Views

Report Content

×

Kali Linux: Professional Penetration Testing Tools Guide

Used by 78% of penetration testers, Kali Linux provides 600+ security tools. This tutorial covers Nmap, Burp Suite, and Metasploit with professional configurations, real-world attack scenarios, and defensive bypass techniques.

Kali Tool Usage in Penetration Tests (2023)

Nmap (45%)
Burp Suite (30%)
Metasploit (20%)
Other (5%)

1. Nmap Network Scanning

Nmap scan types comparison

Essential Scans:

  • Discovery: nmap -sn 192.168.1.0/24
  • Port Scan: nmap -sS -p- -T4 10.10.10.10
  • Service Detection: nmap -sV -sC -O 10.10.10.10

Enterprise Tip:

Use masscan for large networks (1M+ hosts) then verify with Nmap

2. Burp Suite Web Testing

Burp Suite testing workflow

Core Modules:

  • Proxy: Intercept and modify requests
  • Scanner: Automated vulnerability detection
  • Intruder: Custom parameter fuzzing
  • Repeater: Manual request manipulation

Professional Configurations:

  • Install CA certificate for HTTPS interception
  • Configure scope to avoid attacking non-target domains
  • Use Collaborator for out-of-band testing

Case Study:

Finding blind XSS via Burp Collaborator callback detection

3. Metasploit Framework

Metasploit exploitation workflow

Exploitation Process:

  1. Search for exploits: search exploit eternalblue
  2. Configure payload: set payload windows/x64/meterpreter/reverse_tcp
  3. Execute: exploit -j

Defensive Bypass:

Use msfvenom -e x86/shikata_ga_nai -i 5 for AV evasion

4. Integrated Attack Scenario

Full attack kill chain

Enterprise Penetration Test:

  1. Recon: Nmap scan discovers port 443
  2. Enumeration: Burp finds SQLi in web app
  3. Exploitation: Metasploit gains shell access
  4. Post-Exploit: Hashdump → Pass-the-Hash attack

Kali Tools Cheat Sheet

Tool Command Purpose Enterprise Use
Nmap -sS -sV -O Stealthy scanning Network audits
Burp Intruder Parameter fuzzing Web app testing
Metasploit exploit -j Background exploits Red teaming

5. Defensive Countermeasures

Against Nmap

  • Network segmentation
  • IDS signature tuning
  • Port randomization

Against Burp

  • WAF implementation
  • Rate limiting
  • CSRF tokens

Against Metasploit

  • Endpoint detection (EDR)
  • Patch management
  • Network segmentation

Kali Linux Proficiency Plan

✓ Master 10 Nmap scanning techniques
✓ Complete Burp Academy modules
✓ Exploit 5 HTB machines with Metasploit
✓ Document findings in Dradis

Senior Pentester Insight: The 2023 Offensive Security Report shows testers combining Nmap+Burb+Metasploit find 3x more vulnerabilities. Kali Linux remains the industry standard because its tools mirror real attacker methodologies.

Share and Join the Discussion

You need to be logged in to participate in this discussion.

×
×