How to Build a USB Drive Pentesting Toolkit

June 16, 2016 | Views: 69372

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

In this guide, I’ll walk you through setting up a pentesting USB drive that also works well for other IT professionals.

Fortunately, the days of carrying around a CD binder full of your various tools are long gone. With the lower prices of USB drives and their increased capacity, you can easily keep a large number of tools at your disposal.

About this Guide: This guide is intended for educational purposes only. The author of this guide is not responsible for misuse, damaged, loss, altered, files and hardware.


What You’ll Need:

  • A USB drive (The larger the better. You can occasionally find a 128 GB drive for as little as $20)
  • Internet connection (Which I am going to assume that you have if you are reading this)

First let’s head over to grab Yumi. Yumi is a multi-boot loader for USB drives and the primary tool we’ll be using. Yumi allows you to easily add and remove programs without having to wipe out your drive.

Download Yumi at: http://www.pendrivelinux.com/yumi-multiboot-usb-creator/

Next, plug in your USB drive into your computer and launch Yumi

Click on the “I Agree”

Click on the down arrow and select your drive
step 2_zpspjunqz10

On the right side of the menu, we have the option of formatting the USB drive, View, ADD, or Remove distributions. I’m going to assume you have a clean USB drive.

Next, we’re going to click the drop-down arrow listed on Yumi’s “Step 2”. As we can see, there are a large number of programs listed here.


step 12_zpscby51rjc

As this is going to be my penetration testing USB toolkit, and I’m a big fan of Kali Linux, so that’s what I’m going to select first.

With Yumi, you have two options to install these programs to your drive. You can either download the ISO ahead of time, or for convenience, you can click the “open download link” option. This will obviously open the program’s download link for you, saving you time searching for it.

One we have our ISO downloaded click on the “Browse” button:

Click on ISO

Click “Open”

Click the “Create” button

“Yes”to get started

Depending on how large the ISO will determine how much time it takes. You should see a dialogue box telling you how the install is progressing.

Once your ISO is ready, click “Next”

From here, you’ll have the option to load additional ISO’s to your drive. If you decide to load additional programs, simply follow the above steps.

Another great feature about Yumi is that if you have a particular ISO that you want loaded and it’s not listed in their menu, it’s no problem! Follow the instructions as if you were going to install any other ISO, when it’s time to select your ISO scroll to the bottom of the list. The option that I normally select is “Try Unlisted ISO (via SYSLINUX).

 

We have all the programs we want loaded by way of Yumi. What’s next? Well, we have a pretty good toolset now, but there is always room for improvement.

Keeping with the idea of a portable toolset and keeping the entire thing free (minus the cost of your USB drive), our next stop is Portable apps http://portableapps.com/.

If you never have used this program or heard of it before, Portable apps, as the name implies, is a set of portable tools that can be launched from your USB drive. The great thing about this is you can take all of your favorite apps to another person’s computer without installing it to their machine.

After downloading Portable apps let’s go ahead and launch it.

The initial install is pretty straight forward, so simply click through.

When we reach the “Install Type,” we’re going to choose “Custom Install”.

The next option gives us a wide range of locations to install to.

For this guide, we’re going to choose the first option, “Portable”.

Make sure you have your USB drive selected and click “Next” and “Install” (You may need to turn your anti-virus off for this if it’s set to block autorun.)

After the program installs you will be presented with a list of software. Simply select which programs that you want to install and click “Next”.

To launch the application, open your USB drive and click on “Start”

 

The last program that we’re going to install is similar to Portable apps. This one is called NirLauncher. The reason I include this one (in addition to Portable apps) is that it has a number of tools that can be useful for penetration testing. It’s also free and updated frequently.

You can download the software at: http://launcher.nirsoft.net/

This one is far easier and faster to setup since the installer has all of the programs pre-installed. Simply download the program and unzip it to your USB drive.

To launch NirLauncher simply open your USB drive and click on “NirLauncher”


step 17_zpsnbnlrzlo

We’ve seen how to launch the other 2 programs; let’s take a look at booting our primary drive. Plug your USB drive into the computer you want to boot off of and have it boot from the USB drive. Depending on how the BIOS is configured, you may need to interrupt the boot sequence and select the drive. If your drive still does not show up or is not a option, you’ll probably need to login to the BIOS and make sure that USB boot is not disabled.

When the drive does boot, you’ll see the menu screen. Simply navigate to the program you want to run and hit the “Enter” key.


Bonus – Customizing Yumi

If you wish to create a custom image for the Yumi menu, open your USB drive and then open the “multiboot” folder. There, you’ll find a .png file called “yumi”. Edit this file however you wish. Make sure the resolution, name and extension match the original.

Yumi is a very powerful tool. We can use it to boot to our own custom OS without touching the host machine. We can use it for data recovery, forensics, password hacking, hardware scanning, etc. – all for the cost of a single USB drive.

Save

Save

Save

Save

Save

Save

Save

Save

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
95 Comments
  1. Is it necessary to have a 128 GB drive or will it work on other drives

    • Any will work, it all depends on what you want to load on it.

    • I would go with a 32GB as a minimum…16GB at the very least. Running apt-get update && upgrade on a smaller USB drive, I’ve had issues with space. No issues whatsoever running Kali on a 32GB-SD chip either! I have a USB adapter for the SD chips and it boots off of there no problem!

  2. As with most pentesting and recovery tools that is pretty common. It’s likely flagging the password recovery tools along with a couple other tools.

    As always tools that you don’t feel safe with don’t use. Personally I have had no issues with the tools listed here.

  3. The nirlauncher download was flagged as malicious for me….

Page 16 of 16« First...«1213141516
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel