I was scouring the internet to find additional resources to utilize in my classroom when I came across BerryServer. It is a website developed by Alexander Goldcheidt which has a very large collection of additional BerryBoot Images. Once you have BerryBoot installed, follow the instructions below.

Once you have the image file (.img) put that image file on a FAT32 formatted USB device, then in Berryboot main screen hold down your mouse button over “Add OS” and select “Install from USB stick”, choose the OS image(s) from the USB device and wait the copy process, reboot the Raspberry Pi by clicking the exit button. That’s it, wait to Berryboot boot and select the new OS image.

Have you ever heard someone say their computer was “dual boot”? Well, Berryboot allows you to dual, triple, and quadruple boot your Raspberry Pi. Berryboot is a simple operating system installer and boot selection screen for ARM devices such as the Raspberry Pi and Cubieboard.

Download link Berryboot for the original Raspberry Pi, Pi Zero, Pi 2 and Pi 3(+) (60 MB): berryboot-20180929-pi0-pi1-pi2-pi3.zip
sha1sum: 103ffe4a65e01f9dbf14214843cd3e861a0849bc

Download link Berryboot for the quad-core Raspberry Pi 2 and Pi 3(+) only (39 MB): berryboot-20180929-pi2-pi3.zip
sha1sum: 7c40e8a958d1f8d33fb9d14b882a1d3feffee76a

To install: extract the contents of the .zip file to a normal (FAT formatted) SD card, and put it in your Raspberry Pi. This can be simply done under Windows without any special image writer software. Once you start your Pi it will start an installer that reformats the SD card and downloads the operating system’s files from the Internet.

For screenshots and complete instructions, please visit the developer’s page.

apt update, upgrade, dist-upgrade? What’s the difference?

In a nutshell, apt-get update doesn’t actually install new versions of the software. Instead, it updates the package lists for upgrades for packages that need upgrading, as well as new packages that have just come to the repositories. Used to re-synchronize the package index files from their sources. The indexes of available packages are fetched from the location(s) specified in /etc/apt/sources.list. An update should always be performed before an upgrade or dist-upgrade.

apt-get upgrade will fetch new versions of packages existing on the machine if APT knows about these new versions by way of apt-get update. Used to install the newest versions of all packages currently installed on the system from the sources enumerated in /etc/apt/sources.list. Packages currently installed with new versions available are retrieved and upgraded; under no circumstances are currently installed packages removed, nor are packages that are not already installed retrieved and installed. New versions of currently installed packages that cannot be upgraded without changing the install status of another package will be left at their current version. An update must be performed first so that apt-get knows that new versions of packages are available.

apt-get dist-upgrade will do the same job as apt-get upgrade, plus it will also intelligently handle the dependencies, so it might remove obsolete packages or add new ones. In addition to performing the function of upgrade, this option also intelligently handles changing dependencies with new versions of packages; apt-get has a “smart” conflict resolution system, and it will attempt to upgrade the most important packages at the expense of less important ones, if necessary. The /etc/apt/sources.list file contains a list of locations from which to retrieve desired package files.

You can combine commands with && as follows:

sudo apt-get update && sudo apt-get install foo bar baz foo-dev foo-dbg

or to get the newest versions possible as per the version requirements of dependencies:

sudo apt-get update && sudo apt-get dist-upgrade

There are several tools in the Kali Linux Tools list. Some may argue that all of the tools are useful in some way or another. Many of the tools do the exact same thing. It then becomes a matter of which tool is more useful to meet the goal that you are trying to accomplish.

For example, if you are running a headless pentesting device, you would want a tool that can be automated via the command line. If you want to manually pentest and have the need for a GUI, then the GUI based tools would be better suited for you. The tools that are listed below are my personal favorites for speed, ease of use, and the information provided or exploited.

10. Social Engineer Toolkit

Let’s begin with the simple one. You don’t require so much technical knowledge to learn the working of Social-Engineer Toolkit (SET). This tool is designed to perform advanced attacks against the human element. The methods built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test. It involves phishing, information gathering, data cloning etc. Some of the most popular SET tools are:

• Man Left in the Middle Attack
• Spear-Phishing Attack Vector
• Java Applet Attack Vector
• Metasploit Browser Exploit Method
• Credential Harvester Attack Method
• Tabnabbing Attack Method
• Infectious Media Generator

9. Browser Exploitation Framework (BeEF)

You might have heard about XSS vulnerability. It is one of the most common vulnerabilities in the web applications. BeEf (Browser exploitation framework) is used to exploit an XSS vulnerability and it focuses on client-side attacks. Once the tool exploits XSS on a website, the users of that website become the victim and their browser can be fully controlled by the BeEF. An attacker can install plugins, show pop-ups, redirect to any URL. You can make the victim download a malware or any malicious program.

8. John The Ripper

The program john (or ‘John the Ripper’, abbreviated JtR) is a program by Alexander Peslyak that attempts to retrieve cleartext passwords, given hashes. It is a password tester or cracker tool. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems.

7. HashCat

Hashcat can crack almost any kind of hash. It has two variants with two different algorithms one is CPU cracking other one is GPU cracking. GPU cracking algorithm, OclHashCat is faster than traditional CPU cracking because GPU has too many numbers of cores. OclHashcat uses multi-core to crack thousands of hash in less than a second. This powerful hash cracking tool can be really helpful when you use it with a custom wordlist or a brute-force attack.

6. BetterCap

BetterCAP is one of the most powerful Kali Linux tools to perform various Man-In-The-Middle attacks. It can manipulate HTTP, HTTPS and TCP traffic in real-time, sniff for credentials and much more. It can be called the enhanced version of Ettercap tool which is also a very popular tool for MIME attacks.

BetterCap is able to crack SSL/TLS, HSTS, HSTS Preloaded. It uses SSLstrip+ and DNS server (dns2proxy) to implement partial HSTS bypass. The SSL/TLS connections are terminated. However, the downstream connection between client and attacker does not use SSL/TLS encryption and remains decrypted.

5. THC Hydra

Hydra is a very popular password cracker. It is a fast and stable network login bypass tool that uses a dictionary or brute-force attack to try various password and login combinations on a login page. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, FTP, HTTP, https, smb, several databases, and much more.

4.Network Mapper (Nmap)

Network Mapper is a simple network scanner tool in Kali Linux. It allows you to scan a system or a network. Nmap allows you to scan open ports, running services, NetBIOS, os detection etc. It uses various type of detection technique to evade IP filters firewalls. Nmap is one most commonly used Kali Linux tools for attacking a system or a server. If you prefer a GUI, you can use zenmap.

3. Aircrack-Ng

Aircrack is a suit of Wireless hacking tools. It is an 802.11 WEP and WPA-PSK keys cracking tool that can recover keys when sufficient data packets have been captured. It implements standard FMS attacks along with some optimizations like KoreK attacks, as well as the PTW attacks to make their attacks more potent.

It focuses on different areas of WiFi security:

• Monitoring: Packet capture and export of data to text files for further processing by third-party tools.
• Attacking: Replay attacks, authentication, fake access points and others via packet injection.
• Testing: Checking WiFi cards and driver capabilities (capture and injection).
• Cracking: WEP and WPA PSK (WPA 1 and 2).

2. Wireshark

Wireshark is a very popular network analyzer among other Kali Linux tools. It is widely used in network security auditing. Wireshark uses display filters for general packet filtering. It was formerly known as Ethereal. It can be used to examine the details of traffic at a variety of levels ranging from connection-level information to the bits that make up a single packet. Packet capture can provide a network administrator with information about individual packets such as transmit time, source, destination, protocol type and header data.

1. Metasploit Framework

Metasploit Framework is a tool for developing and executing exploit code against a remote target machine. The basic steps for exploiting a system using the Framework include:

• Choosing and configuring an exploit
• Optionally checking whether the intended target system is susceptible to the chosen exploit.
• Choosing and configuring a payload (code that will be executed on the target system upon successful entry
• Choosing the encoding technique so that the intrusion-prevention system (IPS) ignores the encoded payload.
• Executing the exploit.

This modular approach allows the combination of any exploit with any payload, is the major advantage of the Framework. It facilitates the tasks of attackers, exploits writers, and payload writers.

What is a Certified Ethical Hacker?

A Certified Ethical Hacker (CEH) is a computer certification that indicates proficiency in network security, especially in thwarting malicious hacking attacks through pre-emptive countermeasures. Malicious hacking is a felony in the U.S. and most other countries, but catching criminals requires the same technical skills that hackers possess.

About the CEH

The CEH credential is a vendor-neutral certification for information technology professionals who wish to specialize in stopping and identifying malicious hackers by using the same knowledge and tools the criminals use.

Even before the credential was introduced, private firms and government agencies were hiring reformed malicious hackers because they believed that was the best method for securing their networks. The CEH credential takes this a step further by requiring those who earn it to agree in writing to abide by the law and honor a code of ethics.

The credential is sponsored by the International Council of E-Commerce Consultants (EC-Council), a member-supported professional organization. Its goal, according to its website, is to establish and maintain standards and credentials for ethical hacking as a profession and to educate IT professionals and the public on the role and value of such specialists.

In addition to CEH certification, the EC-Council offers several other certifications relevant for network security jobs, as well as those for secure programming, e-business, and computer forensics jobs. Certification proficiency levels range from entry-level to consultant (independent contractor).

How to Become a CEH

Students who have a minimum of two years of security-related job experience can apply for approval to take the EC-Council exam. Those without two years of experience will be required to attend training at an accredited training center, through an approved online program, or at an approved academic institution. These requirements prepare applicants for the exam and help screen out malicious hackers and hobbyists.

As of 2018, the courseware price for the five-day certification course was $850. The application fee for those seeking to bypass the training course was $100, and the exam voucher price was $950.

Courses

A CEH Training Program prepares students to take the CEH 312-50 exam. The Onyx IT Group and Stormwind Studios offer a  Certified Ethical Hacker online training course that will immerse students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The Circle of Excellence award recognizes StormWind’s ongoing commitment and significant contribution to the information security community by providing leading information security certification programs. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student completes this online training course they will have knowledge and experience in Ethical Hacking.

The 312-50 exam lasts four hours, comprises 125 multiple-choice questions, and tests CEH candidates on the following 18 areas:

• Introduction to ethical hacking
• Footprinting and reconnaissance
• Scanning networks
• Enumeration
• System hacking
• Malware threats
• Sniffing
• Social engineering
• Denial of service
• Session hijacking
• Hacking webservers
• Hacking web applications
• SQL injection
• Hacking wireless networks
• Hacking mobile platforms
• Evading IDS, firewalls, and honeypots
• Cloud computing
• Cryptography

The Job Market

IT security is a fast-growing field, and the U.S. Bureau of Labor Statistics (BLS) projects job growth at a rate of 28 percent for the decade ending in 2026. This is far greater than job growth of 7 percent projected for all professions combined. The median annual wage for IT security analysts, as of 2017, was about $95,000, according to the BLS.

A quick search on Indeed shows that many security jobs require or recommend a CEH credential, so candidates who possess one will be more marketable.

Most jobs that CEH-credentialed professionals pursue put candidates through background checks or more rigid personnel security investigations (PSIs). Security clearances likely will be required at government agencies or private firms with government contracts.

Many of the high-profile stories about ethical hackers involve the biggest companies in technology. Companies like Apple, Google, and others will challenge ethical hackers to break their security measures in order to help them find weaknesses and to make their products safer. They often offer a lot of money to anyone who can find a weakness.

In 2016, Nimbus Hosting listed some of the more famous success stories of ethical hackers. Among them are examples of a security team offering a reward to anyone who could take over an iPhone or iPad, and an anonymous hacker who went by the name Pinkie Pie who helped identify a bug in Google Chrome. Not all of these examples involve professionals following the CEH-certification route, but they show the value companies place on hiring hackers to help shore up network security.

Raspbian is the Foundation’s official supported operating system. You can install it with NOOBS or download the image below and follow our installation guide.

Raspbian comes pre-installed with plenty of software for education, programming and general use. It has Python, Scratch, Sonic Pi, Java and more.

The Raspbian with Desktop image contained in the ZIP archive is over 4GB in size, which means that these archives use features which are not supported by older unzip tools on some platforms. If you find that the download appears to be corrupt or the file is not unzipping correctly, please try using 7Zip (Windows) or The Unarchiver (Macintosh). Both are free of charge and have been tested to unzip the image correctly.

The Raspberry Pi is a low cost, credit-card sized computer that plugs into a computer monitor or TV, and uses a standard keyboard and mouse. It is a capable little device that enables people of all ages to explore computing and to learn how to program in languages like Scratch and Python. It is capable of doing everything you would expect a desktop computer to do, from browsing the internet and playing high-definition video, to making spreadsheets, word-processing, and playing games.

The Raspberry Pi has the ability to interact with the outside world and has been used in a wide array of digital maker projects, from music machines and parent detectors to weather stations and tweeting birdhouses with infra-red cameras. The goal of the Raspberry Pi Foundation is to see Raspberry Pi’s being used by kids all over the world to learn to program and understand how computers work.

Raspberry Pi Foundation

The Raspberry Pi Foundation is a registered educational charity (registration number 1129409) based in the UK. The Foundation’s goal is to advance the education of adults and children, particularly in the field of computers, computer science, and related subjects.

Raspberry Pi Versions