Kali Linux 2.0 New Desktop Overview

Kali 2.0 Desktop 1

After ten years of evolution, Offensive Security brings us Kali 2.0! Kali 2.0 is by far the easiest to use of all the Backtrack/ Kali releases. For those used to the original Kali, the new Kali looks very different. But it is a good thing! The menus have been completely re-organized and streamlined and many of the tools are represented by helpful icons. Let’s take a look a few minutes and look at some of the new features of Kali 2.

If you purchased my “Basic Security Testing with Kali Linux” book which was written for the original version of Kali, this overview will help get you acclimated to the new desktop look quickly, all the underlying tools are pretty much the same. My new book, “Intermediate Security Testing with Kali Linux 2” is already written for Kali 2.0.

What’s new in Kali 2?

  • New user interface
  • New Menus and Categories
  • Native Ruby 2.0 for faster Metasploit loading
  • Desktop notifications
  • Built in Screencasting

Kali 2 is much more streamlined and the layout flows very well compared to earlier versions of Kali/ Backtrack. It just feels like everything is at your fingertips and laid out in a very clear and concise manner.

Desktop Overview

The new Desktop looks very good and places everything at your fingertips:

Kali 2.0 Desktop 2

Favorites Bar

The new Kali comes with a customizable “Favorites bar” on the left side of the desktop. This menu lists the most commonly used applications to get you into the action quicker:

Kali 2.0 Desktop 3

Just click on one and the represented tool is automatically started with the required dependencies. For example, clicking on the Metasploit button pre-starts the database software and checks to make sure the default database has been created before launching Metasploit.

Clicking on the “Show Applications” button on the bottom of the favorites bar reveals a lot more applications. The programs are arranged in folders by type:

Kali 2.0 Desktop 4

If you don’t see the app you want, just type in what you are looking for in the search bar.

Applications Menu

A list of common program favorites listed by categories is located under the Applications menu:

Kali 2.0 Desktop 5

The tools are laid out logically by type. For example, just click on the Web Application Analysis menu item to see the most common web app testing tools:

Kali 2.0 Desktop 6

Notice that I didn’t say “all” of the tools for a specific category would be listed. This is because the menu system only shows the top tools and not all of the tools available in Kali. In reality only a fraction of the installed tools in Kali are actually in the menu system. Most of the tools are accessible only from the command line.

Command Line Tools

The majority of tools are installed in the “/usr/share directory”:

Kali 2.0 Desktop 7
These tools (as well as tools listed in the menu) are run simply by typing their name in a terminal. Take a few moments and familiarize yourself with both the menu system and the share directory.

Auto-minimizing windows

Another thing that is new in Kali 2 is that some windows tend to auto-minimize and seem to dis-appear at times. When a window is minimized you will see a white circle to the left of the associated icon on the favorite bar. In the screenshot below, it is showing that I have two terminal windows minimized:

Kali 2.0 Desktop 8

If I click on the terminal icon once the first terminal window will appear, click twice and both minimized terminal windows re-appear:

Kali 2.0 Desktop 9

You can also hit “Alt-Tab” to show minimized windows. Keep the “Alt” key pressed and arrow around to see additional windows.

Workspaces

As in the earlier versions of Kali/ Backtrack you also have workspaces. If you are not familiar with workspaces, they are basically additional desktop screens that you can use. Hitting the “Super Key” (Windows Key) gives you an overview of all windows that you have open. If you have a touch screen monitor you can also grab and pull the workspaces menu open. With workspaces you are able to drag and drop running programs between the workspaces:

Kali 2.0 Desktop 10
Places Menu

The Places menu contains links to different locations in Kali:

Kali 2.0 Desktop 11

Screencasting

Kali 2 also has the capability to do screen casting built in. With this you can record your security testing adventures as they happen!

Kali 2.0 Desktop 12

Apache Webserver

At the time of this writing, the Service Icons to stop, start and restart Apache Web Server seem to have been removed from Kali 2. Not a problem as you can start them from a terminal prompt by using the following commands:

  • To Start – “service apache2 start” or “/etc/init.d/apache2 start”
  • To Stop – “service apache2 stop” or “/etc/init.d/apache2 stop”
  • To Restart – “service apache2 restart” or “/etc/init.d/apache2 restart”

As seen below:

Kali 2.0 Desktop 13

You can now surf to Kali’s webserver, notice the default webpage has changed from Kali 1:

Kali 2.0 Desktop 14

The root website is also one level deeper now located in a folder called HTTP:

Kali 2.0 Desktop 15
So when you use the Apache server, just drop your website pages/folders into the “/var/www/html/” directory instead of the old “/var/www/” directory.

Upgrading

Keeping your Kali install up to date is very important. Enter the following commands to update Kali:

  • apt-get update
  • apt-get dist-upgrade
  • reboot

Hopefully this overview will help get you up and running on Kali 2.0 quickly.

If you want to learn the basics of Ethical Hacking using the powerful Kali Platform using step-by-step hands on tutorials, check out Check out my Kali book series available on Amazon.com:

Basic Security Testing with Kali Linux

Kali 2.0 Book Cover

 

Advertisements

Book Review: BackTrack 5 Wireless Penetration Testing Beginner’s Guide

If you want an easy to follow, step by step guide to analyzing and testing Wi-Fi security, look no further than Vivek Ramachandran’s “Backtrack 5 Wireless Penetration Testing Beginner’s Guide”.

The author masterfully guides you on a path from the basic principles of Wi-Fi to advanced monitoring and attacks.

Vivek starts you out by preparing your wireless lab, installing Backtrack 5, configuring your wireless cards and access point.

Then after a brief overview of wireless frames, you get to work right away by sniffing traffic with Wireshark so you can see what these frames actually look like.

But that is just the beginning.

The author then takes you on a step by step journey of the most common attacks used against WLANs. This includes everything from bypassing authentication & cracking encryption, to advanced techniques like man-in-the-middle attacks and attacking WPA-Enterprise. He then finishes the book with discussing Wireless penetration methodology, testing and reporting.

It has been a while since I have seen a book like this. You will learn step by step, command by command, using the ever popular penetration testing platform Backtrack 5. Each chapter builds on what you have learned in the previous. The text is very clear to follow and the pictures perfectly display and clarify the techniques you are learning.

For best results, you should have at least a basic knowledge of Linux or Backtrack 5 and Wi-Fi.

If you are interested in computer security, and want to learn how Wireless networks are attacked and how to defend against it, then look no further. I highly recommend this book.

* I had the absolute honor of working on this project as a technical editor for Packt Publishing. Vivek is an exceptional person with a deep passion for sharing his knowledge of IT security.

He was one of the winners of Microsoft’s Security Shootout contest in India, worked at Cisco as an Engineer, founded SecurityTube.net, discovered the wireless “Caffe Latte Attack” and presented at numerous security conferences including Blackhat, Defcon and Toorcon.

Book Review: “OWNED: Why Hacking Continues to be a Problem” by Mister Reiner

Mister Reiner gave me a copy of this book quite a while ago. I have finally gotten around to reading it and I was pleasantly surprised. With so many quality titles out there on computer security, honestly I was a bit skeptical, but this book brings in a breath of fresh air.

I loved Mister Reiner’s introduction. I feel that his battle of convincing co-workers that their network has in fact been penetrated is echoed in many workplaces around the world. Sometimes the hardest people to convince that there has been a computer intrusion are those who are in charge of securing the network.

With the majority of my experience being in the small business field I was very impressed with chapter 2, “The Standard Security Template”. This is probably one of the best step by step views of securing a new small network system that I have yet seen in print. Most books focus on large corporate networks, but Mister Reiner has provided an excellent setup guide for securing a small network. Mister Reiner also covers the basic knowledge needed to secure a system and the importance of system documentation.

Next, Mister Reiner takes a look at hackers and their tactics. Chapter 5, “Hacking 201 – Getting more technical” is one of my favorite chapters. In this chapter, Mister Reiner gives you a unique, over the shoulder view of a hack in progress. Even though it is not a technical, in-depth, step by step how to, it still gives you an amazing view into what hackers target and how they would operate against an online database server.

Mister Reiner continues with a look at the different skill level of hackers and how their skill level determines their operational techniques. This includes recon, mapping of a network, and using E-Mail to penetrate a system. Once penetrated, Mister Reiner shows some of the techniques hackers use to consolidate their hold on the network using smart Trojans and sleepers.

Finally, Mister Reiner wraps up the book with a look at the monumental task of deciphering and catching malicious traffic through logs and intrusion detection systems. With the holes in operating systems and applications, volumes of data to monitor and the ever present human factor, I wholeheartedly agree with Mister Reiner’s summation. Which is, to completely secure a system, we need to “Throw out all the hardware, operating systems and applications we use now – and reengineer everything from scratch.”

OWNED: Why Hacking Continues to be a Problem” gives a very good look at network security, the tactics of hackers and the struggles of securing systems against these threats. The book is not overly technical and is easy to read. If you are new to computer security and want to know more, I highly recommend this book.