Have you heard about Kali Linux and security testing?
I hadn’t. Not until I went to a penetration / security testing course which introduced me to this gem. It’s a Linux-based penetration testing platform, and its open source, which means free, and in this case also means awesome. You can run it on any PC, and even though the installation might be a bit tricky, it’s really worth it. There are tons of small programs to dive into, nicely dered after what they can do.
However: I have no frigging’ idea about how to use it.
It’s hard to understand security testing
At least if you’re me. The PenTest course took me back to when I tried to understand programming back in University. It was really tough, difficult to understand, and the logic behind programming was just lost on me. At least I thought it was. But even though my grades were horrible and I dreaded programming, things stuck.. and when I started making websites, the C++ and Java foundation from school helped me understand the hows and whys of websites in no time. Later in my professional career, I started doing scripting in Excel, doing small java scripts in SoapUi and so on… and all of a sudden the classes from back then made total sense.
I felt the same at the course. Completely floored with technical information. Even if I see myself as a fairly technical adept person, I felt like I understood absolutely nothing. I can program, I can understand most systems quite fast, and I’m good at finding information. But I know nothing about hardware. Nothing about TCP/IP setups. I don’t care about how fast my router is and how much data the cords in the router can transfer.
So while I’d love to try out some security testing / penetration testing, I’m building up the courage to take out a weekend in my calendar and understand how Kali works. I know I’ll get it eventually, as soon as I find a practical use for it. There’s even an extensive collection of documentation to help me get going.
Until then Kali Linux. Until then.