Kali Virtual Machine Configuration
Download the official Kali Linux image for Apple ARM.
Create a new virtual machine from the ISO file.
Select Linux Debian 12 OS.
Always optimize mouse for games
8GB RAM.
6 CPU cores.
50GB hard disk.
Share network.
Accelerated graphics off (bugs) and full retina resolution.
Use Mac keyboard profile as a default.
Disable Bluetooth devices.
Disable share folders.
Disable printers.
Remove cameras.
Synchronize time and pass the power status.
sudo apt update
sudo apt full-upgrade -y
sudo apt install -y kali-linux-everything
Set HiDPI Mode (Applications -> Kali HiDPI Mode)
Set Terminal Font (Hack, 14)
Set Burp font size 18 for both editor and interface (after installation) .
Increasing display blanking timeout
Settings Manager -> Power Management -> Display
Set display blanking timeout to Never.
Lock it at the bottom of the screen.
Move Show Desktop to the far right corner.
Remove Workspace Switcher .
Add Quick Use items in this order:
Directory Menu .
Firefox .
Burpsuite (after installation) .
Sublime Text (after installation)
Terminal Emulator .
Behavior -> Unlimited History
Behavior -> Open new terminals in current working directory.
Go to about:config
Set browser.urlbar.trimURLs
to false
Make Firefox a default browser.
Change Home page to blank.
Delete all default bookmarks.
Disable saving passwords.
sudo nano /etc/ssh/sshd_config # Set PermitRootLogin yes
sudo service ssh restart
Set password for the root
user:
sudo passwd root # set to 'root'
There's a bug with outbound ssh connections on VPN. Fix:
sudo ip li set mtu 1200 dev tun0
Installing and configuring useful tools
Open terminal and change to the ~/Download
folder.
Login to Github and add an ssh key:
# Create an SSH key
ssh-keygen -t ed25519 -C " <email>"
eval " $( ssh-agent -s) "
ssh-add ~ /.ssh/id_ed25519
cat ~ /.ssh/id_ed25519.pub
# Set username/email
git config --global user.name " <name>"
git config --global user.email " <email>"
Clone pentesting-tools repo (git clone [email protected] :maksyche/pentesting-tools.git ~/pentesting-tools
)
Prepare rockyou.txt:
sudo gzip -dk /usr/share/wordlists/rockyou.txt.gz # Decompress
sudo sed -i ' /^\s*$/d' /usr/share/wordlists/rockyou.txt # Remove empty lines
Setting Samba min version:
sudo nano /etc/samba/smb.conf # Set min protocol = NT1
sudo sed -i -E ' s/MinProtocol[=\ ]+.*/MinProtocol = TLSv1.0/g' /etc/ssl/openssl.cnf
sudo apt install snmp-mibs-downloader -y
sudo download-mibs
sudo nano /etc/snmp/snmp.conf # Comment "mibs:" line
"dictionary" : " Packages/Language - English/en_US.dic" ,
"spell_check" : true
sudo apt install libreoffice -y
Burp CA (go to 127.0.0.1:8080) , download and import it in Firefox settings.
FoxyProxy plugin for Firefox (add 127.0.0.1:8080 Burp proxy) .
Wappalyzer plugin for Firefox.
Python3 pip (sudo apt install python3-pip -y
).
Python2 pip:
wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
sudo python2 get-pip.py
sudo apt install python2-dev -y
sudo apt install python3-dev -y
Python setup tools (sudo pip2 install setuptools
).
npm (sudo apt install npm -y
).
snap:
sudo apt install snapd
sudo systemctl enable snapd.service
sudo systemctl enable apparmor.service # Restart required
sudo snap install core
sudo nano /etc/environment # Add /snap/bin to path
Postman (sudo snap install postman
)
golang (sudo apt install golang -y
).
feroxbuster: (sudo apt install feroxbuster -y
).
fpm (sudo gem install --no-document fpm
).
rlwrap (sudo apt install rlwrap -y
).
mysql-client (sudo apt install default-mysql-client -y
).
mysql-shell (sudo snap install mysql-shell
).
mssql-cli (sudo python3 -m pip install mssql-cli
) (doesn't work with ARM yet) .
redis-tools (sudo apt install redis-tools -y
).
jwt-cracker (sudo npm install --global jwt-cracker
).
droopescan (sudo pip3 install droopescan
).
cross-compilation tools (not really suited for ARM) :
sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt install gcc-mingw-w64 -y
sudo apt install g++-mingw-w64 -y
sudo apt install mingw-w64 -y
sudo apt install gcc-multilib
sudo apt install g++-multilib
sudo apt install libc6-dev:i386
cmake (sudo apt install cmake -y
).
wes.py:
wget https://github.com/bitsadmin/wesng/archive/master.zip
unzip master.zip
cd wesng-master
sudo pip3 install .
wget https://github.com/SecureAuthCorp/impacket/releases/download/impacket_0_11_0/impacket-0.11.0.tar.gz
tar -xzf impacket-*
cd impacket-0.11.0
sudo pip3 install .
evil-winrm (sudo gem install evil-winrm
).
pyftpdlib (sudo pip3 install pyftpdlib
).
highline (sudo gem install highline
)
xls2csv:
sudo npm install --global xls2csv
sudo npm install --global xlsx2csv
sudo npm install --global doc2txt
sudo npm install --global docx2txt
sudo alien -i instantclient-basic* .rpm
sudo alien -i instantclient-sqlplus* .rpm
sudo alien -i instantclient-sdk* .rpm
sudo alien -i instantclient-jdbc* .rpm
sudo alien -i instantclient-odbc* .rpm
sudo alien -i instantclient-tools* .rpm
sudo touch /etc/ld.so.conf.d/oracle.conf
sudo ldconfig
sudo dpkg -i ./mongodb* .deb
putty (sudo apt-get install -y putty
)