Background Image

Blog Post

Nov 13

At Home Pen Test For Kali

Whether you are just looking for something to do with a weekend, or are trying to get enough experience with testing to start a career in Cyber Security, practical exercises can be hard to come by. I'll share a few videos here and make a few suggestions, and depending on the questions we get this might become a regular feature here. Remember to obey the laws governing the applications of these methods.

Beef your way into your test gmail

The upside of this is learning how links and link shorteners are employed in the simplest terms. The attack changes as time goes by but it essentially is like real time keylogging. You might not be impressed by your ability to do this to yourself, but don't be too tempted to do it to anyone else. In a pentest environment under contract the liability waiver might absolve you, but your ex might press charges.

Create an instance of Metasploit and get meterpreter on test machine

The fantasy hack, owning a machine remotely, well... almost. There are a few ways to get "better" meterpreter access, but reverse shell is a foundation you can build on. Try improving on this method for systems that have some protections, and yes only do this at home on your own network unless hired to do otherwise. *Hint - test against a variety of browsers...

Hack your Android

Obvious method, another day. Same idea, but again this is to reinforce the mechanics of the mobile vector. This can be expanded on numerous ways.

Hack IPhone

Now that you have something to practice, I'll add some suggestions. Learn the information gathering techniques however you can, try fuzzing a test machine to get the needed information, wireshark, etherape, whichever tools can get you the details to try without physically going over and typing ifconfig or ipconfig on the target. That said, you may be surprised at how much you can learn while opening the target machine's browser, and be sure to take notes. This is in no way a course by itself, but certainly over time we hope to provide some handy resources.

We welcome tips in the comment section for newcomers, and will be back with more soon

Add Comment:
Please login or register to add your comment or get notified when a comment is added.
1 person will be notified when a comment is added.