(PEN) TESTING

TOOLKITS:
BACKBOX & KALI LINUX
JELMER DE REUS

2014/01/07 LINUX/UNIX Night @msterdam

Overview

What are testing toolkits used for

What you can do with off-the-shelf distros
Comparing BackBox and Kali Linux
Considerations

What are testing toolkits used for?

Enumeration
Open

ports
Firewall/IDS testing
Topology mapping
Software version indexing

Vulnerability scan
Penetration testing
Social Engineering
Forensics

What are testing toolkits used for?

Enumeration
Vulnerability scan
Finding

software editions & leaks

Finding bad configurations
Faster insight than a whitebox scan

Penetration testing
Social Engineering
Forensics

What are testing toolkits used for?

Enumeration
Vulnerability scan
Penetration testing
Creatively,

and with the help of tools, exploring the

security boundaries for opportunities to exploit
WIFI cracking

Social Engineering
Forensics

What are testing toolkits used for?

Enumeration
Vulnerability scan
Penetration testing (incl. WIFI cracking)
Social Engineering
E.g.

emailing with hidden links in iFrames to get

malicious software on your target
Inject malicious software in regular software and
spread it

What are testing toolkits used for?

Social Engineer
Toolkit
Web

attack

What are testing toolkits used for?

Enumeration
Vulnerability scan
Penetration testing
Social Engineering
WIFI cracking
Cracking

wireless keys
Redirecting/tapping WIFI users
Social engineering (e.g. redirect to a fake website, collect pw)
Exploiting browsers

What are testing toolkits used for?

There can be also different use cases like

Network troubleshooting
Firewall

handling for fragmented packets

Stress testing networks and servers
DoS defense testing

BackBox Linux in short

Properties
Ubuntu user experience
Many functions through
the start menu
Not extensively
documented
However

its just Ubuntu

Non-root user
Smaller selection of
tools
Sorted

by technology

Updates of tools are

integrated and easy

Kali Linux in short

Properties
Custom Gnome2
ARM support (for
your Pi)
Extensive
documentation
Videos and books

Root user
Extensive collection
of tools
Sorted

by activity

Arduino IDE

Differences in menu structure

Differences in menu structure

BackBox Linux documentation

Forum
Technical

questions
Tooling requests
Howtos

Blog articles

(links at the end)

BackBox Linux Tutorials on sinflood.net

Kali Linux documentation

Extensive documentation
Securitytube
Youtube

(links at the end)

Kali Linux Books & Tutorials

Packt Publishing (5x)

Securitytube

DEMO GUI overview

BackBox Linux
Kali Linux

Tooling
What is it really about when choosing either?
Installed and available tools (very personal)
Keeping track of various types of updates, e.g.
Metasploit

Framework
OpenVAS signatures

Documentation and personal knowledge

Platform support (e.g. ARM)

Tooling - advice
Penetration Testing Execution Standard
PTES Technical Guidelines
Structured

index of available tools andn

technologies

Tools with an active community are more

reliable on the long term.

Tooling some favorites

Useful
Fragtest
Hping3
MSF Auxiliary scanners
Very dangerous
Social engineer toolkit
Sslsniff/sslstrip (this says more about SSL/TLS)

Tip: use databases in Metasploit

Tip: use databases in Metasploit

DEMO tooling overview

Thanks for your time! More

info:

Kali Linux
Main:

http://www.kali.org
Official Docs: http://www.kali.org/official-documentation /

BackBox Linux
Main:

http://www.backbox.org
Forum/Howto: http://forum.backbox.org /

Penetration Testing Execution Standard

http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines

Metasploit Unleashed
http://www.offensive-security.com/metasploit-unleashed/Main_Page