Using Kali Linux and Infiltration Tools in Cyber Security

Abstract

It is important to use Kali Linux and the penetration tools that it offers in penetration tests for server systems to ensure cyber security. For this purpose, Linux Ubuntu operating system and a web server running on it are used as test environment. In this test environment, all scans and penetrations are performed using the penetration tools on Kali Linux. First, port scanning is performed to detect open ports on the target system. With this scan, the active services in the system and the ports where these services are running are determined. The next step is to obtain login information using a list of username and password combinations. Password cracking with dictionary attack is performed. Thus, the identification of accounts with weak passwords is achieved. Unauthorized access to the database of the target system is achieved by performing a SQL attack. With this attack method, an attempt is made to infiltrate the database by targeting web applications with security vulnerabilities. After accessing the database, sensitive data is accessed and manipulated. Finally, full control of the target system is achieved by performing privilege escalation. In this step, weak configurations are aimed to detect vulnerabilities or authorization errors in the system. Consequently, Kali Linux and penetration testing tools are an important tool for detecting and resolving vulnerabilities in server systems. The results of the study show the powerful capabilities of Kali Linux and penetration testing tools and their effectiveness in determining potential vulnerabilities. Thus, system administrators can use such tools to detect vulnerabilities and take the appropriate actions by testing the systems they manage. In this study, it is aimed to explain this importance and to show this in an experimental test environment.