Kali Linux Lab Report -EASY

Lab Exercise: Reconnaissance and Fingerprinting with Kali Linux

Objective

You will use Kali Linux to perform passive and active reconnaissance and fingerprinting on a designated domain, leveraging various tools to gather information ethically and safely.

Lab Scenario

You are a penetration tester tasked with gathering information about a target domain. The domain for this lab is hackthissite.org, a legal and ethical platform for cybersecurity training.

Lab Setup

1. Environment: Ensure students have access to a Kali Linux virtual machine.
2. Internet Connection: Verify internet connectivity on the Kali machine.
3. Tools: Pre-installed tools in Kali Linux (Nmap, Netcat, whois, Wappalyzer, etc.).
4. Target Domain: Use hackthissite.org for all fingerprinting activities (confirmed as ethical and legal for cybersecurity training purposes).

Kali Linux Installation as a Virtual Machine

Step 1: Download Virtualization Software

1. Install a hypervisor such as VirtualBox or VMware Workstation Player (both are free).
   • VirtualBox Download:
   • VMware Player Download:

Step 2: Download Kali Linux ISO or Virtual Image

1. Go to the official Kali Linux website:
2. Navigate to the Downloads section.
3. Choose one of the following:
   • ISO file for manual installation.
   • Pre-configured VirtualBox or VMware image for a quicker setup.

Step 3: Set Up the Virtual Machine

1. Open your hypervisor (VirtualBox or VMware).
2. Create a new virtual machine:
   • Name: Kali Linux.
   • Type: Linux.
   • Version: Debian-based (64-bit).
3. Allocate resources:
   • Memory (RAM): Minimum 2 GB (Recommended: 4 GB).
   • Disk Space: At least 20 GB.
4. Attach the downloaded ISO file or select the pre-configured virtual image.

Step 4: Install Kali Linux (if using ISO)

1. Start the virtual machine and boot from the ISO file.
2. Follow the installation prompts:
   • Select Graphical Install.
   • Configure language, location, and keyboard layout.
   • Set up a username and password.
   • Partition the disk (choose guided setup for simplicity).
3. Complete the installation and reboot.

Step 5: Update Kali Linux

1. Log in to your new Kali Linux VM.
2. Open the terminal and run:

sudo apt update && sudo apt upgrade -y

1. Install any additional tools needed for the lab:

sudo apt install nmap netcat whois

Step 6: Test the Setup

1. Verify network connectivity by running:

ping google.com

1. Ensure tools like Nmap and Netcat are functioning:

1. nmap –version

nc -h

---

Lab Instructions

Part 1: Passive Reconnaissance

1. Google Dorks for Information Gathering:
   • site:hackthissite.org filetype:pdf
   • inurl:admin site:hackthissite.org
   • Open the Firefox browser in Kali Linux.
   • Use the following Google Dorks to identify publicly available information:
   • Document any relevant results.
2. WHOIS Lookup:
   • Open the terminal in Kali Linux.
   • Run the following command:

whois hackthissite.org

• Note the domain registration details (registrant, creation date, expiration date, etc.).
1. Shodan Search:
   • Open the Firefox browser and navigate to https://www.shodan.io/.
   • Search for hackthissite.org.
   • Document any exposed services, open ports, or technologies.

Part 2: Active Reconnaissance

1. Nmap Scanning:
   • Run a basic TCP scan:

nmap -sS hackthissite.org

• Perform service and version detection:

nmap -sV -O hackthissite.org

• Document the results, including open ports, running services, and potential vulnerabilities.
1. Netcat for Banner Grabbing:
   • Open a terminal and use Netcat to connect to an open port (e.g., port 80):

nc -v hackthissite.org 80

• Type HEAD / HTTP/1.0 and press Enter twice to grab the HTTP banner.
• Record the server type and version.
1. Wappalyzer for Web Application Fingerprinting:
   • Open the Firefox browser and install the Wappalyzer extension.
   • Visit hackthissite.org and analyze the technologies used (e.g., CMS, JavaScript libraries).
   • Take a screenshot of the Wappalyzer output.

Deliverables

1. A report containing:
   • Results of passive reconnaissance (Google Dorks, WHOIS, Shodan).
   • Outputs of active reconnaissance (Nmap scans, Netcat results, Wappalyzer findings).
   • Screenshots of tool outputs (include the entire screen with the clock/time).
2. Reflection on the ethical considerations and importance of proper permissions in penetration testing.

   {{{if possible give me a setup for macOS apple silicon m2 in a seperate file aside from this assignment}}}

WRITE MY PAPER