space (needed for workshops 2-5).
- Recent cellphone/tablet running rooted Android, together with a fast MicroSD device with at least 8 GB free space (Needed for workshop 4).
- Fast, bootable USB drive with at least 8 GB capacity. Make sure the USB device is able to boot your laptops with a Linux OS (needed for workshop 2-3) ahead of time.
- We recommend you follow us on Twitter. This will allow us to keep you updated with any additional instructions, downloads, or requirements for each of these events.
Trainer Biography
Mati Aharoni "Muts" is the founder and core developer of the Kali Linux project, as well as the CEO of Offensive Security. Over the past year, Mati has been developing a curriculum designed for users who wish to make the most out of the Kali Linux operating system. By bringing together several advanced features in the Kali OS and projecting them into useful and practical scenario based exercises, the Kali Linux workshop was born. The workshop is designed to be a fast-paced, crash course to the most advanced features in the distribution, giving attendees the ability and freedom to bend Kali Linux to fit their needs.
More information is available on Kali Linux Workshop Release Notes.
@kalilinux
Wed. 24 September 2014 (09:00 - 17:00)