Ready to Start Your Career?

NoobSecToolkit: Enhance Linux Security and Facilitate Pentesting

Krintoxi 's profile image

By: Krintoxi

October 23, 2015

Hello,Today I'll be showing you how to enhance your Linux Security and facilitate basic penetration testing!To do this, we'll use an open tool called NoobSecToolkit. The toolkit comes built with the following options:

Toolkit Options

(sqli)SQL Injector (Tests web urls for SQLI)

(vulscan) Vulnerability Scanner (Scans for Vulnerabilities in a Network)

(dinfo) Gather Basic Domain Info (Will do an extensive NSLookup on a Target)

(discover) Information Harvester (Kali Linux Only!)

Misc Options

(itor) install Tor (Will install Tor Services)

(stor) Start Tor (Will start Background Tor Services)

(tors) Check Tor Status (Will Check the status of Tor)

(vpn)Start VPN Launcher (Will run a VPN Launcher)

(encdns) Encrypts DNS (Why DNS Cryptography Matters - OP3N)

 We'll start by using the tool to enhance our security. First, we have to clone the tool from it's Github repository. To do this, we run the following:(1) CTRL + ALT + T (Open Linux Terminal)(2) sudo apt-get install git (Install Git)(3) git clone (Clone a version of the Toolkit to your system)(4) cd NoobSecToolkit/NoobSecToolkit/ (Change Directory to the main directory of the python (Run the Toolkit by using python in the Terminal) Once we run, the output should be as follows:  At this point, we'll continue by installing Tor. We can do this by typing: itorTor protects you by bouncing your communications around a distributed network of relays, run by volunteers all around the world. It prevents somebody from watching your Internet connection and learning what sites you visit. It also prevents the sites you visit from learning your physical location.When that finishes, we can then run: stor to start the installed Tor service.Finally, we'll run: tors to check the current status of Tor.The desired output should be: Now that we have Anonymity, we'll want Traffic Encryption. For this, we'll need a VPN. To download a Free VPN service, enter the following in the Toolkit: vpn."VPNs use advanced encryption protocols and secure tunneling techniques to encapsulate all online data transfers. Most savvy computer users wouldn't dream of connecting to the Internet without a firewall and up-to-date antivirus. Evolving security threats and ever increasing reliance on the Internet make a VPN an essential part of well-rounded security. Integrity checks ensure that no data is lost and that the connection has not been hijacked. Since all traffic is protected, this method is preferred to proxies."When you run vpn , it will launch a download script. Follow the directions to run the VPN: Once the VPN is downloaded, a directory will be created for it inside NoobSecToolkit named "Bitmask"To run the VPN, you must open the Bitmask VPN application inside a file manager as such:Simply follow the on screen instructions! At this point, we want to utilize the NoobSecToolkit to Encrypt our DNS Queries!"When using an anonymity or privacy service, it's extremely important that all traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside of the secure connection to the network, any adversary monitoring your traffic will be able to log your activity."We can do this by entering the following: encdnsOnce you start the process, it will ask:“Would you like to see a list of supported providers? ( is default) [y/n]: n”Hit y and enter. You should now see a list of DNS providers:“Which DNSCrypt service would you like to use?"

1) Off  (Regular, unencrypted DNS)

2)   (Europe – no logs, DNSSEC)

3) Cisco OpenDNS (Anycast)

4) CloudNS       (Australia – no logs, DNSSEC)

5) OpenNIC       (Japan – no logs)

6) OpenNIC       (Europe – no logs, whitelisted users only)

7) OpenNIC       (Toronto, Canada – no logs)

8) OpenNIC       (San Francisco, USA – no logs)

9) OpenNIC       (Seattle, USA – no logs)

10) OkTurtles     (Georgia, USA – no logs)

11) (Europe – no logs, DNSSEC)

Select an option [1-11]

 In this case, we'll change to the DNSCrypt provider, which sits in Europe and does not log requests. To do this, we type 2 and hit enter.Your system will update and the installation and provider change will start. The key authentication will start as well. This process will take around 10 to 15 minutes, depending on your connection at the time. If all goes well, the desired output should be:“DNSCrypt is now installed. Finally to test our changes, a great service is:https://dnsleaktest.comIf everything went to plan, your test results should be something like:




Country A/S


=============End Of Security Enhancement Section============= Now that we're all secure and Anonymous, we'll focus on using NoobSecToolkit to do basic penetration testing and vulnerability Scanning!: Let's set a scenario where you have a target called badcorp.comWe'll want to start by scanning for Vulnerabilities. We can do this by entering: vulscanThis will ask us for a target. Input the target as such :badcorp.comThis will then launch the vulnerability scanner on the target. You've managed to find a SQL vulnerability and wish to see if you can exploit it. To test for SQLI we can run: sqliIt will ask us for a target. Input follows: (Example!)This will test and exploit the injection, if any! We'll also want to gather basic Domain information on the target. To do this, we enter : dinfoTarget: badcorp.comThis will do an extended NSlookup on the target, displaying Domain information and records.Finally, we'll  want to gather some information on our target: Emails, Phone Numbers, Etc. To do this, we enter: discoverThis will download and run a script giving you the following options!:Pretty Easy huh!? Well with this, I'll end my submission. I hope my Toolkit is useful to some of you out there and I'd love to hear some feedback!Feel free to Fork the project on Github!: you
Schedule Demo