Overview of Tools in Kali Linux

Command Line (CLI) vs Graphical User Interface (GUI)

Command Line (CLI)

• A text-based interface where you type commands to control your system.

• More powerful, faster, and scriptable.

• Widely used in real-world pentesting jobs.

Examples:

nmap -sV -A target.com
sudo apt install burpsuite

Why Use CLI?

• Automation (e.g., bash scripts, Python tools)

• Better control over tools like nmap, hydra, sqlmap, etc.

• Faster once you know the commands

---

Graphical User Interface (GUI)

• Uses windows, icons, and menus — like regular software (e.g., web browsers, file managers).

• Easier to start with if you’re new to Linux or pentesting.

Examples:

• Using Firefox to visit a web app

• Opening Burp Suite from the application menu

---

Summary Table:

Feature	Command Line (CLI)	GUI
Speed	Faster	Slower
Control	High	Limited
Learning curve	Steep	Easy
Suitable for automation?	✅ Yes	❌ No
Ideal for beginners?	❌ Hard at first	✅ Yes

---

Customizing Your Kali Linux Setup

User: Root vs Non-Root

Kali used to log you in as root by default. Now it uses a safer non-root user (kali).

You can create or enable root access like this:

sudo su           # Switch to root temporarily
passwd root       # Set password for root (permanent)

Tip: Use root only when necessary to avoid breaking the system.

---

Keep Kali Up to Date

Always update tools and packages to avoid bugs and get the latest features:

sudo apt update && sudo apt upgrade

---

Install a Second Browser (Chromium)

Why?

• Firefox is default, but some tools or extensions work better on Chromium.

sudo apt install chromium
chromium

---

Install GUI Text Editor (Gedit)

If you don’t like using nano or vim in CLI, install a text editor with a graphical interface:

sudo apt install gedit
gedit config.yaml

Use this to edit config files for tools like BeEF or Apache easily.

---

Installing and Running BeEF Framework

What is BeEF?

• Stands for Browser Exploitation Framework

• Used to test client-side (browser) vulnerabilities

• Works by hooking a victim’s browser and running scripts on their session

How to install and run:

sudo apt install beef-xss
cd /usr/share/beef-xss
./beef

Edit Configuration:

gedit config.yaml

Change credentials or port numbers if needed.

---

Useful Browser Extensions for Pentesting

Tool	Description
Proxy Switcher	Easily toggle between normal and Burp Suite proxy
Cookie Editor	Modify and inject cookies manually
Wappalyzer / WhatRuns	Detect technologies used by websites
User-Agent Switcher	Pretend to be a different browser/device

These help when you're testing web apps — especially for things like XSS, session hijacking, and more.

---

Why Customize Kali?

• Make it your own personal pentesting environment

• Add the tools and workflows you need

• Avoid repeating setup every time

• Boost your productivity and learning.