I am trying to learn Kali Linux as part of Pen testing training.
Instead of creating a VM, I wanted to see if I can buy some cheap hardware and install Kali Linux.
Can you suggest one?
2 Likes
Kali will install on the smallest of requirements. I have it on an old asus eee and it works great
2 Likes
I would love to get in on some training. Any ideas of classes?
Perhaps, we could do an install and general use class for Kali Linux.
would Raspberry Pi suffice?
Do you know wether Kali is compute intensive or memory intensive?
I would use RPi 3+ or better yet an atom based x86. Just really depends on what your attempting to do?
metasploit requires at lease 512Mb + 128Mb for linux and 128Mb for tcp/ip.
hash cracking (wpa/wifi passwords) takes a lot of cpu and works better with cuda.
Phishing, well a Pi running nginx+php+mysql would handle the load well as headless and on the network. Same goes for as a reverse proxy / pivot point.
Again depends on your goal, target, and tools. Kali is just ubuntu + opensource toolkits. And to run all if it at one time their documentation states:
Requirements
- Kali Linux requires a minimum of 20GB hard disk space for installation.
- A minimum of 1GB RAM for i386 and AMD64 architectures.
- A bootable CD-DVD drive or a USB stick.
And to be clear if your learning to hack; don’t its about hacking to learn. If one is wanting to learn a technology, kali is ok as a collection and tool in the field but is the worst thing to learn the tools to pentest. It would be better to get a $15 HP Netbook (and yes this is the same one I use for pentesting) then install black arch or ubuntu, then install metasploit / social engineering toolkit, openssh and nmap/orphcrack. One can do a lot more with that setup than with the twenty+ tools that does the same thing in kali.
1 Like
Our first CTF did that and if your up for it we can post a second round after the Ubuntu Install fest (that way we get the latest version of kali too)
This was on my recommended list on YouTube …
Yes, I know enough to use it for small utilities.
The “Penetration Testing with Raspberry Pi - Second Edition” title implies some level of usability, has some basic setup and Kali help, and is free for the next few hours. https://www.packtpub.com/packt/offers/free-learning
1 Like
0% is still a percent. Not that RPis are not good computing machine just that they are bottlenecked by the available ram. So one can only preform one or two tasks a a time while pen testing with one. So I would say they’re more like 10% useable in headless cli mode.
The thing to remember is if one is pentesting their going to remote locations and need a reliable laptop with them plus a backup unit. The usual use case for a pi on a site is after a physical entrance breach one installed a pi for tapping into the edge gateway and another somewhere to act as a personal VPN (via a reverse shell [meterpiter, ssh -R …])
Looks like Nexus 5-10 are supported:
http://www.wirelesshack.org/kali-linux-compatible-tablets-and-smartphones.html
And the nexus 5’s are starting to go for a steel of $35.00: