Penetration Testing with Raspberry Pi
Language: English
Pages: 142
ISBN: 1784396435
Format: PDF / Kindle (mobi) / ePub
Construct a hacking arsenal for penetration testers or hacking enthusiasts using Kali Linux on a Raspberry Pi
About This Book
- Learn how to turn a Raspberry Pi into a Kali Linux hacking toolkit for onsite, physical, and remote penetration testing
- Understand the capabilities, limitations, and features of Kali Linux on Raspberry Pi
- Build and develop methodologies ideal for Raspberry Pi penetration testing using real-world cases
Who This Book Is For
If you are looking for a low budget, small form-factor remotely accessible hacking tool, then the concepts in this book are ideal for you. If you are a penetration tester who wants to save on travel costs by placing a low-cost node on a target network, you will save thousands by using the methods covered in this book. You do not have to be a skilled hacker or programmer to use this book. It will be beneficial to have some networking experience; however, it is not required to follow the concepts covered in this book.
What You Will Learn
- Install and tune Kali Linux on a Raspberry Pi for hacking
- Use a Raspberry Pi for pentests such as breaking wireless security, scanning networks, and capturing sensitive data
- Perform man-in-the-middle attacks and bypass SSL encryption
- Compromise systems using various exploits and toolkits
- Bypass security defenses and remove data off a target network
- Develop a command and control system to manage remotely placed Raspberry Pis
- Turn a Raspberry Pi into a honeypot to capture sensitive information
- Grasp professional penetration testing through proper documentation
In Detail
The Raspberry Pi is a low-cost credit-card sized computing system that can be customized for just about anything including penetration testing. Raspberry Pi is the best known platform not because it is cheap but because it is very powerful. Kali is a pentesting/security auditing Linux distribution. Kali Linux has many penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for the penetration-testing of wireless LANs), and Burp suite and OWASP ZAP (both web application security scanners).
This book covers how to turn a Raspberry Pi into a hacking arsenal to leverage the most popular open source toolkit, Kali Linux. You will learn how to use various tools to breach networks and steal data.
by downloading the Windows stunnel client application available at https://www.stunnel.org/ downloads.html. [ 47 ] Preparing the Raspberry Pi The following image shows a stunnel-installer executable file icon: When you have completed the install, open the stunnel install directory on Windows (it is usually located at C:\Program Files\stunnel). Copy the stunnel.pem certificate you created on Kali to your Windows client inside the same directory. You should then open the stunnel.conf file and
warning message stating that you are running Wireshark as a super user, also known as root. Just click on OK to access the main GUI. The following screenshot shows a Wireshark GUI: At this point, we assume that you have traffic running through your Raspberry Pi using methods previously covered in this chapter and are now looking at live data. The first step is viewing what interfaces you want to examine with Wireshark by clicking on the Interface List button. This will bring up a window showing
are open source, meaning they are free for download. Who this book is for The focus of this book is to turn a Raspberry Pi into a hacking arsenal by leveraging the most popular open source penetration toolset – Kali Linux. If you are looking for a low budget, small form-factor hacking tool that is remotely accessible, then the concepts in this book are ideal for you. If you are a penetration tester who wants to save on travel costs by placing a low-cost node on a target network, you will save
approximately $22. The following image shows the NooElec NESDR Mini: Aircraft signals are not meant to pass through buildings so you should put your antenna outside and in the line of sight for aircrafts to get the best signal. You will need to sign up for a free FlightAware account at http://flightaware. com/account/join/?referer=/account/join/. Your data will be processed by FlightAware and will be viewable after 30 minutes at http://flightaware.com/ adsb/stats. [ 180 ] Chapter 6
configuration options. The following screenshot shows the second menu: [ 182 ] Chapter 6 The first thing you will want to do once PiPlay is up is look for updates. You do this by clicking the large arrows in the menu to the third screen that shows the Update PiPlay option. You must be online to do this so you can either plug in a Ethernet cable, or use the Setup Wireless button to establish a wireless connection prior to looking for updates. If you are online, you will see your IP address in