Kali Post-Installation Tweaks

Undeniably, Kali is the best choice of Linux distro for Penetration Testers, Bug Bounty Hunters, and Security Researchers (if you think differently, please comment below). It carries a completely open source tools to perform the "Kill Chain".However, many users tend to overlook the aspect of fine tuning the arsenal and launching a Vulnerability Assessment and PenTest (VAPT) right away.As a best practice, hardening and tweaking should be the first thing to do in every operating system after the installation. And here below are the simple steps after the Kali installation.1. Switch to root user account and change the "toor" passwordsudo su -passwd2. Add repositoryEdit "/etc/apt/sources.list" with your favorite editor; pico, vi, vim, nano, or leap. Then add the following repository below if missing.# start heredeb https://http.kali.org/kali kali main non-free contribdeb http://security.kali.org/kali-security kali/updates main contrib non-freedeb-src http://http.kali.org/kali kali main non-free contribdeb-src http://security.kali.org/kali-security kali/updates main contrib non-freedeb http://repo.kali.org/kali kali-bleeding-edge maindeb http://http.kali.org/kali kali-rolling main non-free contribdeb http://downloads.sourceforge.net/project/ubuntuzilla/mozilla/apt all main# end here3. Clean, Update, Upgrade and Dist-Upgrade your arsenal.apt-get clean && apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y4. Start your favorite Tool-Configure the Metasploit logging. Sample version below is MSF4echo “spool /root/msf_console.log” > /root/.msf4/msfconsole.rc-Start the database, web server, and Metasploitservice postgresql start && update-rc.d postgresql enableservice apache2 startmsfdb initmsfconsole5. Update the VMware tool if you are using Kali on VMwarecp /media/cdrom0/* /tmp && cd /tmp && tar xvf /tmp/VMwareTools*cd vmware-tools-distrib./vmware-install.pl --defaultvmware-toolbox-cmd upgrade status*REMOVE the CD-Rom media then *restart the Kali.6. Modify the machine hostname to your Hacker's code (mine is Strainer)vi /etc/hostnamevi /etc/hosts#Reboot required to take effect7. Tweaking your Kali to make faster-Edit the desktop config file /usr/share/applications/nautilus.desktop and change the Startup Notification to "false"StartupNotify=false-Install the bleachbit to clean the System and Free Disk Spaceapt-get install bleachbitbleachbit > clean-Remove the iceweasel web browser if opt toapt-get remove iceweasel-Install Mozilla web browserecho -e "ndeb http://downloads.sourceforge.net/project/ubuntuzilla/mozilla/apt all main" | tee -a /etc/apt/sources.list > /dev/nullapt-get install firefox-mozilla-build8. Enjoy hacking ... ethically :) !!! About the Author:I have spent 14 years as an IT professional with Master’s degree in Information Technology. I am a certified ethical hacker (CEH), certified security analyst (CSA), and certified cyber crime investigator.