Kali Linux PC on Stick – Boot with Laptop USB and enjoy complete Penetration Testing machine

Kali Linux on Stick

Kali Linux on USB Stick has over 600 preinstalled penetration-testing programs. It includes Armitage (a graphical cyber attack management tool). Nmap (a port scanner), Wireshark (a packet analyzer) & John the Ripper password cracker. Aircrack-ng (a software suite for penetration-testing wireless LANs). Burp suite and OWASP ZAP web application security scanners. Kali Linux can run natively when installed on a computer’s hard disk. It can be booted from a live CD or live USB. It can run within a virtual machine. It is a supported platform of the Metasploit Project‘s Metasploit Framework. It is a tool for developing and executing security exploits.”

Google Hacking database - Files containing usernames passwords

You could make up your own Google dork, depending upon the situation.

Following are few examples :

ext:sql password username

ext:xls password @hotmail.com

inurl:wp-config ext:txt

filetype:php~ (pass|passwd|password|dbpass|db_pass|pwd)   Author: Bastich

With the in-depth knowledge of websites and CMSes, you will be able to understand the inner working, and will also come to know where the websites store the private information. That will ultimately help you make your own Google dork.

Also, FTP clients store there password in an .ini file, which in some cases are not fully protected. So, with a good Google dork, we could look for those entries and the FTP passwords.

ext:ini WS_FTP PWD

To use the ini files, you could use them in your FTP client, cause in most of the cases, they are not readable, when viewed simply. Or you could try decoding the ini files online, and then use those values while connecting to the FTP.


In some cases, software stores its registration entries in the Windows Registry values; you could try finding them using Google.

ext:reg intext:”internet download accel”

You may land over this type of useful info:

Windows Registry Editor Version 5.00