WEBVTT - This file was automatically generated by VIMEO 0 00:00:01.100 --> 00:00:04.200 Hello and welcome to this Cali fundamentals video. 1 00:00:04.200 --> 00:00:07.600 I'm excited to be here with you this evening to get 2 00:00:07.600 --> 00:00:10.400 into the beginning. So when you 3 00:00:10.400 --> 00:00:13.300 go to work for a new company or you're getting 4 00:00:13.300 --> 00:00:16.400 into a new relationship, you always want to have a little history 5 00:00:16.400 --> 00:00:19.200 and backstory that just helps to ensure that you're 6 00:00:19.200 --> 00:00:22.200 you know, moving into a relationship that's going 7 00:00:22.200 --> 00:00:25.800 to be meaningful and you're knowledgeable and etc. 8 00:00:25.800 --> 00:00:28.300 Those kind of things. So when we get to work with 9 00:00:28.300 --> 00:00:31.200 this tool set with Callie Linux, we want to make sure that we've 10 00:00:31.200 --> 00:00:34.200 got some history. So the objectives for this 11 00:00:34.200 --> 00:00:34.700 lesson. 12 00:00:35.500 --> 00:00:38.800 Are to walk away with a brief understanding of the Cali Linux 13 00:00:38.800 --> 00:00:41.300 background. We want to add a high level understand 14 00:00:41.300 --> 00:00:44.800 what Linux is and then we want to know how flexible you 15 00:00:44.800 --> 00:00:47.300 know, Cali is at a high level. So let's jump 16 00:00:47.300 --> 00:00:50.900 into the history lesson real quick. So Kali Linux 17 00:00:50.900 --> 00:00:53.500 was established March of 2013 with 18 00:00:53.500 --> 00:00:56.500 version 1.0 now Callie is based on 19 00:00:56.500 --> 00:00:59.800 the Debian operating system. And 20 00:00:59.800 --> 00:01:02.500 you know, it was there that 21 00:01:02.500 --> 00:01:05.500 they got their start. So since then 22 00:01:05.500 --> 00:01:08.600 there's been a number of iterations with Cali Linux about 23 00:01:08.600 --> 00:01:11.100 22 today it actually 22 on the 24 00:01:11.100 --> 00:01:15.100 dot today at the time of this video. But 25 00:01:14.100 --> 00:01:17.200 the thing that you want to know about 26 00:01:17.200 --> 00:01:20.500 this group and about the community is that they're very very 27 00:01:20.500 --> 00:01:23.200 good at working out bugs. They're very very good 28 00:01:23.200 --> 00:01:26.300 about determining which tools to keep and so the reason 29 00:01:26.300 --> 00:01:29.600 that you want to be cognitive of the iteration of 30 00:01:29.600 --> 00:01:32.200 Kelly that you're using is that there may be tools and 31 00:01:32.200 --> 00:01:34.800 version 1.0 that are definitely not present. 32 00:01:35.400 --> 00:01:38.500 In the current version and there may be some tools that you want to use in 33 00:01:38.500 --> 00:01:41.400 the older versions, but you just need to be aware that through 34 00:01:41.400 --> 00:01:44.200 those iterations the tools have changed and the 35 00:01:44.200 --> 00:01:47.500 layout has changed in the way that the system works has 36 00:01:47.500 --> 00:01:50.300 changed to a degree as well. So you may 37 00:01:50.300 --> 00:01:50.800 be thinking 38 00:01:51.600 --> 00:01:54.900 Well, we've mentioned Callie you've mentioned Debian or 39 00:01:54.900 --> 00:01:57.200 there other Linux variants or Linux flavors 40 00:01:57.200 --> 00:02:00.500 and absolutely with respect to open source operating 41 00:02:00.500 --> 00:02:03.200 systems. The community does a wonderful job of 42 00:02:03.200 --> 00:02:06.900 maintaining several different operating systems and distributions 43 00:02:06.900 --> 00:02:09.000 not all of these are for pin testing. You've got 44 00:02:09.600 --> 00:02:12.300 Ubuntu which can act as you know, 45 00:02:12.300 --> 00:02:15.300 an end user system or as a system that you use at 46 00:02:15.300 --> 00:02:18.400 home. You could load tools that are in the Cali distribution into 47 00:02:18.400 --> 00:02:21.600 a boom 2. You've got meant Linux. You've 48 00:02:21.600 --> 00:02:24.200 got precise puppy you've got Fedora. So there's 49 00:02:24.200 --> 00:02:27.500 a combination of operating systems out 50 00:02:27.500 --> 00:02:30.400 there depending on what you need them to do. They could 51 00:02:30.400 --> 00:02:33.800 be on a multitude of smaller devices 52 00:02:33.800 --> 00:02:36.500 or low-key devices things of that nature small 53 00:02:36.500 --> 00:02:38.900 Computing devices. Linux is everywhere. 54 00:02:39.700 --> 00:02:42.500 So you may be asking yourself. Well, you know, what is 55 00:02:42.500 --> 00:02:45.400 Linux with respect to to how we're defining it 56 00:02:45.400 --> 00:02:46.400 and talking about it here. 57 00:02:47.100 --> 00:02:50.000 So when I talk about Linux, especially within the 58 00:02:50.500 --> 00:02:52.200 relationship of Cali Linux. 59 00:02:52.800 --> 00:02:55.400 Linux is the core of the operating system. 60 00:02:55.400 --> 00:02:58.500 It is the kernel and a few things that the kernel 61 00:02:58.500 --> 00:03:01.200 will control our like CPU memory and 62 00:03:01.200 --> 00:03:04.000 devices. So you may already be familiar with 63 00:03:04.100 --> 00:03:08.300 the concept of what a colonel does but to give you a quick refresher in 64 00:03:07.300 --> 00:03:10.400 this instance, we've got let's just say an app 65 00:03:10.400 --> 00:03:13.700 that communicates with the colonel and then at the 66 00:03:13.700 --> 00:03:16.800 the colonel level we're communicating with the CPU the 67 00:03:16.800 --> 00:03:19.500 kernels communicating with memory. It's communicating with 68 00:03:19.500 --> 00:03:22.400 devices and peripherals. And so it 69 00:03:22.400 --> 00:03:25.600 is going to ensure that the app when 70 00:03:25.600 --> 00:03:28.900 it requests resources and information or input that 71 00:03:28.900 --> 00:03:31.300 it is being provided. So with respect to 72 00:03:31.300 --> 00:03:34.500 this relationship when we say Linux Linux 73 00:03:34.500 --> 00:03:38.000 is really the core of any of the operating system distributions 74 00:03:37.600 --> 00:03:40.300 that we've discussed here. So I've 75 00:03:40.300 --> 00:03:44.100 got a quick surprise for you a check on learning. So when 76 00:03:43.100 --> 00:03:46.300 we were discussing the history of Cali earlier, 77 00:03:46.300 --> 00:03:49.200 what was the original or what is 78 00:03:49.200 --> 00:03:52.300 the base distribution or operating system that 79 00:03:52.300 --> 00:03:52.600 that is 80 00:03:52.700 --> 00:03:54.400 is based off of 81 00:03:55.700 --> 00:03:59.300 alright, so you were probably thinking Debian and 82 00:03:58.300 --> 00:04:01.300 if you put Debbie in there or 83 00:04:01.300 --> 00:04:04.400 thought Debbie and then you were absolutely correct great job. 84 00:04:04.400 --> 00:04:07.200 So let's go ahead and shift gears real quick 85 00:04:07.200 --> 00:04:10.400 and talk about some of the features and things that 86 00:04:10.400 --> 00:04:12.800 Kelly has available to it. 87 00:04:13.700 --> 00:04:16.200 So the first thing you can run Cali as 88 00:04:16.200 --> 00:04:19.200 as your day to day operating system, you can fully install it 89 00:04:19.200 --> 00:04:22.900 and use it for day-to-day activities and functions. There's 90 00:04:22.900 --> 00:04:25.600 some recommendations will make later to talk about 91 00:04:25.600 --> 00:04:28.300 how you can do that securely and safely, you've got 92 00:04:28.300 --> 00:04:31.500 live boot which is going to allow you to just take the 93 00:04:31.500 --> 00:04:34.200 disc or take a thumb drive. That's got 94 00:04:34.200 --> 00:04:37.300 the Cali ISO on it and then from there 95 00:04:37.300 --> 00:04:41.000 boot it and go to work. So you're not fully installing 96 00:04:40.200 --> 00:04:43.500 the Cali operating system 97 00:04:43.500 --> 00:04:46.500 onto a device. You're just kind of live booting you can 98 00:04:46.500 --> 00:04:49.800 take advantage of full disk encryption, which is definitely something 99 00:04:49.800 --> 00:04:53.300 we want to do if we're going to be doing security testing handling 100 00:04:52.300 --> 00:04:56.100 client data potentially pulling data 101 00:04:55.100 --> 00:04:58.300 from systems for the sake of testing things 102 00:04:58.300 --> 00:05:02.100 that nature so we always want to ensure that that information is encrypted and 103 00:05:01.100 --> 00:05:05.100 then we've got easy new Loops, 104 00:05:04.100 --> 00:05:07.300 you know, this is easy new cure essentially 105 00:05:07.300 --> 00:05:10.800 with that allows you to do is you can use that to new concrete 106 00:05:10.800 --> 00:05:13.400 to data. So if you need to erase day to get rid of information you 107 00:05:13.400 --> 00:05:13.500 can 108 00:05:13.700 --> 00:05:16.200 Use Easy nuke to do that and then 109 00:05:16.200 --> 00:05:19.300 we've got a forensic mode here. So if you need to get a copy 110 00:05:19.300 --> 00:05:22.300 of a hard drive that is forensically sound that's not 111 00:05:22.300 --> 00:05:25.200 altered. None of the other states here like a 112 00:05:25.200 --> 00:05:28.400 full installation live food or you know doing any type of encryption 113 00:05:28.400 --> 00:05:31.300 is going to help you in that and really this just ensures that 114 00:05:31.300 --> 00:05:34.400 if you've got a hard drive plugged into a system or whatever 115 00:05:34.400 --> 00:05:37.200 the case may be if you need a copy of a disk and you need to 116 00:05:37.200 --> 00:05:40.100 live food or something of that nature to it and you 117 00:05:40.100 --> 00:05:43.300 don't want to disturb the state of the disc by adding data to 118 00:05:43.300 --> 00:05:45.800 it. You can boot in forensic mode to do that. 119 00:05:46.700 --> 00:05:48.900 So let's jump into a few tool categories here. 120 00:05:49.500 --> 00:05:52.400 So you've got several categories outside 121 00:05:52.400 --> 00:05:56.400 of these these are just some high level areas. I want it to touch on tool 122 00:05:55.400 --> 00:05:58.300 categories under information gathering. I'll 123 00:05:58.300 --> 00:06:01.100 cover things like maybe DNS reconnaissance. If you're trying to 124 00:06:01.100 --> 00:06:04.800 get some information about a potential Target for 125 00:06:04.800 --> 00:06:08.500 a pen test or something of that nature vulnerability analysis. 126 00:06:07.500 --> 00:06:10.400 Tools can be like open Boss. Those are 127 00:06:10.400 --> 00:06:13.400 gonna be important for scanning systems for vulnerabilities to 128 00:06:13.400 --> 00:06:16.300 help you determine how you're going to do an attack 129 00:06:16.300 --> 00:06:19.700 or something of that nature. You've got Wireless attack tools, 130 00:06:19.700 --> 00:06:22.900 which are going to be used for like cracking wireless access 131 00:06:22.900 --> 00:06:25.700 point or trying to crack a key on on, you 132 00:06:25.700 --> 00:06:28.600 know, a Wi-Fi access point web application 133 00:06:28.600 --> 00:06:31.300 tools or things like fuzzers, which you can use 134 00:06:31.300 --> 00:06:34.700 to manipulate the inputs of tools and and kind 135 00:06:34.700 --> 00:06:37.200 of see what you'll get out of the website so that you can then 136 00:06:37.200 --> 00:06:40.600 determine if there may be something you can take advantage of or exploit 137 00:06:40.600 --> 00:06:43.500 there and then we've got some exploitation tools which 138 00:06:43.500 --> 00:06:46.500 will touch on later but those are the tools that once you've 139 00:06:46.500 --> 00:06:49.100 kind of tested the lock and you've worked to see 140 00:06:49.100 --> 00:06:49.200 if 141 00:06:49.500 --> 00:06:52.300 Doors weak and things of that nature you're going to determine? Okay. Can 142 00:06:52.300 --> 00:06:55.800 I kick it in? Can I pick the lock Etc? And right 143 00:06:55.800 --> 00:06:58.900 now, you know we're thinking of Cali is kind of this polyptools 144 00:06:58.900 --> 00:07:01.500 over here. You don't really know what all 145 00:07:01.500 --> 00:07:04.100 you have and you're not maybe 100% sure of what everything 146 00:07:04.100 --> 00:07:07.600 does but we're going to work through that together and kind 147 00:07:07.600 --> 00:07:10.200 of determine what tools are gonna be best for your day to 148 00:07:10.200 --> 00:07:13.100 day and you know in your operations overall. 149 00:07:14.200 --> 00:07:17.600 So I got another surprise for you. It's a check on learning. So 150 00:07:17.600 --> 00:07:20.700 we were discussing some of the the abilities and 151 00:07:20.700 --> 00:07:23.800 features and functions of Cali earlier, which of 152 00:07:23.800 --> 00:07:26.400 those allowed you to get an image 153 00:07:26.400 --> 00:07:29.000 of a hard drive without altering that hard drive state. 154 00:07:30.900 --> 00:07:33.700 All right, so you may have taken a moment to look at these so 155 00:07:33.700 --> 00:07:36.400 remember that live boot just allows us 156 00:07:36.400 --> 00:07:39.400 to kind of boot the system without falling installing it 157 00:07:39.400 --> 00:07:42.400 it really doesn't do anything to keep the state 158 00:07:42.400 --> 00:07:45.200 of the drive or any connected devices the same 159 00:07:45.200 --> 00:07:48.500 as they were so that's not applicable here a full 160 00:07:48.500 --> 00:07:51.300 installation is definitely going to alter the state of 161 00:07:51.300 --> 00:07:54.600 a driver or anything that we're connected to but remember when 162 00:07:54.600 --> 00:07:57.200 we boot to forensic mode or use forensics mode 163 00:07:57.200 --> 00:08:00.700 on the Cali distribution, it should not disturb the 164 00:08:00.700 --> 00:08:03.400 state of any connected devices and would allow 165 00:08:03.400 --> 00:08:07.000 us to work to get a forensic image of a hard 166 00:08:06.200 --> 00:08:08.100 drive or something of that nature. 167 00:08:09.200 --> 00:08:12.500 So with all of that said let's go through a quick summary 168 00:08:12.500 --> 00:08:15.600 of what we covered today. So we talked about some release dates 169 00:08:15.600 --> 00:08:18.500 or the release date for Cali and an overview 170 00:08:18.500 --> 00:08:21.300 of the current number of versions and why that's important 171 00:08:21.300 --> 00:08:25.000 and what we need to look for with respect to the care 172 00:08:24.300 --> 00:08:28.300 and and continued care of this distribution a 173 00:08:27.300 --> 00:08:30.200 high level review of features and functions to get 174 00:08:30.200 --> 00:08:33.500 your brain kind of turning a bit on some of the things Cali can 175 00:08:33.500 --> 00:08:36.800 do and a little bit if it's flexibility there and then 176 00:08:36.800 --> 00:08:39.200 a few tool categories again to get you thinking about 177 00:08:39.200 --> 00:08:42.400 some of the things that you could do with Kelly where you might be focusing 178 00:08:42.400 --> 00:08:45.200 on or where you're hoping that the distribution can be 179 00:08:45.200 --> 00:08:46.700 useful to you and your organization. 180 00:08:47.600 --> 00:08:50.700 So with that said I want to thank you for the opportunity to 181 00:08:50.700 --> 00:08:53.600 work with you today, and I look forward to working with 182 00:08:53.600 --> 00:08:54.700 you again soon. Thank you.