Linux for Ethical Hackers (Kali Linux Tutorial)

**Choosing the Right Penetration Testing Certification**

When it comes to choosing a penetration testing certification, there are several options to consider. In this article, we'll explore three certifications that can help you get started on your journey to becoming a skilled penetration tester.

First, let's talk about the PTS (Penetration Tester's Safety) exam. This is an entry-level certification that covers the basics of penetration testing. The PTS exam is relatively inexpensive, costing only $100. It's also worth noting that this exam is considered "sans right," meaning it doesn't require a corresponding course to be completed before taking the test.

However, for those who want to take their skills to the next level, the G Pen certification is a good option. The G Pen exam costs $17 and requires completion of a corresponding course that can cost upwards of $6,000. This means that unless an employer is willing to pay for this certification, it may not be feasible for individuals to pursue.

On the other hand, the sans (Security and Networking) certification is considered one of the highest-tier certifications in the field. The exam itself costs $17 and requires completion of a corresponding course. What sets sans apart from other certifications is its focus on staying up-to-date with the latest security threats and techniques. Sans courses are constantly updated to reflect the latest developments in the field, making this certification a valuable asset for anyone looking to advance their skills.

Another option to consider is the OSCP (Offensive Security Certified Professional) certification. This certification requires completion of a practical course that includes hands-on training with virtual machines and real-world scenarios. The exam itself is considered "practical" in nature, meaning it's more focused on demonstrating one's ability to hack and identify vulnerabilities rather than just memorizing rules.

In addition to these certifications, there are many free resources available online that can help you learn the skills necessary for penetration testing. For example, my channel offers a wealth of information on topics ranging from Linux basics to advanced penetration testing techniques. I also offer a "Zero to Hero" course that covers everything from beginner-level topics to more advanced concepts.

Additionally, there are many online communities and forums dedicated to penetration testing and security. Sites like Hack The Box provide a platform for individuals to practice their skills in a safe and controlled environment, with access to virtual machines and real-world scenarios. These resources can be incredibly valuable when it comes to learning the skills necessary for penetration testing.

Ultimately, the right certification or resource for you will depend on your individual goals and needs. By doing some research and exploring different options, you can find the best fit for your journey into penetration testing.

**Conclusion**

Choosing a penetration testing certification requires careful consideration of several factors, including cost, curriculum, and reputation. The PTS exam offers an entry-level certification at an affordable price, while the G Pen certification provides a more comprehensive education at a slightly higher cost. On the other hand, the sans certification is one of the most respected certifications in the field, with a focus on staying up-to-date with the latest security threats and techniques.

Regardless of which certification you choose, there are many free resources available online that can help you learn the skills necessary for penetration testing. From beginner-level courses to advanced training programs, there's something for everyone. By taking advantage of these resources and dedicating yourself to ongoing learning, you can become a skilled penetration tester with the skills and knowledge necessary to succeed in this field.

**Recommendation**

If I had to make a recommendation, it would be to start with the PTS exam if possible. This certification is relatively inexpensive and provides a solid foundation for those just starting out in penetration testing. If you're interested in pursuing more advanced certifications like the G Pen or sans, these may be worth considering at a later stage.

However, before embarking on any training program or certification course, I would recommend doing some research to ensure that it's a good fit for your goals and needs. There are many resources available online that can provide valuable information and insights into different certifications and courses.

Ultimately, becoming a skilled penetration tester requires dedication, hard work, and a willingness to learn and adapt. With the right training and certification, you can unlock a rewarding career in this field.

"WEBVTTKind: captionsLanguage: enWhat is up everybody, my name is Heath Adams and I welcome you to this course called Linux for  ethical hackers. So in this course, we're going to be covering a lot of things, we're really going to  be going in hammering down on the terminal and the command line. And if you've never learned  Linux before, this is a really great start for you, especially if you're interested in becoming  Ethical Hacker or a penetration tester. So enough of my face. Let's go ahead and just dive right in.  Alright, everyone, welcome to this course titled Linux for ethical hackers. Before we get started,  I'd like to do a little Who am I so my name is Heath Adams. I also go by the cyber mentor. I am  a husband, first a hacker, a military veteran, gamer sports fan and animal Dad, I am a former  accountant turned security geek. So I've been in cybersecurity about three years now. And before  that, I was an accountant, I hated it pick that that field for all the wrong reasons. So once I  went into it, and cybersecurity, I never looked back. And I've never been happier. On the day to  day, I am a senior security engineer. I'm also a business owner at TCM security. So before that I  was a senior penetration tester doing penetration testing and ethical hacking, I branched out  and started my own business focusing on ethical hacking, training and student development. So now  I'm doing that full time, along with a job as a senior security engineer. Okay, so let's go ahead  and talk about what we'll learn in this course. So this course is going to be all hands on. Besides  this little introduction here, you're not going to see a lot of PowerPoint besides quick overview  of what the course or the video that you're about to see has coming. So 95% hands on course,  I will not kill you with PowerPoint. That's not my goal. We're going to be focusing on Kali Linux  this entire course, and really learning Linux and learning Linux for the purpose of becoming  ethical hackers. So we're going to install VMware, which is a virtualized software, virtualization  software, and then we're going to run Kali Linux inside of VMware. After that, I'm going to give  you a overview of Kali Linux, show you some of the common tools, what it can do, why it's awesome.  And then we're going to do a deep dive into the terminal. So what that means is we're going to  be hands on doing commands and learning Linux. So we'll be running, navigating the file system.  So how to get around in the file system from the terminal, we'll learn about users and privileges,  how to add users how to what kind of privileges and permissions are there what important files  exist regarding those, we're going to talk about common network commands. So if you want to be a  pen, tester, or ethical hacker, you need to know networking, at least at a basic minimum. So we'll  talk about those common network commands that you should know how to run them what they do, we'll  talk about viewing, creating and editing files. That's obviously important if you want to create  a quick file or edit a file from the command line, how you can do that. We'll talk about starting and  stopping services such as a web server, SSH, SQL database, etc. We're going to talk about  how to install updates, how to install tools and how to update those tools. And then lastly,  we're going to put everything we learned together and do some scripting in bash. So we're going to  write a basic bash script, and then we'll improve upon it and then I'll show you some four loops,  some other logical scripting ideas, and then we'll kind of put that together and hopefully,  come to a nice completion when it's all said and done. So with all this being said, I'm excited  to have you in the course with me, I look forward to teaching you and let's go ahead and start with  installing VMware. Alright, the first thing that we're going to need to do is to install software  called VMware Workstation player. Now we have two ways to run Kali Linux, we can either run Kali  Linux through a virtual machine, or we can install it as an operating system on a hard drive for this  course, and this lesson, we're going to be using a virtual machine. and preferably, we're going to be  using VMware Workstation player. I'm going to show you how to install VMware Workstation player and  I'll show you some of the alternatives to it as well. So let's go ahead and dive right in. Okay,  so if you go out to the interweb, and you go to Google, and you type in VMware Workstation player,  the first thing that will come up for you is this download VMware Workstation player link.  You're going to go ahead and just click on this and now I also want to introduce alternatives. So  there is a another software platform called Oracle VirtualBox. And you will be able to install either  my preference in the course that's going to be taught the rest of the way through is going to be  in VMware Workstation Pro. But we will use player for the install, you'll be able to follow along  with player you will also be able to follow along with Oracle VirtualBox if you so choose. But we  will not be showing that installation. Another thing that should be noted is there is this  comparison page here and I will be using VMware Workstation Pro. There's a nice little checklist  here that shows what pro can do versus player, he has a lot of the same features here. Some of the  nice things is running multiple VMs at once. You can technically do that with VMware Workstation  player, there's workarounds for it. But to have it in a single tabbed interface. It's very,  very nice. You see here, the drag will tabbed interface. That's another feature snapshots.  So basically making a backup of your machine all included in workstation Pro. So if you have some  money to shell out, and this is something that you're interested in doing long term,  it may be worth looking into a workstation pro license, but by all means you can get away with  a workstation player installation, and that's exactly what we're going to do. So let's go back  to the first tab here. And you can see it says try VMware Workstation player, we're just going  to scroll down and this install and everything is going to be running on top of windows for  me. If you're installing for Linux, that's fine as well just follow your instructions for your  respective OS. Go ahead and select Download now. I'm going to save the file. Okay, it downloaded  I'm going to hit run. It's going to ask if we want to accept the changes, yes. Okay, now we're going  to hit Next we'll accept the license agreement and possibly give away our firstborn. I'm going to go  ahead and check yes, for the enhanced keyboard driver. We don't need to check for product update,  we don't need to join the VMware customer experience improvement. We'll hit Next on that,  you can leave both of these checked or check to your preference. And then hit install. And  while this is installing, I can actually show you what VMware pro looks like. This is a pro instance  running here you can see they have the tabs and they're draggable as it was notated in that,  that differential spreadsheet that you saw, and I've got a Cali instance running, that's actually  my main Cali machine. I've got windows 10 running here. And this is all actually sitting on top of  a real windows 10 machine as well. So we're just installing workstation player, I'm going to run a  VM inside of a VM. So this can be a little bit of Vm ception here, and then we're just going to hit  finish. And then we are going to restart this machine as it needs a reboot real quick. Okay,  now we are restarted and we're back to our desktop here, you can see that VMware Workstation player  has been added to the desktop. Let's just go ahead and double click that to open it. And we're going  to choose to use VMware Workstation 15 player for free for non commercial use. If we wanted the pro  edition, we would enter in our access key here license key and continue on with the pro edition.  And now we will use the Finish button here and we will be brought to our VMware  Workstation 15 player. So you can see here that it's a much different view, it's very,  very basic. We have the option to open a VM here and we'll have the one VM stored in this tab that  we can open up and that'll be it. There are ways around running multiple VMs at the same time,  but if you're looking to build a fluid lab out and have multiple VMs running similar to what I have  here, having the VMware pro again, it does have its benefits here. So you can see this is a much  much different look. This is very generic as we we can see here. So from here, what we're going to do  is we're going to go ahead and stop in the next video, we are going to focus on downloading Kali  Linux and we'll talk about what Kali Linux is and some of its features as well. So I'll catch  you over in the next video. Alright, now let's move on to installing Kali Linux in our VMware  software. Okay, so picking up where we left off we had just installed VMware Workstation 15 player,  and now we need a VM to actually be able to play with it. So this whole course is going to be based  on Kali Linux. If we open up a internet browser here, I've got a few tabs already opened. So what  I want you to do is go ahead and go out to Google, and just type in Cali k L, I Linux download,  and leave it here. What we're going to do as well is I want to talk just a quick second about what  Kali Linux is. So Kali, Linux is a Debian based Linux OS. So it's based on pen testing tools,  and it's made for pen testers. So what it does is it comes preloaded with a bunch of  penetration testing tools, a toolkit, if you will call it and it is just made for people who are  looking to do pen testing. So this is provided by offensive security. If you come to cali.org.  And you look at the About Us, it provides a little bit of information about who the core developers  were and some of the moderators. But basically, what it is, is it followed up a tool called or  distribution called backtrack. So the new the new tool is Kali Linux. Now there are alternatives out  there. One of the alternatives right now is called parrot. So if you go to parrot sec.org, and you  look into what is parrot, you can see that they have different distributions. And they talk about  why parrots different, but they do have a pen test distribution here. So for this course, we're going  to be using Kali Linux, but I always do like to introduce the alternatives. Kali Linux is probably  more popular at this point, parrot OS is kind of on the newer side, some people are starting to  get behind it and liking it, but I would say Kali still dominates. The third option is that you set  up your own distribution. So you have an OS that you like, and then you install the tools on the  OS that you like, and you have your own custom build. So some people feel like, you know, Kali,  or even parrot, they come with a bunch of tools that they'll never need. So their systems bloated,  and they really just have a set amount of tools that they like, and if there's a tool that they  want to add into the system, then they'll download that on their own. They don't want to have a ton  of bloatware coming with their system. But with my experience in the industry, mostly everybody that  I've worked with is using Kali Linux, some people are doing their own builds, especially on like the  webapp pen testing side. And then now parrot is kind of that up and coming Oh s that some people  are transitioning to, but it is predominantly Kali Linux. So that is why we're doing this course in  Kali Linux. And I feel like it's the best option for us to learn some, just some basic Linux  skills and learning in the OS that is the most dominant in the industry right now. So let's go  ahead and go back to that Kali Linux download. In while this link has been clicked on, do not  let it fool you. We're actually not clicking on the official Kali Linux downloads page,  we're going to scroll down a little bit, I want to go to the Kali Linux custom image downloads  page and I'll show you why here. So this is that offensive dash security Comm. Make sure that's the  one you're following along with. And if you scroll down just a bit, you see that they're providing us  VMware images and VirtualBox images. So remember, when I told you that VirtualBox was an option,  if you chose that option, here you go right here, you'll click on this tab and you will download the  VirtualBox image. Now what we're going to be doing is we're going to be running Kali Linux,  VMware 64 bit and we're going to download this seven zip right here. You also have the option  to download a torrent if you'd like the file size is going to be 2.4 gigs. So it might take  you a minute depending on your your speed of your internet. And they also provide a Sha 256 some if  you want to check the file when you download it. So I'm going to go ahead and just hit download  on this. And I'm going to save it and I will come back as soon as this file is finished downloading.  Okay, so my file has finished downloading, I'm going to navigate to the folder where it has  downloaded to which is the Downloads folder. And you can see here that is a seven zip file.  So my installation by default does not have seven zip. If you do not have seven zip either. We can  go ahead and download that together. So if you go out to Google and you just type in seven zip, the  first thing that comes up is seven dashes zip.org. You'll see a download tab here just go ahead and  click on that link and go ahead and download the executable for your respective operating system.  So for me, I'm going to be downloading the 64 bit Windows version here. And I'm going to hit save,  I'm going to hit Run, say yes, I'm going to go ahead and install to the default directory. Okay,  now that's installed, let's go back to our folder. And let's select that we open with seven zip here.  Okay, now let's see if we can drag and drop, we can, so all I'm doing is dragging and dropping,  I'm putting it in the Downloads folder, you don't have to do that you can drag it and put it in a  location that you would prefer, this is going to extract I believe at a larger file size than just  the 2.5 gigs that we downloaded the 2.4 gigs. So make sure that you have file space where you're  going to put this. So I'm gonna go ahead and let this finish and then I will be right back. Okay,  so I've successfully unzip this file. And just for the record, if we hover over it,  you can see that it actually extracted to be 10.4 gigabytes. So let's make sure that wherever  you extract it to you have the 10.4 gigabytes in order to successfully complete the extraction. So  from here, let's go ahead and open up our VMware Player. And we're going to go to player up in the  left hand corner, we're going to select file, and then we're going to select open. And then we're  going to go to downloads. And we're going to go into our Kali Linux folder here, and or wherever  you put it, if you didn't put it in the Downloads folder, and then just select the one item that  should be here. It's a little four kilobyte file. And what this does for us is it automatically has  a build, that's just ready to go. So this is really awesome. We don't have to download the  image itself, and then install it and then pick all the features. No, this just ready to go for  us. So we can also come down here and select Edit virtual machine settings. And there are a  couple features here. So depending on the amount of memory that you have on your machine, so right  now this is sitting at two gigs of RAM, that's fine. If you want it to run faster, I recommend  going somewhere between four and eight. Obviously, the more RAM you give it the the better it's  going to perform. But if you're running on eight gigs of RAM for your machine, really not going to  do well for you. My recommendation is no more than a fourth. So if you're running on 16, then maybe  give this four, you could really try pushing it up to eight. But I am running on 32 right now.  So I could crank this up to eight by my rule here. But just for working with you and following along,  I'm going to set this to two and then we're going to perform into that way that we are working at  the same speeds across the board. Another thing that we need to know is the network adapter, by  default, it's set to net, we're going to go ahead and just leave that Nat here, Yours may come set  to bridge if for some reason it's set to bridge, you can try that. But my default preference is  Nat. So let's go ahead and just hit OK. Okay, and now we're just going to hit play virtual machine.  And a little side note, I am actually now on my OS, I'm running on my, my Windows OS as opposed  to just running inside the VM. If I was running a VM inside of the VM, I'd have a lot of issues,  segregation, etc. So now I've actually moved out of the VM and have this running and player  on my Windows OS. Okay, and then when we get this pop up here, go ahead and just say I copied it.  And this will start the machine. And you can see the other VMware Player back here,  it's going to go ahead and directly just start loading up here and we get to this screen. So  we click in and if we try to just enter in our username and password, our username by default  is going to be root. Our password is going to be root backwards, so t o r and then hit enter. Now  we can make this full screen over here by clicking this button. It will enter into full screen mode.  We are now successfully logged into our Kali Linux machine. We've installed this successfully and now  we are ready to start learning. So that's it for this video in the next video we're going  to be doing is we're going to cover some of the tools and features of Kali Linux. And we'll start  talking about what it's capable of and then we'll dive right into the terminal after that and start  learning some. So command line and some useful tools with Linux. So I will catch you guys in  the next video. All right, now let's take a look around Kali Linux, and just see what it has to  offer us in terms of tools, design, etc. So let's dive right in. Okay, so we're at our desktop here  inside of Kali Linux. Now you see the Kali Linux logo, you see, there's a couple of things on the  desktop, you don't have to worry about these. These are just from VMware themselves put on  your desktop. If you install this as an actual OS, this will not be here. So when we talk about  navigating around Kali Linux, there's a couple places that we can look, if we look right away,  you can see on the left hand side over here, we've got a favorites bar. So we've got our folders.  So if we click on the folders or files, we can navigate around this feels like any other machine,  right? We have our documents, downloads, music, pictures, if you're a Windows user, or Mac user,  whatever this feels pretty common. So this is a GUI or graphical user interface way of interacting  with the folders. As you move on, and we move on in this course, we're going to be living  in the terminal. So the terminal is right here. If you click on the terminal, this is something  similar to your command line. So from here, we can actually navigate to all these folders here. And  we can put files in there take files out anything that we can do in a graphic point of view,  we can also do from this command line point of view as well. So as we learn, we're going to get  a little less relying on the graphical interface. And more on the terminal side of things, however,  do know that there are ways to do a lot of things from a graphical side, if you still need that,  that interaction with the machine and you don't want to be completely keyboard oriented. There  are also tools on the side over here, if we look, we've got a leaf pad. So leaf pad is just like a  notepad, right, or, you know, just your notebook here, you can take some quick notes, save it out,  should be pretty familiar for you as well. So they've got Firefox, it used to be called  iceweasel. And that's just your web browser. Down here are some of the tools that you may use. Now,  burp suite is a very popular tool for web application penetration testing, we're not gonna  be getting into any of these tools at the moment. But I will cover what a couple of them do. So  again, burp suites, a web application penetration testing tool, if you ever get into web app,  or if you even get into some basic pentesting, chances are you're going to start using burp  suite on a pretty regular basis. Over here is Zen map. Now this is the graphical version of a tool  called n map. And you will be using n map pretty religiously when you're doing pentesting. So if  you like a visual view of doing scanning, so n map is a network mapper, it allows you to scan  machines for open ports, and for vulnerabilities. So if you want that in a more of a visual type of  view, or graphical interface type view, then you have Zen map as a feature. This little guy down  here is meta sploit. Now meta sploit is a tool that can be taught all these are tools that can  be taught in deep, deep lessons all by themselves, not to make that intimidating for you at all. Just  know that that's how robust This is we're looking at three tools right here, and they're all very,  very powerful. And this isn't even the half of it or the quarter of what Kali Linux has  to offer. So meta splay, you may have heard of it. If you've heard of anything in pen testing,  it is a framework that does just a little bit of everything. So a lot of pen testers live and die  by this. It's a fantastic tool in my opinion. And you're going to get very, very intimate with it  very, very quick if you do move into pentesting. Down here is a tool called cherry tree and that's  pretty much where I'm going to stop we've got multigo in Kismet, these are just this is  wireless base and this one here is is information gathering base, but cherry trees Another useful  one. If we open that up. This is actually another note keeping tool like I showed you leaf pad leaf  pads just for quick little one offs. cherry tree is more of note keeping as a whole. So you've got  nodes that you can add so you can add a node here and just say say you're following along  and you want to add notes. You can say Linux you know and then you have a note You can add all of  your notes in here. And then you can actually add children nodes as well. So maybe there's a command  that you want to add in. So say, we're covering commands and you want to write all the commands  in about Linux down here, you could do that as well. And then save this out. Nice thing too,  is that you can take screenshots and put them in here. And exports really nice. And this is  going to be very, very useful for anything in your career. But when it comes to pen testing,  there are so many tools, so many commands that I think it is incredibly important to be able to  take notes and cherry tree is built in already. Personally, I use what used to be in Kali Linux,  which is a tool called keep note, but cherry tree is a great alternative as well. So either of them  would work in i is highly recommended by me that you use some sort of note keeping tool as you  go through your courses and get better as a pen tester. So I'm going to close out of this here.  And I want to show you a couple more things, you have a feature here where you can show all of your  applications. So if you click on that, it'll bring up all the applications, including the ones that  are grouped down here. Another way to do this is if we come up into applications at the top,  you can see that everything is grouped really nice for you. So it goes through the steps of  penetration testing. And let's say that like, a, I'm gathering information on a client, okay,  well, here are some of the built in tools for information gathering right here. Say you want  to do a wireless assessment, and you want to do that those sorts of attacks, you've got all  these wireless tools built in for you right here. Now chances are, you're going to be running these  tools from the command line. So again, you know, you don't want to get too hung up on the graphical  side of things, as you may not always have access to that either. But it's important to know what  tools that you have in front of you. And there are even tools like Wireshark in here. So very,  very useful, pretty much a little bit of everything that you can imagine. So just,  you know, take some time and go through the tools. And if you're becoming a pen tester,  you're working on it, you know, just just, you know, look at a tool and do some research on it.  Say you want to know what this MAC changer is. It might be obvious, it might not be obvious,  right? So maybe you go Google, what Mac changer does, how to use it, what the syntax is, and then  you play around with that, pick a new tool every day, figure out something that you can do with it,  how to use it what it does. But so Kali Linux is a distribution full of useful tools. And  it it you know, for a base OS, it's fantastic. And this is why so many people in the industry,  just download this, install it and they're ready to go. You know, we talked about in a  previous video, how there are other OSS or there are people out there that like to just do their,  their base install. And you can see that there's bloatware here, if you want to call it that,  right. Like there's forensic tools. And maybe you'll never do any forensics in your life.  And you don't need all this installed in your system. So if you're a type of person that is,  you know, it doesn't want this extra stuff, there's extra software on your system, okay,  then maybe you do start moving towards that custom build. Eventually, in your career, you say, hey,  I want I want to learn all these things first. And then once I learned what tools I really like,  then maybe you move to your own distribution that you create yourself. And you spin that up every  time instead of having all these tools built in. But as a basis as something that you can learn  from and start with. This is why I've chosen Cali and this is why we're going to learn it today. So  let's go ahead. From here, what we're going to do is we're going to dive right into the terminal.  So let's just open this terminal. And then we're going to fullscreen it and move on to next video.  So from here on out, what we're going to be doing is we're going to be living in this terminal.  I'm going to back away from the graphical side of things and really just get your your hands dirty,  in the terminal make you feel comfortable. If you've never used Linux before, this is perfect  for you. So I'm going to give you the the pen tester perspective on why we're doing a lot of  these things. Some of these commands are going to be the same commands, regardless if it's on a Kali  Linux machine or if it's on another distribution of Linux. So you'll be able to take a lot of these  commands and just use Linux and another system as well. So if you're interested in pentesting,  if you're interested in Linux, this is where we really get into the meat of the course and it  should get interesting for you. So I will catch you over the next video we're going to start  talking about how to navigate File System and get comfortable with that. Alright, on to navigating  the file system. So first let's talk about some of the commands we're going to learn today. So  we're going to learn about pwd, which is present working directory, we're gonna learn about CD,  which is how we change directories. We're going to learn about LS, which is going to be listing  the files in a folder or in a directory. And we're also going to talk about how to find some hidden  folders with LS. We'll talk about how to make a directory and to remove a directory, we're  going to talk about copying, removing moving and locating files. We'll talk about something called  update DB and how that pertains to locating files. We'll talk about the password and how to change  our password. And we'll talk about an important command called man. So by the end of this first  lesson, you should be pretty comfortable with all of these commands and may seem a little daunting,  but they all kind of play in with each other. Again, please make sure to take notes you got  cherry tree built in. You can also use keep note or even just a notepad in front of you,  that'll help with the experience. And also maybe watching the video more than once will help with  the experience as well. So let's go ahead and dive right into the command line. So now our  first lesson in Linux terminology is going to be navigating the file system. So if you're a  Windows user, you're used to navigating your file system probably through folders through a GUI, so  a graphical user interface. Well, in Linux, we can do that. But the majority of time we're going to  live in this terminal here. So we really need to know how to get around. So the first thing we can  do here is we can say Hey, where are we at? And that's a pwd. So that stands for present working  directory. So you type that in, you hit Enter. And it says, Okay, we're in the root folder. So we  know that we're in the root folder, but how do we get out of the root folder, we can use a command  called CD. And that stands for change directory. So if we want to change directory backwards,  we just type in two dots here. And now we can say, okay, where are we at? So we're in a slash.  So we're just in a home folder here are just there our generic slash folder, right? So what we can do  is, well, how do we know Can we go backwards? from here? Let's keep trying. So we do pwd. Again, no,  we can. This is our base folder, right? So you have to think of this as the lowest you can go.  So now how do we move around? How do we know how to go forwards again? Well, we don't know what's  in our directories, right? So we're sitting in this the slash folder, and how do we look  around? So there's a command called ls that lists everything that's in the folder. So if we say LS,  we kind of see this color coordinated here. And the color coordination just depends on if it's  a folder if the folders read, right, you know, there's permission settings, which we're going  to get into later. But the majority of these here are folders. Okay, well, we know we just came out  of root so we can go back into root. Now, how do we do that? So we can say, change directory root.  And we can actually hit tab to autocomplete. I don't know if you caught that. But there's no are  any folder besides root. So at all, I can just hit tab. And it should type it out for me. Oh,  I lied. There's a run in here somewhere, but it's hidden. We're gonna cover that soon as well. So  our Oh, hit tab, autocomplete can change directory into root. So let's LS and root and see what's in  here. Okay, this is more like our home folder, right? So we've got desktop documents downloads,  this is kind of what applies to the root user. So what if we're sitting in this root folder here and  we wanted to access instead this Etsy folder? Well, could we do the same Etsy command here?  Well, I'm hitting tab, and nothing's happening. Well, because Etsy doesn't belong in this area,  right. But if we put a forward slash in front of it, because this is the base,  and then we hit et CIE, there, now we can navigate to the Etsy folder, and we can actually double tab  and see what's all in the Etsy folder like an LS, se no. Another way to do that is if we wanted to  LS what's in the Etsy folder without navigating to it, we can just type ls Etsy, and you can  see everything that's in here. So there's some some tricks that we can do right? So we don't  have to actually navigate to the folder to know what's in there. Again, if we LS. And we want to  know what's sitting in videos, or even, let's say what's sitting in desktop for our folder,  well, if we start typing desktop and hit tab, we can't do that either. Because everything in Linux  is case sensitive. So if we start typing desktop, and then hit tab, now, we can LS and see what's in  there. So our VM ware came with a couple of shell scripts here that are automatically placed on our  desktop, we wanted to confirm that you could see that they're both right here. So as of right now,  we are just sitting in our route home folder. And we know how to navigate around. So if we wanted to  go to desktop, we could, we could hit LS now and see what's in there. If we wanted to go backwards,  we could. Okay, now we're back in our, our root folder. And you can also tell where you're at your  present working directory sits right here, right. So this little a Tilda is actually your home  folder. And you can see that we're in desktop. So if we wanted to go back into our desktop,  instead of typing, so you want it to go to music from your desktop, instead of going route music,  which will work, you could also just say I want to go music. And that'll put you there  as well. And notice you don't need the leading forward slash when you use the automata. So  just some couple interesting tricks that you will kind of pick up along the way,  tab is definitely going to be your best friend. If you run into something with multiple options,  say you're trying to CD and you say I want to go on my desktop and you're tabbing it's not working,  you can hit double tab, and then it'll show you Okay, well, there's desktop documents, downloads,  those are your three options, start with a D. So now you kind of have an idea as to how to kind  of move around. But let's do a little bit more. So what if we want to make our own folder? Well,  there's something called make directory, MK Dir. So if we say make directory, and we'll  say I'm just gonna use my name here. So now if we LS, we can see that this he folder is now here,  we can go into the heat folder. And there should be nothing in it right? So we can go back. And  we can also get rid of the heat folder, remove directory heat, the LS again, it's gone. So now,  what else can we do? Well, we can also look for hidden folders. So we can say LS dash LA.  And we can look for hidden files and folders here. Remember the color coordination. So this dot cash,  right that in theory is a hidden folder. So if we say CD dot cash, we can go into there we LS and  there's actually some some information in there. But when you saw it originally, you didn't see  that, we're going to cover more on this, I just kind of want to show you that trick. As you see  over on the left side, there's file permissions and properties. So be aware that just because  it looks like something's not there, doesn't mean it's not there, it might just actually be hidden  similar to Windows where you have hidden files and folders. So just a quick trick to show you that.  So another thing we can do. So let's go back. And don't worry about what I'm doing here, you're  going to cover these commands in a little bit. I'm just going to echo Hi, and we're going to put that  in a test dot txt folder. So now if we LS, you can see that test dot txt is here. So if we want  to actually copy this file, we can copy this file to another location. So we can say, hey, I've got  this test dot txt, but I actually want to move it to downloads. And if we go LS to downloads,  you can see that test dot txt is actually sitting in there. And if we wanted to remove it, we can  just say remove from downloads, or test dot txt. Actually, sorry, remove downloads test dot txt,  we don't have to transition into that directory if we don't want to. So another trick, say we want  to see now that it's gone. We want to LS but we don't want to keep typing this out. If you hit the  up arrow. Now you can just see your old commands. So if you keep typing your command over and over,  you can see what's going on. So LS shows that there's nothing in downloads now we were able  to successfully remove that file. So another thing that we can do is we can actually move  so say we wanted to move test dot txt and we wanted to put that In the downloads, okay,  now if we LS test dot txt is now gone from this folder. Because we've moved it, we haven't made a  copy, we've actually physically moved it away. So now if we LS Actually, let's just tab up,  you can see that test dot txt is now in there. I'm going to remove that here. Okay,  and now the last thing I want to show you, is the locate feature. So if we wanted to locate a file,  say I wanted to locate bash, let's see. So we're looking for a file, and we're going to get more  specific along the way. But if you type in locate, you can kind of look through a  system to see if you can find it. Now I'm looking for, say, any type of bin bash or bin or bash,  that's fine. That's really what I wanted. But it shows you everything with bash in it. Now,  this might not work right away, what you might need to do is update the database. So you type  in update dB, it updates everything for you. And then you can use locate again. So it has to  build that database of the information that it's finding in order to locate what you're searching  for. So make sure that you use update DB sort of frequently. Okay, so two more things I want to  show you. And then we'll close out this video and move on to the next one. So an important thing you  want to do with your new account is we're using a default password, and that's not very secure.  So to change a password for our user, we can just type in pa SS WD. And now it's going to ask us for  a new password. So instead of using tour, we can use something else. I'm going to type in the very  secure password as my password for an example here. But if you plan on using this machine,  for future reference, you can type in a secure password and kind of keep it. So lastly, I want  to show you is something called man. So man pages, man pages are your instructions for any command  that you're running. Most commands come with a man page. So let's say we want to look at LS, we  can say man LS. And then it's going to give us all this information here about LS. So if you see it  says LS is list directory contents. Awesome. And then it gives you what options we can do. Well,  we can do a dash a for all what you saw earlier. And you can kind of scroll through here and just  see exactly what it has to offer. And that's kind of it. So when you go through here, you  can kinda you know, if you're struggling to like, you know, there's a command in there, but you're  not sure exactly what the command is, you can type in man and search it. And sometimes you can do LS,  I don't know if this is going to work, but dash dash help. And you get some information as well.  It doesn't provide you the full man pages, but it provides you something pretty close. So that's  kind of just your way around if you ever get stuck, something to look for. Okay, so that's it  for this lesson. Next, we're going to move on to users and privileges, how to add users and how to  how to change some pseudos and some modifications to our file permissions. So until next time,  my name is Heath Adams, and thank you for joining me. Alright, now let's talk about users and their  privileges. So what are we going to learn in this lesson, we'll do a quick user privilege overview.  From there, we're going to talk about the CH mod command, which is the change mode command,  that's going to let us change the permissions on a file or directory. We're also going to talk about  how we're going to add a user with the Add User command. From there, we're going to take a look  at a couple of important files. One is the Etsy password file. And the other is the Etsy shadow  file. So the Etsy password file is not actually where the passwords are stored on a machine. That  is the Etsy shadow file which stores the hashes. But the Etsy password file does store it where the  users what users are on the machine. And you can correlate that to the shadow file. So we'll talk  about those in more detail and their importance to pentesting. Very, very important. And then  we're going to talk about su which is the switch user command. And finally, we'll talk about sudo,  which is a command that allows you to elevate your privileges on a Linux machine. So let's go ahead  and dive right into our lesson. Okay, so now we're going to cover users and privileges. So in the  last video, we touched a little bit on privileges with our LS dash l A. And we touched a little bit  on users by changing the password of our root account. So now we'll cover a few more commands  regarding those. So if we look at ls dash l A. You could see all this crazy, jumbled wordage over  here, right? So it actually means something. So we look at the first line here, if we see a dash,  like this a hyphen, that means it's a file. If we see a D, that means it's actually a directory. And  then you see our W and x. So rW x actually means read, write, execute. It's the permission settings  that this particular group has. Now there are three groups here, there's the first, second,  and then your third right here, right? So your first group, right here is the owner of the file.  So it looks like the owner of the file has full READ WRITE execution, right. And then the next set  of three here is actually the permissions for the members of the group that owned the file.  So this is a group ownership as opposed to actual ownership here. So for the people that are in the  group that has access to this file, they can only read and execute, they can't write to it. Now,  for the last one, this is just all their users. So any common user here can actually just read  and execute, they can't write the document. So that comes into play, especially when we get  into penetration testing, because with penetration testing, we're looking to have full access, right,  so we're always gonna be looking for that folder that has full READ WRITE. Typically, if we look at  temp, that's our temp folder. A lot of times, you see the temp folder has full read, write, execute.  So when we're doing penetration testing, we're trying to upload some sort of exploit, we might  actually upload it into the temp folder, because that's where we can execute those, those files.  However, we could also be looking for other full READ WRITE execute files, where we need to modify  them and give us root access to a system. So it's all about insecure configurations. And we're going  to cover that more once we get into the actual penetration testing part of the course. So for  the Linux essentials part of the course, all we need to worry about is these file permissions.  Another important feature of that is if we were to create a script, or scripts not gonna be able to  run until it has full access. So how do we change access here. So let's make a file. I'm just going  to make all this echo another text document, right, so we'll just say hello. And actually, I  typed that in backwards. So hello, and we'll call it Hello dot txt. So if we LS here, by default,  we only have read write and then read access for everybody else. Meaning if we wanted to read it,  we could say cat, which we're going to get into later. Cat Hello, dot Tex, and it just says hello.  So what can we do here? Well, we can use something called change mode, in changing mode is CH, Mo D.  And we have a couple options here. So we can do a plus, right, and we could say, well, we want  READ WRITE, execute, or we just want execute. But another way I like doing it is you have a number  feature. So the one you really need to know is all sevens. sevens gives you full read write  access across the board. So if we say ch mod 777 Hello dot txt. Now we LS LA. And you notice  that Hello dot txt turns green, that means it is full rewrite. And here you go. We've got  the dash here saying it's a file, and we've got READ WRITE execute across the board. So this is  how we change file permissions. You don't need to necessarily know about the other numbers in terms  of penetration testing, it becomes more in terms of configuration and security management of files  if you were to get down that path. So just stay on the easiest path. Just remember 777 or plus x will  work as well. So changing the mode is is critical. And we're going to cover it time and time again  throughout the course, once we get a little bit deeper. So a couple more things we need to talk  about. say we wanted to add a new user. Well, there's a feature called Add User. So we say Add  User, and one or two names is allowed. So we need to add user to john. Okay, so it made something  for john. Let's give him a password. Give them a password again. And we'll just hit enter for the  default. It's all correct. Okay, so We now have a user named john. And we can confirm that we can  actually cat The Etsy password file here. And you see down at the very bottom, we have this user,  john. So this Etsy password file you're going to become very familiar with, because it shows  you all the users now this will, there's a lot of times when you're doing penetration testing,  you're gonna have access to this Etsy password file, because it doesn't provide the password  anymore, it used to a long time ago, passwords are now in the shadow file. So you actually have  a little bit of access and information disclosure here at the hands of poor configuration. So you  see that I've created a user john, well, that gives us a little bit of information, say there's  SSH on a machine or something else, we can use that username for john to try to break into the  machine. So we'll cover that again later. But if we wanted to see what the Etsy shadow file looks  like, now we come in here, and you've got these, these jumbled stuff here, right? So it's just a  hashing format. So what we're doing is we can actually use a tool like hash cat to break this  down and crack these passwords. Now, a password of password will be very easy. But just know that if  you have access to the Etsy shadow file, you have a good chance of cracking a password, depending on  your capabilities, and depending on the strength of the password, that allow you access to a  machine. So something to think about there. Okay, so now we have our user john, let's go ahead and  switch to him. So we can use something called Su, which stands for switch user. And we'll say switch  user, john. Okay, so automatically gave us john here, let's see if we could switch back to root.  Okay, we can't just switch back to root, because we need roots password, right? So we can type  in password, and that works. But if we didn't know the password, then we'd be stuck on john,  we are able to access john because we were already root. So this comes into play in terms of users.  Let's go back to john here. Now, if your user you have to be able to do certain things,  you need permission to do certain things I should say, right, so root has full access and permission  to do everything. But john, we just created john john doesn't have any sort of access. So if we  wanted to, if we wanted to change the password, say we want to change the password for for root.  I can't modify the password information because I don't have that kind of access. Now there is  something called a pseudo which would provide john the access if we gave it to him. So it's  called a sudoers file. And basically, anybody in that sudoers file can change permissions given  if they are a pseudo user, right? So we would type in sudo, password root. And it's going to  ask for the password for john. But you're going to notice, hey, John's not in the sudoers file,  john can't do this. So john has base permissions, right. And we're going to counter that a lot of  times in penetration testing, where if we get in, we'll get something called lower privilege. And  we'll get an account like john, and we're going to try to escalate into root but we just can't do it,  you know, the chances of doing a doing that and having a john in a sudoers file is just not high.  It's possible, but it's not likely. So for now, just know that if you want a user other than root,  to have access to file permissions, you need to have them in the sudoers file, that becomes  useful to in penetration testing, because you can look at the sudoers file if you have access  to see what users have sudo privileges. Okay, so that is it for this lesson. In the next lesson,  we're going to be covering network commands, and moving on gradually towards scripting. So let's  go ahead and get there. And I will see when we get over there. Alright, so now we're going to  be covering common network commands. So before we dive into the commands we're going to learn,  I'm going to go on a tiny bit of a rant here. So if you are not familiar with networking,  now's the time to become familiar with networking. There are two things I think that a person needs  before they really can dive into pentesting. And that is Linux experience, which you are gaining  some Linux experience now because most pen testing is done in Linux. And the other thing is to have a  good network foundation. So if you're looking at these commands here, and I say if config,  which if you're a Windows user, and you hear IP config, do you know what that is? Okay,  that's basically the same thing. If you know what ping is, if you know what ARP is netstat route,  those should all be pretty familiar where you can guess what those are. If you do not  know what these commands are, you might want to brush up on your networking as well. Because the  better you are at networking, the better you're going to be when it comes to pentesting, because  you're going to have to navigate around networks, you're gonna have to understand where you are at  in a network, you're going to need it for basic troubleshooting as well. So just to understand  these commands are gonna be very important. But what we're going to be doing here is we're going  to be taking common network commands that we're going to be running as a pen tester. And we're  just going to apply those to their version in Linux. Some of these may be familiar to you,  some may be new to you. But we're talking here if config which is going to show us some information  very similar to IP config in Windows, where we'll see our ipv4, ipv6 if we have it information,  our MAC address, things along those lines, our subnet mask, etc. The IWC config is the wireless  adapter version of that. Ping is a ping command, where we talk over ICMP, and we try to communicate  to another machine to see if it's alive and responding back to us. We've got the ARP command,  which just maps IP addresses to MAC addresses. And we've got netstat, which is just a command  line tool that's going to allow us to display all connections and listening ports. And then finally,  we've got route which displays our routing table. So we'll go ahead and take a little bit  of a deep dive into those in this next lesson. And hopefully, this is a refresher for you. So again,  if not, then you should be looking into some networking studies as well. Okay,  so let's go ahead and dive right in. Okay, so now let's cover network commands. So the first  command I want to cover is if config. So you may be familiar with the Windows version of this,  which is IP config. And they pretty much do the same thing. So it shows you here, your different  interface types and the IP address associated with them. So it's zero here, Ethernet zero,  has an IP address of 190 2.1 68.13 2.164, you can see the netmask, the broadcast address, and you  can see the MAC address as well. And we also have a loopback address here. Now, if your machine has  a wireless adapter, or at some point, you want to do wireless penetration testing, you're going  to need a W config. And you should not expect to see anything on this at the moment, unless  you're using a laptop, then you actually might see configuration down here for it. If you would see  something under IWA config, you would see like a W LAN one w land zero, something along those lines,  okay, and another common command that we're going to see is going to be the ping command.  So we can just type in ping, and the address that we're trying to talk to. So for example,  I'm going to try to ping my home router. And I get talking back. So if I tried to ping something that  wasn't in my network, like a 16.1, you're gonna see the results change. So with ping here, ping  is going to be endless, until we hit something like Ctrl C to stop it, it'll ping forever. So  I'm gonna hit Ctrl C again, and kind of show you the difference. So you see that we attempted to  ping here. And we got replies, we got information back. Well, that's good. That means we're talking  to the other machine, it says, Hey, are you there? It says, Yeah, I'm there. And we try to ping this  machine here. But this machine's not talking back, it could mean that the machine is on the network,  or that the machine is just blocking ICMP traffic. ICMP is a another word for Ping. So moving on to  the next command, I want to show you ARP. So the best way I like to type in is ARP with a switch of  a and ARP is just going to show you MAC addresses that it talks to and the IP address. Actually,  I said that backwards, it's going to show you the IP address it talks to and the MAC address  associated with it. So if an IP address reaches out, say 192168 15.1 talked out to this machine,  it's gonna say okay, Hey, who are you? It's gonna send a broadcast message out to say who has this  IP address? And then the IP address will respond and says, Hey, I do and this is my MAC address. So  ARP is just a way of associating IP addresses with MAC addresses. And once you know that,  you can also look at netstat So netstat dash a and O is another one of my favorite commands. And this  shows you just the active connections that are running on your machine. So if we scroll way up,  and you can just kind of see what's open and what's talking here, where this really comes in  handy on a penetration test is to see if a machine is talking to somebody else. Same thing with ARP,  you want to know what that machine is associated with? And is it talking to something on a port. So  this is more just internal right now, but it's still good to know. So for example, if I were  to open up a Firefox page and connect out to the internet, then I went and I did a netstat. Again,  I would see information about that port being open and, and that I am going out with it. So  just kind of keep that in mind. These are not commands that you really need to know in depth  right now. Networking does come into play when you are doing penetration testing. But what we're  going to cover these commands time and time. And again, I just wanted to give you a very  brief introduction to them. Okay, in the last command that I have for you today is route C,  if you type in a route that's going to print your routing table in the routing table is  important because it tells you where your traffic exits essentially. So for this VM, my traffic is  exiting on 19216813 4.0. So any traffic goes out of this 0.0 dot 0.0 gateway, in this range, right.  So when it goes out this gateway, it's doing Nat so network address translation, and it's running  off my computer. So the best examples aren't here. But it's important to know route as well, because  there could be a machine that you're attacking that has multiple routes. So you might see a 134  and a 135. Because it has a dual home Nic meaning it has two NICs inside of it. So it's actually  talking to a completely different network that you didn't know existed. So you might have been  attacking one network on the 134 range, and then 135, just out there, and this computer can talk  to both and until that point, you had no idea. And that's the idea of called pivoting when you switch  a network from one to the other, but you're using a machine. So that's it for this lesson. In the  next lesson, we're going to talk about viewing, creating and editing files. Okay, so viewing,  creating and editing files. This section sounds exactly like what it is. We're going to talk about  how to view create and edit files. Mainly, we're just going to be showing how to create quick text  documents. But we'll teach you commands that will allow you to do further in the future,  as you will see as we get further in the course and get into scripting. So let's go ahead and take  a look at some of the commands that we're going to be learning. So some of the commands that we're  going to learn, we're going to learn the echo command, which echoes what we write right back out  to the terminal, we're going to look at the cat command, which is going to print out a document  for us it's similar to type in Windows, we'll talk about replacing versus appending. And which,  which function does which and how to do it. We're going to talk about the touch command,  which can be used to create a file on the fly. We'll talk about nano, which is a text editor  that's built into the terminal. And then we're going to talk about g edit, which is also a text  editor. But it is a GUI text editor. So we do get a little bit of gooey in this lesson. So let's  go ahead and dive right in. Okay, so this is my second time recording this video. The first time  I forgot to turn my microphone on and performed for my cat. So she approved of it. Let's see if  you approve of it the second time around now that I have a little bit of practice. So we're gonna be  talking today is really talking about viewing, creating and editing files. So I've already  showed you the echo command. If you recall, we used echo to create a file, right? We created  a Hello dot Tex. And we can just echo Hello out to the terminal. We could say echo Hello,  and I'll say hello back. So what we can do with echo is we can use it to write to a file. So if  we were to say echo, hey, and then we write it to Hey dot txt. Well, we can look and see that hey,  dot txt is here. And you can see my files from the previous one. So I'm trying to Come with more ways  of saying hello. But we're going to use hate text here. So if we cat hate at tax, a all cat does is  print out to the screen what is in a file? It says, Hey, okay, so let's say we want to append  cat are we want to append hate. txt? Well, we can tab up here. What if we just say, hey, again,  we've got this greater than symbol here. And we're just putting it into the hate. txt file. Well,  that didn't work. We didn't append it, we actually overrode it. So what if what what can we use to  actually over append this, here's what we can do is we could say, hey, again, again, right? Just  to give us something different. And we can add a second greater than symbol here. So now if we cat  the file, you can see that we actually appended to the end of it. So this becomes incredibly useful  when we are either adding stuff to a list say we're gathering IP addresses, and we just want to  combine our lists, or when we're creating a series of commands, and we're going to use those commands  to send all at once. We're going to cover that later, when we're talking about file transfers  in the penetration testing section, where we use a set of commands like this on a Windows machine.  To actually transfer files via FTP is just so much easier than typing them all in one by one,  we can create a little document and run the document. So this becomes useful when we have  a series of commands and for other reasons, as well as you'll learn as you go on in your Linux  career. So we've talked about Echo, and we've talked about cat. So let's talk about some other  ways to create a file, we can use something called touch, and to say New File dot txt. And if we LS,  you can see that new file dot txt is here. But if we cat new file, there's nothing in there because  they haven't put anything in there yet. So there's a few things that we can do, we could use echo  and append the file, right? We can also use a tool called nano. nano is a terminal text editor. There  are other terminal text editors like VI and vim. I don't prefer those Personally, I like now the most  some people have their preferences. So I encourage you to play around with any of them as you wish VI  and vim are the other two. But for this course, we're going to be using nano. So if I say nano,  new file dot txt, I could type whatever I want in here. We're going to be using nano a lot to create  scripts to create Python scripts. And to edit shellcode as we get into a little bit exploit  development. So I'm going to hit Ctrl x, I'm going to hit y for saving, and then we'll save it to new  file dot txt. If we cat this, now it says hey, I could type whatever I want in here. So that's one  way of editing it. Another way of editing it is using a graphical interface. So we can use g edit,  and say new file. And if you don't like using a terminal, you're more than welcome to use g edit  here. Just type in new line here and save it. And I like using g edit, it's a lot cleaner, because I  can you know, highlight and delete, I don't have to use my keyboard to navigate around like I do  in the terminal. So if you have the option to use g edit for sure, but sometimes you're going to be  on another machine that's not your own or is headless and doesn't have a GUI that you're  going to have to use now. So get comfortable using both. So we save this, let's go ahead and cat it  out and see what happens. Okay, you can see that the new line is in there. So really, that's the  overview that I wanted to cover. So just know that you can create files pretty much using echo touch.  And actually, you can create files using nano as well. If you say nano, this is new text. I'll  just say hello, control x, save it, you LS you can see this is new text is right here. So you  can use all of these tools in different ways to create files, it's completely up to you how you  want to do it. Personally, when I'm creating a file, I use nano and I just create a new shell  script Python script. txt document that way, you could also do it using g edit as well. So just  know that we're going to be using these a lot and try to get comfortable with these. And from here,  we're going to be moving into controlling callee services. So we're just going to briefly talk  about what services you need running on boot and how to do that. All right, In this video, we're  going to be talking about starting and stopping Cali services. Let's go ahead and just take a  quick look at the commands we're going to learn. So not a lot of commands in this video only two,  we're going to talk about the service command, and the system CTL command. So the service command  deals with services, it's going to allow us to start and stop services on the fly. And the system  CTL command is going to allow us to enable or disable services so that they load up on boot, or  do not load up on boot. So let's talk a little bit more about services and look at how these commands  can be useful for pentesting. Alright, so let's talk about starting and stopping services. So  when we're in Cali, there are a couple different ways that we can start and stop services. And  when I talk about a service, I'm talking about something like a web server, or SSH, or maybe a  sequel database. So we cover this video today, I'm going to show you a few different services  and how to start them and stop them. I'll show you how to start them permanently on boot. And we'll  talk about which services are important to keep on boot, which services are important to start  when you feel like that just starting them or when you need them, etc. So let's start with our first  service, which is going to be Apache two. Now Apache two is a web server. So let's go ahead and  do a proof of concept. First, let's start with a command that we learned in an earlier video,  which is if config. I'm going to grab our ipv4 address right here. And I just want to copy this,  I want to go out to a web browser over here. And we're just going to paste this address. Now you'll  notice that it says it's unable to connect, this is expected here we're not running a web server.  Now let's go back in here. And let's just say service, Apache to start. Okay, looks like it went  through, let's go ahead and hit Enter again. And now you can see that Apache to Debbie and default  page has been loaded. So what has changed? Well, when we boot our machine, this Apache two service  is not running by default. So if we want to run a web page, then we actually have to start up  the service for to work as you just saw here. Now you can see that if we want to add files or place  files here, well, we're going to have to edit the var www HTML folder. So if we come out here,  and we go into other locations computer, and then we go into our bar, www, HTML, you'll see that the  index, that HTML page is here. So if we actually wanted to maybe host a malicious web page and have  it pointed back to us, this is one way we might do it right here. If we want to serve up some files,  say we have something that we want to upload to a machine that might be malicious, or, you know,  a file that we want to transfer to somebody else or download on another computer doesn't have to be  malicious, we could host that file in this folder here. Now that is fine. This is one way to do it,  right, you can put your files all in one location. But you know, it's not my favorite way, it was my  favorite way when I first got started. There is a much easier way now and I will show you how to do  that. So let's go ahead and type ls, you'll see we have no documents here. So I'm just going to  echo Hello into Hello dot txt, and then have that Hello dot txt here. Now what we can actually do  is we can spin up a web server. So we can just say Python dash M for module and say simple HTTP  server, you can auto tab it, and then say 80 for the Port 80 is already in use. So let's just give  it 80 8080 is in use from the Apache server at the moment. So instead, let's look at what happens.  So let's just call it out at 8080. And you can see here that I can go to this Hello dot txt  and actually get the file, I have information in real time whether or not that file was captured.  And overall, this is just a web server that's so easy to spin up, I can put it in the directory  that I want it to. So if I wanted to serve my desktop folder, I would navigate to desktop and  then spin this, this Python module up. I don't have to put everything into a VAR www folder.  And it just makes life really, really simple. So just proof of concept. We can do a service,  Apache to stop and we can come back and make sure that that web server has been stopped by going  here. and refreshing. Now you can see that it's gone, we can CD into something like downloads,  we say LS, there's nothing in here. So we can tab up a couple times, and just serve up Port 80. Now,  because you can see it's not in use anymore. And come back here, refresh, you can see there's  nothing in the directory listing, because there's nothing in the folder. So this is just an easy way  to spin up a web server, I think it's much easier than Apache two, I'm showing you both because they  like to give alternatives. But using Python moving forward is a great, great feature. My challenge to  you is to look up how to spin up a FTP server with Python. So I won't get redundant here. I  do have future lessons and other courses that talk about this. But if you want to challenge  yourself to figure out how to spin up an FTP server, that's my challenge to you, there's  a module out there that you can download quite easily and spin up your own FTP server. So let's  go ahead and Ctrl C, and we're going to close out of this. And now let's talk about spinning up a  service permanently. So let's say that we just had the Apache two running and then we rebooted the  machine. When we reboot our machine. Apache two is not going to be online. Because we're only doing a  service start, it only holds during this session. Once we reboot that it session is gone, that  service is gone. So if we want to keep something online the entire time, what we can do is use  system CTL. So we can say system CTL. Enable or Disable if you want to disable something. And  for example, we can say SSH now I'm not going to hit enter here. This is just as an example. Let's  say that we wanted to have an SSH available on our machine so we can SSH into it. We are opening up  SSH for this feature here. Okay, let's say that we want to have a server and this is one I do  want you to hit enter in. This is going to be a database, right? This is a PostgreSQL. So we're  going to say systemctl enable PostgreSQL. And we have enabled that so now when we reboot this  PostgreSQL will load every single time. Now, why is this important? Well, this is important because  it's going to allow us to run meta sploit and have the PostgreSQL database running when we boot so it  doesn't have to take the extra time to load it. If we come over here, and we just click on the meta  sploit framework. Now PostgreSQL is working, and it says database already started. So it's already  configured, it's going to skip initialization. And it's going to go ahead and get right into it. So  it just says a little bit of time that display can take some time to to run. And I think that if you  continue on, I know if you continue on with being a pen tester, you're definitely going to be using  medispa quite a bit. So this is just one feature that if you're going to be using it, it doesn't  hurt to have it enabled on your system boot. Now if you feel that you want to have a patchy  two on boot, you can go ahead and do the same thing with the system enable systemctl enable,  but the only one that I recommend putting on is this system CTL PostgreSQL. Okay, so that is it  for this video. In the next video, we're going to be talking about installing how to install  things from GitHub and how to install using apt get. So let's go ahead and move right into that  video. All right, welcome to the Penn ultimate video, we are going to be focusing on installing  and updating tools. So let's look at our agenda. So what are we going to learn we're going to learn  how to install updates for Kali. So we're going to learn how to install updates using a tool called  apt get. And we're also going to learn how to install tools using apt get specifically we're  going to be installing a tool today called get we're going to be using Git then to clone from a  website. So sometimes when we have a tool that we want, it's not always in apt get, it's not in the  repository. So we're going to actually have to use GitHub and maybe use a tool called Git to download  tools or other items from GitHub. But this is just going to be one example. But it's a very,  very common example that you may have to do as a pen tester. So let's dive in and take a look at  how we can use these commands to install tools and update tools. Okay, so one of the important things  you need to know is how to not only install files on your computer, but also how to install updates  on your computer. So for Cali, since it's a Debian base, we're going to use something called apt get  and the first thing I'm going to show you is how to install updates. So the common way to Do this,  if you don't use the GUI and you want to use the terminal is apt get update. And then we'll do  and apt get, upgrade. Let's go ahead and just hit enter on this. Let's explain what it's doing. So  the first command here is saying apt get update. So what we're doing is we're looking through  packages. Now these packages are predefined the repositories. And what it does is it says, Okay,  I'm going to check packages here for updates. And it went through looks like they use archive Linux,  dude, it you, they check these packages here. And they update the packages. And then once they  update the packages, they run this command. So basically, the Add command is you're going to do  something as well, right? So first, we're going to update and then we're going to upgrade. So  based on what's in these packages, it's gonna say, Okay, well, we know the following packages were  automatically installed and no longer required. So all these things right here, they're gonna be  removed. And then the following packages have been kept back, okay, they're fine. They're not going  to uninstall those. And then we have the fine packages that are going to be upgraded. Okay,  so it's a long list that needs updating. And then you come in here, and you say, Okay, well,  it needs 252 megabytes of additional disk space to continue, you can hit enter for Yes. And it'll  automatically start upgrading. So if you want to update your machine to its newest and best form,  you can go ahead and do that, I'm going to go ahead and just hit no on this guy. Okay, and now,  it's also important to know how to install files. So I'm going to show you two different ways. One  way is through apt get similar to what we just did. And the other way is going to be through  Git itself. So let's go ahead and install git, we're going to use apt get to install Git. So it  will look something like this, we'll just say apt get install, get. And we'll hit yes on this. And  another way to do this is to add a dash y at the end of this. So you'd say apt dash get install,  get dash y. And that'll automatically say yes, if you just want to accept whatever's coming out  for you, you go ahead and just hit yes on that. And it may take a minute for these to install.  While this is installing, let's go ahead and talk about what Git does. So Git works with GitHub. So  when we talk about GitHub, we're talking about a lot of people update their projects, their code,  their frameworks onto GitHub, especially in the penetration testing slash hacking community,  it's often that you're gonna find some cool tools that are out there that are installed  on Kali Linux can't be found through apt get, and you have to actually download them from GitHub.  So it's very important to know how to use Git. And it's very, very simple. So we're on a page  like this. This is Vail framework. It's a very popular tool in penetration testing and malware  analysis as well. So say we wanted to install this, well, there's a couple things we could  do. The first thing we could do is always read the directions and see what they recommend. There is  a quick install here. And if you look, they have a apt install Vale here with the dash y. So that  will work. Or you can use gets install, where you have to install Git first. Okay, and then we do a  git clone. And we run the configuration setup. So that's what we're going to do here, we're going  to install Vail just for the fun of it, just so you can kind of get used to how to use GitHub how  to use Git, and go from there. So let's go ahead and just Alt Tab back over looks like we have it,  we can check it by typing Git and hitting tab. Okay, so Git is here. And we're just going to hit  space, we know the command is clone. And while it provides it for us down here, it says, Hey,  get clone, copy this. The other place you can do is right here where it says clone or download,  you just copy this bad boy right here. We'll all tab back over to our terminal and just hit  paste. Okay, and this is going to install in the directory that you choose. So I just put  it in this root folder here. And actually our home folder I should say, and it's installed right here  the folder is they all right here. Typically when I install things, I like to put them in  the OPT folder. So here CD OPT, but since I went ahead and downloaded here, let's just go ahead for  an example purpose. If you Do you want to install to object, you're more than welcome, you can move  the folder there as well. So what we're gonna do is we're going to CD into Vail. And then we'll  hit LS. Now remember, there were instructions. So let's go ahead and look at what those instructions  were. These instructions said, you're going to run dot forward slash config. setup that sh,  forced silence, let's go ahead and just copy this guy. We'll come back in here. And we'll hit paste.  And it's just going to run out of this config folder, setup that sh. And now it's installing. So  we could have easily installed this with apt dash kit, which, if you look, look what it's doing,  it's actually rolling through the packages here. And it's updating the repositories,  right these packages, and then it's going to go ahead and download what it needs. So it's running  apt get anyway, if you see updating apt, it's installing the dependencies. So the easier way,  the quick way, which he suggested was to do it through there, and it's right, they don't always  have the installed packages in apt get. So that's why I wanted to show you the GitHub version of it.  So you can go ahead and let this install. Let's just go ahead and recap quickly what we just did.  So we used, we used apt get update, and upgrade to install updates in our system. We used git clone,  to be able to download packages and clone packages off of GitHub. And we used apt get to be able to  download Git itself. So that's really it for this lesson, what I do encourage you to do is go  through the man pages of get and go through the man pages of apt get, because you're also able  to remove programs, update specific programs, etc. So this lesson really just wanted to introduce you  to the basics of downloading updating for your system. I encourage you to learn how to remove  files, as well as a little bit of homework for yourself. So thank you for joining me, and I'll  catch you over in the next lesson. All right, welcome to the last lesson video. So in this  video, we are going to be scripting with bash. Now this may seem a little overwhelming at first, what  we're going to be doing is building out a ping sweeper script, it's going to be pretty basic.  And what I want you to do is maybe just watch this video once, and then the second time through,  really try to follow along with it, take notes, etc, I think of first time watch through you know,  just to get the concepts, understand what I'm doing. And then the second time really,  really get hands on with it. And I think that will be probably the best way to learn. But if you have  a different learning style, please do go ahead and try that as well. The only thing I could say  is don't let this intimidate you. Hopefully by the time the video is over with you will have a pretty  good understanding on basic scripting and how scripting can really be beneficial and improve our  timing, improve automation, etc. So let's go ahead and quickly talk about some of the things we're  gonna be learning in this video. Okay, so some of the commands and items we're going to learn,  we're going to talk about grep, which is going to allow us to narrow down some results. We're  also going to talk about cut and T are both of those are also going to help us narrow down some  results. So basically, we're going to start with a ping, that we're going to send out and we're going  to want to gather information back that says that ping was valid. So we want to know any computer  that responded to us. Well, how are we going to do that? Well, we need to identify what a valid ping  looks like, we're going to use grep to to kind of narrow down a string or a sentence or something  that identifies with a positive Ping. And then we're going to cut out everything we don't want  and use tr as well to cut some things out that we don't want. So we're going to put this into  a script when it's all said and done. And we're also going to be talking about the usage of for  loops and their importance, not only with using them in this script, but how we can use simple  one liners to do everyday things for us. So I'll show you at the end of the video how we're going  to use like n map and use a for loop with n map to run through and map scripts. So stay tuned through  the video. Again, if you are a hands on learner, maybe first time through you you try hands on but  my recommendation here is to just sit back, watch the video understand what's going on. Second time  really follow along with it, take notes and get the most that you can know this lesson. So let's  go ahead and get started. Alright, so now we're going to be covering bash scripting. So the first  thing we're gonna need to cover before we get into writing our scripts is how to narrow down  results. And we say narrowing down results. What we're saying is for given a block of text, and we  want to extract some information from that block of text, how are we going to do that? So that's  what we're going to cover in this lesson. Okay, so let's go ahead and get started. What we're going  to be doing today is narrowing down a ping result. So if we come into here, and we need to ping an IP  address within our system, so I'm going to be pinging 192 dot 168, dot one dot 90. And you're  going to see that it returns a 64 bytes from that address. So it looks like we're getting  a response. I'm going to hit Ctrl C here. So if you remember from the networking section,  we actually get a response unlimited until we cancel it, right, like we just Ctrl C here from  Ping. So there's another thing that we can do, if we only want to send one packet and see if it's  alive or not, we can do a dash c of one. So we're just going to do that. So that's a count of one,  we're sending one packet over, if we set 10, it would send 10 packets over if that makes sense.  So now what we're going to do is we're going to put this into a txt file. So if you remember from  previous video, we just use this little carrot here. And I'm going to call this IP dot txt. Okay,  and if we cat IP dot txt, you'll see the same results there. So now what we're going to  want to do is we're going to want to narrow this down. What do I want to extract from here? Well,  I want to extract this IP address. And it'll make more sense when we get into the scripting  part. But what we're going to do is we're going to get out, specifically of this,  this IP address from this line. Now, all we're interested in actually is a returned IP address  that has a valid response, right? So if I were to tack, or if I were to enter in here, save 15  dot 90. Okay, there's no response there. So this is kind of what it looks like. When it doesn't get  a response back, it just kind of lingers. And then we hit Ctrl C, and it says, zero ping statistics,  right, nothing was was received back. So what we see when we get a response back, as we see  64 bytes, when there's no response back, we don't have any bytes. So if we're doing a sweep through  a network, which we're going to be doing later, we need to be able to narrow down these results.  So if we're sending say 190 2.168 dot 1.1, all the way through to 55. And we want to see who responds  back and then take that list and narrow it down to the IP addresses, which exactly what we're  going to be doing, we need to know how to narrow that down. So we're going to be narrowing down on  specifically is 64 bytes. So let's tab up a couple times to this cat IP address. And we're going to  do a pipe and the pipe just means we're going to add an additional command here. So the additional  command we're going to do is called grep. grep is going to grab any line with what you specify.  So let's specify 64 bytes and see what happens. See, now if you notice, we had all of these lines  before. And now a grep is doing is grep is taking only the lines that contain 64 bytes. So again,  a valid response. So we have 64 bytes here. And we have achieved a response. So what we're going  to do now is we're going to narrow this down some more. Okay, we've got this line here. But again,  we're still trying to extract this IP address. So how can we do that? Well, there is a tool  called cut. So if we tap up again, we do another pipe because they're sending a new command. We're  gonna say cut and cut syntax looks like this. And I'll explain it once I type it out here. Okay,  so we have cut, and then this hyphen D, that's a delimiter. So the delimiter is what we're going  to be cutting on. So we're giving a delimiter of a space, meaning here's a space, here's a space,  here's a space, so we're going to be cutting on these spaces. And then we give a field,  we say okay, what field we want to retrieve back from this cut. Okay, we want field four,  if you look 1234 and the fourth field is our IP address. So it's going to say okay,  I'm going to cut on this space, I'm going to cut on this space, I'm going to cut on this space,  and then I'm gonna take it right here. Now if we identified field five, we will be taking this if  we identified field three we'd be taking from so let's go ahead and just hit enter and see what  that looks like. Okay, so now we are narrowed down even more. But there's an issue here, if we were  to try to send this IP address, we would have this little colon here attached on to it, and you can't  ping with that IP address. So we're going to be doing a sweep or narrowing down this list, then  we're going to actually need to remove this guy here. So let's take a look at how we do that. So  if we tab up again, and again, we're going to add a pipe. Now we're going to use a command called  tr. And tr just means translate, what we're going to be doing is another delimiter. So dash D there,  and we're going to be taking out that colon. So it should look something like this. If we hit enter,  now you can see that that colon has been removed. Okay, now let's talk about how we can use this  information to write out a script, we're going to start with a basic script, and we can add upon it  as we go. So I've gone ahead and written out a script, but we're going to talk about it very  slowly, so you can actually look at it and copy it down. So what we're going to do is go ahead  and say g edit, and I call this IP sweep.sh. So go ahead and do the same or something similar,  and hit enter. So let's take a look at this script. So at the very top here, we have to  declare what we're doing. So we're going to give a hash bang. And we do this with any scripting  language. So if was a Python, we'd be entering Python here, but this is bash. So we're going to  be doing a forward slash bin forward slash bash that declares that we're running a bash script.  And the.sh also indicates that we're running a bash script. So I want you to ignore this line  here in this line here. For now, let's talk about this line. This should look very, very familiar.  So we're doing in this line, we're saying we're going to ping with a count of one, which we talked  about. And then we're going to do something here, we've got $1, sign one and $1 sign IP, let's just  ignore that for now. Okay, so we're going to go ahead and do the rest that should look familiar,  we're going to say we're going to grab 64 bytes, we're going to cut the delimiter of a space field  before, and then we're going to do a translate, right and take off that little bit at the end.  Okay, I added an ampersand here at the end. So an ampersand allows us to do threading. So that's  exactly why it's in there. If we didn't, we'd have to let the process go one IP at a time. And we'll  talk about that in a second as well. So let's talk about this four line. So a for loop is what we're  actually running here. And the loop is saying, I want to do an IP address, we're just declaring a  variable here, you can call it whatever you want. Or we're saying, hey, for this IP in a sequence of  one through 254, we're going to do something and that do is a pain. So what this means is for IP,  and if we think about it in sequence one through 254, what it's saying is 1234, all the way up to  254. Okay, so think about it this way, if we say for one, in this ping sweep, we're gonna do that,  right, so we're gonna say 414243, all the way through to 34. That's what this loop is doing. So  it's a very, very simple loop. Now, IP is replaced down here, at the very end. Now, we're also  calling out this dollar sign one. Now this dollar sign one is user input. So we're going to actually  do something this is called IP sweep, right. So we're gonna have to call out this IP sweep  something like this.sh. And then we're going to have to give out some information, it's going  to request information, if we don't provide it, it won't know how to ping. So we're going to do  is we're going to say the first three octets of our home network. So if yours is 190 2.16 8.1,  like mine is, then you just enter 192 dot 168 dot one. Now, we could also for simplicity,  just hard code this. So we can say 192 dot 168 dot one.ip address, and it will be fine. We don't  have to build this in the only reason we're not hard coding it is because you can do multiple pin  sleeves. This can be a ping sweep script for you in the future if you're on a different network, or  you just want to write something out really quick. dollar sign one works perfect. But if you want to  leave it hard coded like this, it'll also work. So let's go ahead and just delete this out. I'm going  to put this into dollar sign one again to have a proof of concept. And then we are going to run  this. So all we do here at the end is declared done. If we didn't run this with an ampersand  here, we would have to add a semi colon similar to this. But because we are having an ampersand  we can actually get rid of that and just put that back just for some syntax. Clarity here. Okay,  so let's go ahead and save this. And remember from our lesson, we're going to have to change the mode  of our script because it's not executable by default. So we're going to do a plus x here.  And then we're going to call our IP sweep that sh, we can LS and make sure it's green. Here's  ip c.sh. And then we'll do a dot forward slash ip sweeped a sh, and I'm not going to enter anything  in as want to show proof of concept. So see a ran through every single number here and threading,  and nameless service not known because we didn't provide an IP address. So what we can  do here is we need to provide that IP address 168 dot one, hit enter. Okay, and it pulls back  some information. So what we can do with this information, let's write this out to a file. So  let's just call this IP list dot txt, something like this. Okay, it's done. Now, let's just cat  out the IP list dot txt. Okay, now we have an IP list of the IPS in our network that we just swept,  right. And we can use this information later on. But before we go into that, I do want to go back  and just improve our script a very, very tiny bit. So let's go ahead and just tab up a couple times.  So we get to our G edit. And let me show you how we can improve this script, it doesn't have to be  overly complicated, what we can do is, we can say something like this, we can come in here and give  an if statement. So an IF is conditional, right? We're gonna say, if this exists,  then do something. And if it doesn't exist, do something else. So we're gonna say if dollar sign  one is equal to nothing, is going to give blank space here. And then we're going to say, then we  want to do something. So what are we going to do, we can echo out something similar to you forgot an  IP address. And then echo out what you need to do. Like syntax. dot slash ping sweep, or IP sweep is  what we call this IP sweep that sh, and then IP. Or we can even write it out an example, right?  Like something like that. So that way, our user, if they're using it, we wrote this for somebody  else, they know what we're talking about. And at the very end, we just need to write if backwards,  we'll put it ephi. So what this is saying is, if this is not then echo here, right, we're  going to echo these, and then we need to add one other thing here, which is an else, let's go ahead  and hit enter, just to space this out a little bit. So if we have no dollar sign one declared,  right, if we have nothing entered in, we're gonna say echo, you forgot an IP address and syntax  here. If we do have something in dollar sign one, okay, we're going to do something else, we're  going to do our ping sweep. And that's it. So this is very similar and modified from Georgia Weidman  that I've got a long time ago. So full credit goes to her for this little script, it was very, very  easy to learn. And it's also very easy to teach. So let's go ahead and just run this one more time,  we're going to say IP sweep the SH. And look what happens now it says you forgot an IP address. Now  we can declare a number in there anything in the scripts not perfect, right, we were expecting  three octets. And we could give it a one. And it's still going to do something like that,  which is incorrect, right? So we need to be able to, to modify this down more, but that gets really  advanced scripting into declaring that needs to be three octets. And if you don't provide those,  then what, and that just gets more advanced. So we really just need to know, hey, what we're  doing here, very basic script for ourselves, and something to remember. Okay, so let's clear our  screen. Last thing I want to show you. So we've been able to write a script out. But we can also  do looping in one line. And this is where it becomes kind of fun. So we have this IP list,  right? We did cat IP list dot Tex. Now let's say we've got this IP list together, and we want to  do an N map scan on all of these IPS. Now we could just say and map and type in the syntax you want  and the IP address of it. For every single one of these start a new tab and let that happen. Or you  could do something in a for loop. So we can write the same for loop that we did before. We're going  to say for IP, and then we're going to do is we're going to write $1 sign and we're going to cat the  IP List dot txt. So all it does is is bringing out this list that we have here and it's saying, okay,  for this IP, this IP, this IP, etc we're gonna run through all of these. That's what the loop does,  right? Okay, we're gonna do our semi colon, and then we're going to tell it to do something,  right. So what do we want to do? Okay, let's run a mF script. So we're going to say do and map.  And we'll ping, or we'll do a port, Port 80 on all these, and we'll say, still scan that on port 80.  And we'll do t four for a speed. And that should be yet. So then we can do done like this and let  it run through one at a time. We can also do the ampersand and let it run multiples like this,  we can hit enter and see what that does. But I also forgot one thing here, forgot to declare the  IP address. So let's talk about it real quick. So we've got a very, very simple one liner, and  you're gonna see one liners a lot if you get into ethical hacking, and just allows us to do things  quickly and scripted. So we got four IP address in this list. So every IP in this list, we're going  to loop through, when we do that loop, we're going to do an map, we're gonna do a quick stealth scan  of Port 80 t four, and we're gonna say declare the IP address. If you're not comfortable with M map,  that's okay, this is purely an example. And something you will see in your career. I will  make a scripting video at some point for n map. And we'll cover mF more in detail. So let's go  ahead and just hit enter. Okay, I messed up my syntax. So what's going on? Okay, so for IP in,  this got deleted for IP and cat IP list. Let's try this one more time. Okay, so we just did all these  scans seven scans at once. And what we did is, you see, these are the processes that are starting. So  it started up eight processes, actually not seven. And it's just running through this list doing the  scans. And we're going to go ahead and just kind of look at it. So it says, okay, on one dot 74  is at open, it's open, okay. And then on 254 is at open, it's open. And then you see filter  down here, or it's not running, filtered, filtered, same thing. So we can hit Ctrl C,  or hit enter for done. And that's pretty much it. So what we just did is we ran a map scans at one  time instead of having to copy and paste these. So that's just a little bit of what scripting can do.  It does get more advanced. But to be able to know a one line for loop is a really, really important  if you go into penetration testing. And it's just important in basic bash scripting as well.  So that's really it for this lesson. And that's really it for this course. So I hope you really  learned something from this course, if you did find it valuable. Please do share it with others.  Please subscribe. If you haven't, please do like the video, word of mouth is the best thing for me,  it helps me grow my channel and helps me give content back to you as I get more feedback. And  I grow as a channel. So I'm looking to do more courses in the future. And appreciate you taking  time with me. If you like this course and you want to chat with me check the descriptions down below,  I've got a discord channel, we've got quite a few people in there. And I've also got a Twitter if  you want to hit me up there. Lastly, I do have a Patreon. If you felt like this course is valuable,  and you'd like to support me, any dollar amount goes a long way for me recording equipment,  recording software, all that's very expensive. And the time spent on this is also very detailed  long hours. So if you want to support me or, or anything a like, subscribe, etc,  it goes a long way. I appreciate you taking the time to watch this course. And until the next one,  thank you so much for joining me. All right, and now some bonus material. So I'm adding in some  additional resources. These are for those of you that want to continue on, you've learned Linux now  and you're like, Hey, I really want to be a pen tester. I think this is for me, I'm gonna provide  you a whole lot of different resources here. So take notes, these are some of the best resources  I could think of for those wanting to get into the field. I'll briefly cover each of them and  then leave you added to do your own research and hopefully, see you in the field someday as a  pen tester. So let's take a look at some of these resources. Okay, so first resource is a shameless  self promotion. And I only do this because I do think that I'm a valuable resource. I'm trying  not to be biased here but I've got some good, good stuff that's completely free if you're interested  in it. So if you come to youtube.com slash c slash the cyber mentor, you can come to my page here and  you can check out all the videos I have. One video is a day in the life Have an ethical hacker. So if  you want to know what it's like to be an ethical hacker, if you're still not sure if this is the  field for you, this might be a video for you to view talks about the day in and day out stuff that  you might do, what kind of assessment work you might be asked to do and what it's really like  to be a, an ethical hacker. On top of that, I've got another video on cyber career paths  about penetration testing and ethical hacking. So if you're looking to get into the field,  and you want to become a pen tester, or ethical hacker, and you're not quite sure where to go,  this is probably the better video for you, it kind of talks about all the knowledge that you'll need  for a junior perspective, and really the knowledge that you'll need to be successful in the field,  including certifications, etc. So if you're watching this video as an additional resource,  this will probably be additional resource. Part two is a good way to call it this is  the one like really detailed on penetration testing and ethical hacking. On top of that,  over here, I've got playlists. So if you come into the playlist, I've got a few courses,  most importantly, is our zero to hero course. So if we come to the cyber mentor.com, and you  go to courses over here, and you go to zero to hero pentesting You can find more information  on the syllabus. So I put it into lesson plan as well here, but there are let's see 11 episodes,  we start with Linux kind of like you've already learned, no keeping some introduction, we do  Python for two weeks, we do information gathering Oh send recon scanning, enumeration exploitation,  we do internal attacks as well. So we'll build out an Active Directory lab. And we'll learn  how to do these internal attacks aren't really taught in a lot of courses. And then we'll end  it with some file transfers, maintaining access, etc report writing as well and career advice. So  this is like my complete course, it's called zero to hero to take somebody from from a complete zero  and bring them into hero where they can start doing some pentesting on their own. So again,  if you're interested in that course, you can come to my website and check it out with lessons plan,  you can just click in the tab and play the video or on my YouTube channel, you can click right  on the playlist and play it from there as well. So leaving the shameless self promotion, let me  talk about some more cheap alternatives. hack the box is a great, great alternative if you're just  getting started. So for hack the box, what it is, is it's a series of vulnerable machines. So you  could think of it almost like a game. So if you want to do some hacking, this is a great place to  just start practicing and learning the ropes. What we can do is like say we could pick something on  the easy side, you want to look for something like that's more green right on the left,  because that shows easy, you would pick a box like this, you would scan against it. And you know,  if you don't know what I'm talking about, that's fine, but you would scan against it and try to  find vulnerabilities and hack it. So really, really great website, if you have the VIP,  they're starting to move it, it's in beta right now. But they have 20 boxes that you can attack  on active side and 20 in the VIP. But the nice thing about the VIP is they're about to open up  all 97 that had been retired. So they retire one every week and they bring a new one in. So you  gain access. It's like $13 a month, this is free, completely free platform if you don't want it but  this is 13 bucks a month for the VIP access. And you can come in here and do some of these machines  that are super duper easy. And if you click into them, they'll have write ups for them. And they'll  also have video walkthroughs for a lot of these machines. So that's a really, really great stuff,  right? If you have no idea what you're doing, this is a great place to start. Because these  retired boxes are boxes that have already been done, you can watch how somebody else did them,  you can learn their methodology. And this is really good for just getting the basics down  and understanding you know, some basic hacking. Same thing here with the virtual hacking labs,  it's very similar. They've got a labs, they've got a course and they got different pricing. So you  can try these out if you're interested in them. So they are, you know, just alternatives to just  practice online. Then you've got bowling hub as well, you'll have to search through this and try  to find something that's like beginner level or Google online, which which are realistic boxes,  or what are good boxes on volm. hub of Ohio, basically you just download the VMware file, and  you play it on VMware and you try to attack the the machine so you download a machine, you try to  attack it. And these are intentionally vulnerable machines, all these right here on these top three.  So let's say that that's not really where you want to start, you think maybe you could use a little  bit more hand holding and you like a certification to come behind it. I'm going to show you the top  three in my order that I think for pentesting at least at a beginner to mid tier level,  what the top three are. So either insecurity gets number one slot in my mind, if you come into here  and you go on to certifications. So they've got a couple different ones, the ECP PT, or actually,  let's go to courses. So the penetration testing student and the penetration testing professional,  the student is for the beginner, the professionals a little bit more advanced leaves off for the  beginner ends. So if we come in the student, you can see some of the things that you'll  learn. So they've got, you know, it talks about the preliminary skills that you might need and  teaches you those, it's got some programming, and then just the basics of penetration testing,  but it gives you an idea what it's like. On top of that the ISP PTP course they have is like  more in depth more advanced, you start getting into assembly language and buffer overflows,  you get into network pentesting, some PowerShell, Linux web app, Wi Fi, some Ruby for medispa light.  So I think this is a really well rounded really up to date. The downside of this course is that it's  not, it's not really well known on the HR side of things so and then the pricing can get a little  expensive. On the elite side, right now it's 16 $100. The cheapest is the 1200, I would at least  get the middle tier. But as of right now they're offering that PTs and the PTP, if you buy the PTP,  they give you the PTS for free, but that won't be going on much longer. But you can always  hold out for deals like this as well. Another resource and a very, very well known resource,  probably the best certification in terms of being known is the O SCP. So it starts out at 800 bucks,  as you can see here, you're probably going to spend more money than that, because that's just  30 days. So the nice thing about this is it comes with labs, there's a certain amount of machines in  there that you can try to hack against, sort of like a hack the box, but it's an environment. So  you can you notice, attack whatever you feel like and try to navigate your way through the network.  And then when you are done, and you want to test for the certification, you have to actually hack  in an environment of the set number of machines you have to hack against. And you have to be  successful in hacking those machines to get your certification. So it's considered one of the more  difficult certifications out there to achieve. And you'll see it come up a lot of times in HR  or job applications that they want this oscp. So this is something to look into and consider as  well. The cost isn't as bad as the elearn. But the con here is that office of security courses  haven't been updated in five or so years. So you really need to, you know, it's kind of the best  of both worlds if you were able to do both. But this one will get you into more doors,  this one will get you a little bit more current. But there are plenty of resources out there,  all these tabs are showing you that you don't have to spend a ton of money to get this stuff.  These are more things that if you want that certification, you want that that coursework,  that knowledge, these are great resources, all three of these. So last is the G Pen. Now the G  Pen is just an exam. By itself, it's 17 $100. It is by sans right. So this is showing g i see you  actually have to take the corresponding sans course that goes with it. And that course is  upwards of $6,000. So unless you can get a employer to pay for this sans certification,  probably not the best. But the thing that I like about sans is that it stays up to date,  they are constantly updating their courses, and that they look good on a resume. It's one of those  really high tier high level certifications. And the exam from what I hear is actually pretty good.  It's not a practical exam, but it's a fairly good exam. And the nice thing I didn't mention  elearn security is also a practical so this oscp is practical, the elearn security exams practical,  you have to hack your way through to to pass and write a report as well. This one is a multiple  choice exam, I do believe. So these are three certifications that you can look into if you  wanting to go down that route. I would start with the PTS if you can, it's dirt cheap. You know,  if I have to make a recommendation just to make sure that you're you're really interested in this,  if you know for sure. And you want to do that pts PTP combo, this might be a good choice here.  But other than that, I mean, the free resources like I've got my channel, there's ton of videos,  the zero to hero course is like at least 20 to 30 hours of material. hack the box you'll spend a lot  of time on there's plenty of write ups if you just Google like, honestly, if we go into here and we  say like apocalypse here. If you say that and you Google that with right up, you're going to find  the right up for this or you'll find a video for this or some kind of walkthrough, right. So you  just want to look through these and try to try it on your own and then go back And then watch the  write up and see how you could have improved if you'd got through it. Or where you can improve an  enumeration or whatever it is you need to, to get better to actually succeed the next time you try  attacking these machines. So that is it. You have reached the end of this course and the end of the  bonus material. If you need anything, I provided my contact info again in the beginning. You know,  I'm at the cyber mentor on Twitter, you can reach me on YouTube as well. And I really do. Thank you  for joining me I look forward to seeing many of you take the next step from this Linux,  if you made it this far, you've already gotten through the beginner Linux. That's awesome. I hope  you take this next step and that you are intrigued by penetration testing because we need more people  in the field. So I look forward to seeing you guys and girls come through and hopefully I'll work  with some of you someday. So until next time, my name is Heath Adams and I thank you for joining me\n"