WebT

Kali Linux is something you must have heard before and you might also have been told how important and useful it is for professionals in cybersecurity and [penetration testing. This post is aimed at helping you have a good overview of Kali Linux and how to even have it on your personal computer. Kali Linux is a free and open-source operating system designed for digital forensics and penetration testing. It is based on the Debian Linux distribution and is developed and maintained by Offensive Security.  Kali Linux includes a wide range of tools and utilities for tasks such as network security assessments, vulnerability scanning, and penetration testing. It also includes a custom desktop environment and a large repository of pre-installed software.  Kali Linux is primarily used by cybersecurity professionals and researchers, but it can also be used by individuals who want to learn more about cybersecurity and network security.  It is important to note that Kali Linux is a powerful operating system with a wide range of tools and utilities that can be used for both legal and illegal purposes. It is important to use Kali Linux responsibly and only for lawful purposes.  And I know I did talk about terms that are probably unfamiliar like Open-source and Debian-based. The term open source is a term you would be hearing a lot about once you’re journeying into cyber-security. Consider Open-Source as a piece of software where the source code is made freely available. In a much clearer form, some software can just be installed or downloaded and all you get is working software but with open-source software, you get the software, the full source code and that’s whatever makes up the software and you’re able to modify it however pleases you.Debian-based means that Linux is based on Debian and Debian should just be seen as a Linux distribution that is composed of open-source software. Now that that is all clarified, I’m sure you want to know more about KaliLinux and understand why it’s quite desirable when learning about cybersecurity and penetration testing. There are quite a lot of operating systems out there and the widely used ones are personal computers like Windows and MAC OS but these can’t be used for practical cybersecurity and penetration testing suitably. Kali Linux on the other hand is like an OS built and customized for penetration testing. The big deal about Kali Linux is listed below. It is completely free of charge to use and Kali did promise that it will always be completely free. It is completely customizable and you can have it customized anyhow you like it. It has got hundreds of tools to help with learning cybersecurity and penetration testing It has got multi-language support and that means you can operate it in your native language and finally, It is open source and you’re free to tweak the source code that goes into Kali Linux. The interesting thing about Kali Linux is you have to understand the tools in it, and how to use it and you also need to understand Kali Linux on its own because as the saying goes “You need to learn how to walk before you can be bothered about how to run.To get things started with Kali Linux, the video below should give you an overview on how to install Kali Linux on your PC. Be kind enough to subscribe to the channel and turn on post notifications as there is going to be tonnes of video more to come on things related to Kali Linux.

Google hacking, also known as “Google dorking,” refers to the practice of using advanced search operators and specialized search queries to find specific types of information or vulnerabilities on the internet. This can be used to find information that is not intended to be publicly available, or to discover vulnerabilities in websites or systems.  Google hacking can be used for a variety of purposes, including research, security assessments, and malicious attacks. It is important to note that Google hacking can be used for both legal and illegal purposes, and it is important to use these techniques responsibly and only for lawful purposes.  Google provides a list of advanced search operators that can be used to refine search queries and find specific types of information. These operators can be combined in various ways to create specialized search queries that can help to find specific types of information or vulnerabilities.  Google hacking can be a useful tool for cybersecurity professionals and researchers, but it can also be misused by individuals with malicious intent. It is important to be aware of the potential risks and to use these techniques responsibly.  To explain this, I’ll say; Just disregard the title because we’re not hacking google. I’m sure we all know Google as it’s a search engine we’ve heard of. We all use google to search for whatever query it is we have and we all tend to find answers with the help of Google. But of course, there is a whole lot more to Google than it meets the eye. I’ll explain of course. I’m actually quite good with website designs and it’s a skill I’ve picked up since I was 14, and it dated back to me having a blog with blogger.com but that’s not what I’m trying to explain. As a web developer, I do have a working understanding of SEO and that means Search Engine Optimization and believe me, it’s this very tricky thing that entails ranking the website/content on a search engine’s top page. For you to get ranked properly, there is a bit that entails having to submit your sitemap to google and this also means google tends to crawl on your entire website and then have content analyzed then google ranks it. If in a few months you make some updates to your website content, and you archived some content out of your website or some files are not properly hidden, google would pick that file up but it might not appear whenever people just make a random search like querying your address, customer care number e.t.c This is where we come in as hackers and this is where we get to fully understand google hacking in a cyber-security context. Google hacking from a cybersecurity point of view means doctoring our queries when performing a search on Google just to get streamlined answers from google. Using Google hacking, you can potentially find a wide range of information, depending on the search query you use. This could include:  Sensitive information that is not intended to be publicly available, such as login credentials or personal information  Vulnerabilities in websites or systems, such as SQL injection vulnerabilities or unsecured access points  Information about specific individuals or organizations, such as contact information or employment history  Information about specific technologies or software, such as documentation or known vulnerabilities  Information about specific industries or topics, such as news articles or research papers  Here are 20 examples of Google hacking queries that you can use to find specific types of information or vulnerabilities on the internet:  “inurl:login” – Finds pages with “login” in the URL  “inurl:admin” – Finds pages with “admin” in the URL  “intext:password” – Finds pages with the word “password” in the text  “site:gov filetype:pdf” – Finds PDF files on government websites  “site:edu filetype:doc” – Finds Word documents on educational websites  “intitle:index of” – Finds directories that have “index of” in the title  “inurl:ftp” – Finds FTP servers with the word “ftp” in the URL  “intext:@gmail.com” – Finds pages with Gmail addresses in the text  “intext:@yahoo.com” – Finds pages with Yahoo! addresses in the text  “filetype:xls inurl:budget” – Finds Excel spreadsheets with “budget” in the URL  “intext:username” – Finds pages with the word “username” in the text  “intext:email” – Finds pages with the word “email” in the text  “inurl:wp-content” – Finds WordPress sites with “wp-content” in the URL  “intext:sql injection” – Finds pages with the phrase “SQL injection” in the text  “inurl:php?id=” – Finds pages with a PHP ID parameter in the URL  “inurl:login.php” – Finds pages with “login.php” in the URL  “inurl:register.php” – Finds pages with “register.php” in the URL  “intext:vulnerability” – Finds pages with the word “vulnerability” in the text  “filetype:doc inurl:confidential” – Finds Word documents with “confidential” in the URL  “inurl:search?q=” – Finds pages with a search query parameter in the URL  It is important to note that these queries are just examples, and you can use different combinations of advanced search operators and keywords to find specific types of information or vulnerabilities. It is also important to use these techniques responsibly and only for lawful purposes.  It might not be that straightforward because I’m explaining it in a way you might struggle to visualize. Watch the video below to understand more about how Google hacking works and see it being shown.