Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

This course with Keith Barker offers training on BackTrack and Kali Linux, which provides easy access to an extensive collection of security-related tools ranging from port scanners to Security Audit....
This course with Keith Barker offers training on BackTrack and Kali Linux, which provides easy access to an extensive collection of security-related tools ranging from port scanners to Security Audit.

Related Area of Expertise:
  • IT Security

Recommended skills:
  • Virtualization (VirtualBox or VMware)
  • Wireshark Packet Capture software
  • GNS3
  • Linux
  • IPv4 and IPv6 networking (Network+, Juniper JNCIA or Cisco CCNA) or similar equivalent experience

Recommended equipment:
  • Virtualization software such as Virtual Box, or VMware. Dedicated hardware could be used instead of a virtual environment to run BackTrack or Kali Linux. A BackTrack/Kali supported wireless network card would also be needed to practice and use the wireless related tools.

Related certifications:
  • CEH
  • CCNA Security
  • CCNP Security
  • Check Point CCSA/CCSE
  • Juniper security certifications

Related job functions:
  • System, Network, and/or Web Penetration Tester
  • Security Architect
  • Network Security Engineer
  • Security Analyst
  • Computer Crime Investigator
  • CISO/ISO or Director of Security
  • Application Penetration Tester
  • Intrusion Analyst
  • Vulnerability Researcher/ Exploit Developer
  • Security Auditor
  • Security-savvy Software Developer


BackTrack is a Linux distribution designed by Jason Dennis based on the Ubuntu Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack and released it under the name Kali Linux.

Kali Linux is an advanced Penetration Testing and Security Auditing Linux distribution. Kali Linux Features a complete re-build of BackTrack Linux, adhering completely to Debian development standards. All-new infrastructure has been put in place, all tools were reviewed and packaged.

This course addresses both platforms and focuses on using the tools of BackTrack/Kali Linux for authorized penetration testing and vulnerability analysis for both wired and wireless networks. None of these tools should be used in any unauthorized, unlawful or harmful ways.
1. Welcome to the Tools of BackTrack and Kali Linux (7 min)
2. What is BackTrack? (4 min)
3. Install BT on a Virtual Machine (13 min)
4. Connecting to the Network (17 min)
5. Updating S/W and Using Integrated Help (7 min)
6. BT Wireless TX Power (10 min)
7. Uncovering Hidden SSIDs (12 min)
8. Bypassing MAC Address Filters (14 min)
9. Breaking WPA2 Wireless (10 min)
10. Rogue Wireless Access Points (23 min)
11. Wireless Mis-Association Attacks (15 min)
12. MITM Using Wireless Bridging (16 min)
13. Nmap: King of Scanners (36 min)
14. DHCP Starvation (12 min)
15. Vote for BT - as the new STP Root Bridge (19 min)
16. CDP Flooding (14 min)
17. Taking over HSRP (7 min)
18. DTP and 802.1q Attacks (22 min)
19. ARP Spoofing MITM (16 min)
20. Metasploit Framework (19 min)
21. PWNing a System with MSF (26 min)
22. Creating a "Pivot Point" (18 min)
23. Social-Engineer Toolkit (SET) (20 min)
24. Ettercap and Xplico (18 min)
25. DNS Spoofing (13 min)
26. Hydra (22 min)
27. Maltego (14 min)
28. Kali Linux (15 min)
29. Burp Suite (14 min)
30. Raspberry Pi & Kali Linux (17 min)
31. Scapy (23 min)
32. Hping3 (28 min)
33. Parasite6 (14 min)
34. IPv6 THC Tools (28 min)
35. Custom Password Lists (13 min)
36. Hashes and Cracking Passwords (18 min)
37. Rainbow Tables and Ophcrack (14 min)
38. Wireshark (23 min)
39. Virtual Test Environment (19 min)
40. Detecting Rootkits (11 min)

Welcome to the Tools of BackTrack and Kali Linux

00:00:00

Hi. I'm Keith Barker. And on behalf of the entire CBT Nuggets family, I'd like to welcome you to the tool sets of BackTrack and Kali Linux. In this introduction, I'm going to share with you a couple of critical things, including how to get the absolute most out of the series and how to keep safe.

00:00:16

Let's begin. I am very excited about the idea of you joining me in this BackTrack Kali Linux series. When I talk about BackTrack with individuals, a lot of times people have never even heard of it, which is really surprising to me. BackTrack and its replacement, Kali Linux, have literally hundreds of hacking and penetration testing tools all built in.

00:00:38

So you basically install the BackTrack or the Kali, and the tools are just ready to go. Now I want to share with you a word of caution with using any type of hacking or penetration testing tools. Let's imagine that there's a young man who's 22 years old, and he has his hands on BackTrack or Kali Linux.

00:00:55

And he takes one of the tools, or many of the tools, and launches them. And, whether he intended to or not, let's say he disrupts the business, steals information, or causes damage to a public network or to a public company, or even to his private company.

00:01:11

What is going to be the impact, negative impact, to that person if he is caught as the perpetrator of that attack? And the answer is never anything good. That's going to be a very, very bad situation. So I want to make sure, right off the top, that we make sure that we're going to use these tools for White Hat use only.

00:01:30

And you might say, well, Keith, exactly what does that mean, White Hat use? Does that mean I have to put on a white hat every time we're going to use these tools? And the answer is, not a physical white hat, but a logical White Hat. A White Hat is an individual who is going to use the tools only in an authorized manner, meaning you've got explicit authorization to do exactly the tests and the penetration testing tools you're going to be using, or they're on their own private network and never going to touch, bother, damage, or disturb anything outside of their own private network that they're completely in control of.

00:02:03

So that would be White Hat use. The far extreme of that, which would get you into trouble, very likely, is Black Hat. And that's where you use the tools to do malicious things to networks where you're not authorized. We want to stay completely away from Black Hat.

00:02:18

And Gray Hat is everything else that's not really clearly defined. So I would encourage you to stick with only White Hat use on authorized networks where you are in control or authorized for the specific tools you're going to be using. And if you're not sure if you're authorized or not to run a specific tool, don't run it.

00:02:38

If you do anything that is illegal or not authorized, it's completely on you. And I would strongly recommend you completely avoid any of that activity. This series is intended for individuals who, at a bare minimum, understand network fundamentals. For example, if I said to you, hey, what is an IP subnet? How does DHCP work? What is ARP? What's the difference between IP version 4 and IP version 6? A person should be able to at least understand those concepts before they ever start attempting to use attack or penetration testing tools there are covered in this series.

00:03:15

So there's lots of great resources for those fundamentals, like Network Plus, and Cisco, and HP, and Juniper have entry-level courses in training. I would strongly recommend you have a solid understanding of the fundamentals of the network before you start approaching tools that could be used for penetration testing and hacking against those networks and systems.

00:03:37

To emphasize it one more time, we only want to use any of these tools in an authorized environment only. For example, let's say you and I get hired to go into a company and to do penetration testing and vulnerability assessment. And when we walk in, we're just not going to open up the entire toolkit and start launching everything.

00:03:54

We are going to have requirements and guidelines of what we're allowed to do and not do. So even in those environments, where you have specific authorization to do some tools, it doesn't mean you get to do everything. You have to stay within the guidelines that you're explicitly authorized to do.

00:04:10

Any time you or I step outside the lines of what we are authorized to do, we are putting ourselves at risk, which is never a good idea. So stay safe. At the end of the day, the major benefit of using these tools in a positive, authorized way is to improve the overall security posture for a network.

00:04:30

For example, let's say we have a company. They have a network. It's in place. They've put in the correct controls, the technical controls, access list, authorization, authentication, all that stuff. And they think it's set. Then they hire a third-party company to come in.

00:04:44

They have that third-party company run a certain set of penetration testing tools within guidelines, just to verify that the defense mechanisms that they currently have in place are enough. And if they're not, they get the results from the penetration testing, and they can make changes to improve their security, again, with the goal of making sure we have the best fortress of security possible for that network.

00:05:06

To get the absolute most out of this series, I would strongly recommend, to stay out of trouble and to have the opportunity to practice these commands, build an isolated-- meaning not connected to the rest of the network-- build a test network where you can go ahead and practice.

00:05:21

And it can be a physical network, completely separate, or you can do it virtualized. You can have a virtual network living inside your host computer, again, keeping it separate from the outside world so that none of your attacks will accidentally leak out to any production networks.

00:05:37

Once we have that test network in place, the secret to becoming good with these tools is to practice, practice, practice in that isolated area, that test network that we've created. Now here's something that I've discovered many, many years ago. If I'm reading a book or watching a video, and I try out a command myself, a lot of times, I might have a typo, I might miss a switch or an option in the command line, and so the command doesn't work.

00:06:01

Very, very frustrating. So here's what I've done. For many of the videos, I've overlaid the actual commands I'm using in bigger fonts. So if you're on a smaller viewing device, you can actually see the commands. And check this out. I've also included, for many of the videos, Nuggetlab files.

00:06:16

And these Nuggetlab files are the commands that I'm actually issuing. So if you wanted to, in your sandbox test environment, practice those same exact commands, you could download, from the Nuggetlab download area, those files. And that way, you could verify the actual commands by looking at the file.

00:06:32

Or if you wanted to copy paste, you could do that as well. And this last bullet. Just as a reminder, please only use these tools in an authorized way. And if you're not sure, you're not sure if you're authorized to use a tool, or you're not sure what damage it will cause, the answer is don't run it.

00:06:48

Stay on the correct side of the line. Keep yourself out of trouble. And only use any of these tools in an authorized manner. With these safety guidelines in place, I am so looking forward to enjoying this time with you in this series. We're going to have a blast.

What is BackTrack?

Install BT on a Virtual Machine

Connecting to the Network

Updating S/W and Using Integrated Help

BT Wireless TX Power

Uncovering Hidden SSIDs

Bypassing MAC Address Filters

Breaking WPA2 Wireless

Rogue Wireless Access Points

Wireless Mis-Association Attacks

MITM Using Wireless Bridging

Nmap: King of Scanners

DHCP Starvation

Vote for BT - as the new STP Root Bridge

CDP Flooding

Taking over HSRP

DTP and 802.1q Attacks

ARP Spoofing MITM

Metasploit Framework

PWNing a System with MSF

Creating a "Pivot Point"

Social-Engineer Toolkit (SET)

Ettercap and Xplico

DNS Spoofing

Hydra

Maltego

Kali Linux

Burp Suite

Raspberry Pi & Kali Linux

Scapy

Hping3

Parasite6

IPv6 THC Tools

Custom Password Lists

Hashes and Cracking Passwords

Rainbow Tables and Ophcrack

Wireshark

Virtual Test Environment

Detecting Rootkits

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 11 hrs 40 videos

COURSE RATING

Basic Plan Features


Speed Control
Included in this course
Play videos at a faster or slower pace.

Bookmarks
Included in this course
Pick up where you left off watching a video.

Notes
Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

NuggetLab
Included in this course
Files/materials that supplement the video training

Premium Plan Features


Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Keith Barker
Nugget trainer since 2012