Kali Linux\ub294 \ubcf4\uc548 \uc804\ubb38\uac00\ub098 \ud574\ucee4\ub4e4\uc774 \uc0ac\uc6a9\ud558\ub294 \uce68\ud22c \ud14c\uc2a4\ud2b8(penetration testing) \ubc0f \ub514\uc9c0\ud138 \ud3ec\ub80c\uc2dd\uc744 \uc704\ud55c \ub9ac\ub205\uc2a4 \ubc30\ud3ec\ud310\uc785\ub2c8\ub2e4. \uc218\ubc31 \uac00\uc9c0\uc758 \ubcf4\uc548 \ub3c4\uad6c\uac00 \uc0ac\uc804 \uc124\uce58\ub418\uc5b4 \uc788\uc73c\uba70, \uac01 \ub3c4\uad6c\ub294 \ud2b9\uc815\ud55c \ubaa9\uc801\uc744 \uac00\uc9c0\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
\ud83d\udd27 Kali Linux \uc8fc\uc694 \ub3c4\uad6c \uc124\uba85 \ubc0f \uc0ac\uc6a9\ubc95 \uc694\uc57d
\n1. \uc815\ubcf4 \uc218\uc9d1 (Information Gathering)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nnmap\t\ub124\ud2b8\uc6cc\ud06c \uc2a4\uce90\ub2dd \ubc0f \ud3ec\ud2b8 \uc2a4\uce90\ub2dd \ub3c4\uad6c\tnmap -sS 192.168.1.1
\nwhois\t\ub3c4\uba54\uc778 \uc815\ubcf4 \ud655\uc778\twhois example.com
\ndnsenum\tDNS \uc815\ubcf4 \uc218\uc9d1\tdnsenum example.com
\ntheHarvester\t\uc774\uba54\uc77c\/\uc11c\ube0c\ub3c4\uba54\uc778 \ub4f1 \uc815\ubcf4 \uc218\uc9d1\ttheHarvester -d example.com -b google<\/p>\n
2. \ucde8\uc57d\uc810 \ubd84\uc11d (Vulnerability Analysis)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nnikto\t\uc6f9 \uc11c\ubc84 \ucde8\uc57d\uc810 \uc2a4\uce90\ub108\tnikto -h http:\/\/example.com
\nOpenVAS\t\uc885\ud569\uc801\uc778 \ucde8\uc57d\uc810 \uad00\ub9ac \uc2dc\uc2a4\ud15c\t\uc6f9 GUI \uc0ac\uc6a9 (openvas-start)
\nlynis\t\uc2dc\uc2a4\ud15c \ubcf4\uc548 \uac10\uc0ac \ub3c4\uad6c\tlynis audit system<\/p>\n
3. \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \uacf5\uaca9 (Web App Attacks)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nBurp Suite\t\uc6f9 \uc694\uccad \ubd84\uc11d \ubc0f \uacf5\uaca9 \ud504\ub85d\uc2dc\tGUI\ub85c \uc0ac\uc6a9
\nOWASP ZAP\t\uc790\ub3d9 \uc6f9 \ucde8\uc57d\uc810 \uc2a4\uce90\ub108\tzap \uc2e4\ud589 \ud6c4 \uc6f9 \ube0c\ub77c\uc6b0\uc800 \ud1b5\ud574 \uc870\uc791
\nsqlmap\tSQL Injection \uc790\ub3d9\ud654 \ub3c4\uad6c\tsqlmap -u “http:\/\/example.com?id=1” –dbs<\/p>\n
4. \ubb34\uc120 \uacf5\uaca9 (Wireless Attacks)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\naircrack-ng\t\ubb34\uc120 \uc554\ud638 \ud574\ud0b9 \ub3c4\uad6c \ubaa8\uc74c\tairmon-ng, airodump-ng, aircrack-ng
\nreaver\tWPS \ucde8\uc57d\uc810 \uc774\uc6a9\ud55c WPA\/WPA2 \ud574\ud0b9\treaver -i wlan0mon -b [BSSID] -vv<\/p>\n
5. \ud328\uc2a4\uc6cc\ub4dc \uacf5\uaca9 (Password Attacks)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nhydra\t\uc6d0\uaca9 \uc11c\ube44\uc2a4 \ube0c\ub8e8\ud2b8\ud3ec\uc2f1\thydra -l admin -P pass.txt 192.168.1.1 ssh
\njohn\t\ud328\uc2a4\uc6cc\ub4dc \ud574\uc2dc \ud06c\ub799\tjohn –wordlist=rockyou.txt hashfile.txt
\nhashcat\tGPU \uae30\ubc18 \ube60\ub978 \ud574\uc2dc \ud06c\ub798\ucee4\thashcat -m 0 -a 0 hashes.txt wordlist.txt<\/p>\n
6. \uc18c\uc15c \uc5d4\uc9c0\ub2c8\uc5b4\ub9c1 (Social Engineering)
\n\ub3c4\uad6c\t\uc124\uba85\t\uc0ac\uc6a9 \uc608
\nSET (Social-Engineer Toolkit)\t\ud53c\uc2f1 \uc0ac\uc774\ud2b8, \uc545\uc131 \ud30c\uc77c \uc0dd\uc131 \ub4f1\tsetoolkit \uba85\ub839\uc5b4\ub85c GUI \uba54\ub274 \uc9c4\uc785<\/p>\n
7. Exploit \ub3c4\uad6c
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nMetasploit Framework\t\uc885\ud569 \uc775\uc2a4\ud50c\ub85c\uc787 \ud50c\ub7ab\ud3fc\tmsfconsole\ub85c \uc2e4\ud589
\nsearchsploit\tExploit DB\uc5d0\uc11c \ucde8\uc57d\uc810 \ucf54\ub4dc \uac80\uc0c9\tsearchsploit apache 2.4<\/p>\n
8. \ud3ec\ub80c\uc2dd (Forensics)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nAutopsy\t\ub514\uc9c0\ud138 \ud3ec\ub80c\uc2dd GUI \ud234\tGUI \uc2e4\ud589 \ud6c4 \uc99d\uac70 \uc774\ubbf8\uc9c0 \ubd84\uc11d
\nVolatility\t\uba54\ubaa8\ub9ac \ud3ec\ub80c\uc2dd \ub3c4\uad6c\tvolatility -f mem.dmp –profile=Win7SP1x64 pslist<\/p>\n
9. \ub9ac\ubc84\uc2a4 \uc5d4\uc9c0\ub2c8\uc5b4\ub9c1 (Reverse Engineering)
\n\ub3c4\uad6c\t\uc124\uba85\t \uc0ac\uc6a9 \uc608
\nGhidra\t\ubc14\uc774\ub108\ub9ac \uc5ed\uacf5\ud559 \ub3c4\uad6c\tghidraRun\uc73c\ub85c GUI \uc2e4\ud589
\nradare2\t\ud130\ubbf8\ub110 \uae30\ubc18 \uc5ed\uacf5\ud559 \ud234\tr2 binary.exe
\nOllyDbg\/Wine\tWindows\uc6a9 \ub514\ubc84\uac70 (Wine\uc5d0\uc11c \uc2e4\ud589)\twine OllyDbg.exe<\/p>\n
\ud83d\udcc1 Kali Linux \ub3c4\uad6c \uc2e4\ud589 \ubc29\ubc95
\n\ub300\ubd80\ubd84\uc758 \ub3c4\uad6c\ub294 \ud130\ubbf8\ub110\uc5d0\uc11c \uc9c1\uc811 \uc2e4\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
GUI \uae30\ubc18 \ub3c4\uad6c\ub294 Kali \uba54\ub274\uc5d0\uc11c \uc2e4\ud589\ud558\uac70\ub098 kali-tools-* \ud328\ud0a4\uc9c0 \uc124\uce58 \ud544\uc694 \uc2dc \ub2e4\uc74c\uacfc \uac19\uc774 \uc124\uce58:<\/p>\n
bash
\n\ubcf5\uc0ac
\n\ud3b8\uc9d1
\nsudo apt update
\nsudo apt install kali-linux-top10
\nsudo apt install kali-tools-web<\/p>\n
\ud83d\udcd8 Kali Linux \uacf5\uc2dd \ubb38\uc11c \ubc0f \uc790\ub8cc<\/p>\n
Kali Tools Index:
\n\ud83d\udd17 https:\/\/tools.kali.org<\/p>\n
Kali Linux \uacf5\uc2dd \ubb38\uc11c:
\n\ud83d\udd17 https:\/\/www.kali.org\/docs\/<\/p>\n
Exploit DB (\ucde8\uc57d\uc810 \uac80\uc0c9):
\n\ud83d\udd17 https:\/\/www.exploit-db.com\/<\/p>\n","protected":false},"excerpt":{"rendered":"
Kali Linux\ub294 \ubcf4\uc548 \uc804\ubb38\uac00\ub098 \ud574\ucee4\ub4e4\uc774 \uc0ac\uc6a9\ud558\ub294 \uce68\ud22c \ud14c\uc2a4\ud2b8(penetration testing) \ubc0f \ub514\uc9c0\ud138 \ud3ec\ub80c\uc2dd\uc744 \uc704\ud55c \ub9ac\ub205\uc2a4 \ubc30\ud3ec\ud310\uc785\ub2c8\ub2e4. \uc218\ubc31 \uac00\uc9c0\uc758 \ubcf4\uc548 \ub3c4\uad6c\uac00 \uc0ac\uc804 \uc124\uce58\ub418\uc5b4 \uc788\uc73c\uba70, \uac01 \ub3c4\uad6c\ub294 \ud2b9\uc815\ud55c \ubaa9\uc801\uc744 \uac00\uc9c0\uace0 \uc788\uc2b5\ub2c8\ub2e4. \ud83d\udd27 Kali Linux \uc8fc\uc694 \ub3c4\uad6c \uc124\uba85 \ubc0f \uc0ac\uc6a9\ubc95 \uc694\uc57d 1. \uc815\ubcf4 \uc218\uc9d1 (Information Gathering) \ub3c4\uad6c \uc124\uba85 \uc0ac\uc6a9 \uc608 nmap \ub124\ud2b8\uc6cc\ud06c \uc2a4\uce90\ub2dd \ubc0f \ud3ec\ud2b8 \uc2a4\uce90\ub2dd \ub3c4\uad6c nmap -sS … \ub354 \ubcf4\uae30 “Kali Linux\uc5d0\uc11c \uc0ac\uc6a9\ud558\ub294 \uc751\uc6a9 \ud504\ub85c\uadf8\ub7a8\uc5d0 \ub300\ud55c \uc124\uba85\uc790\ub8cc, \uc0ac\uc6a9\ubc95 \ub4f1”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-291","post","type-post","status-publish","format-standard","hentry","category-4"],"_links":{"self":[{"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/291","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=291"}],"version-history":[{"count":1,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/291\/revisions"}],"predecessor-version":[{"id":292,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/291\/revisions\/292"}],"wp:attachment":[{"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=291"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=291"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.soon7shop.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=291"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}