Kali Linux PC on Stick – Boot with Laptop USB and enjoy complete Penetration Testing machine

Kali Linux on Stick

Kali Linux on USB Stick has over 600 preinstalled penetration-testing programs. It includes Armitage (a graphical cyber attack management tool). Nmap (a port scanner), Wireshark (a packet analyzer) & John the Ripper password cracker. Aircrack-ng (a software suite for penetration-testing wireless LANs). Burp suite and OWASP ZAP web application security scanners. Kali Linux can run natively when installed on a computer’s hard disk. It can be booted from a live CD or live USB. It can run within a virtual machine. It is a supported platform of the Metasploit Project‘s Metasploit Framework. It is a tool for developing and executing security exploits.”



Google Hacking with search url operators


After having a look at the operators, let’s have a basic idea of the Google search URL and its components.

Suppose, I make a search of ethical hacking using my Chrome Default Google search.

My Google search URL generated is

http://www.google.co.in/search?sourceid=chrome&ie=UTF-8&q=ethical+hacking

Looking closely, we can say that

http://www.google.co.in/search is the base Google search URL, to which more parameters will be added on, depending on the search and personalization.

sourceid =chrome tells me that the source of the query is a Chrome Browser. Had my browser been Opera, the source id would be “opera” instead of “chrome”.

ie refers to the input encoding, which in our case is UTF-8 (we will be learning about encodings later in this book)

q refers to the search query, which here is the term “Ethical Hacking”. A ‘+’ or ‘%20’ could be used to represent spaces on web.

There may be other parameters in the search URL of Google.

For a complete list of the parameters, refer to http://www.blueglass.com/blog/google-search-url-parameters-query-string-anatomy/

One may also use Google as a to view web pages anonymously. To do this, the hacker would use “Google Translate” service to view the website intended, and convert the website from English to English (considering the original website is in English). While using the translate feature, the IP on the logs of the website visited, will be of Google’s server instead of the actual attacker.

This method used to work till some time back, since then Google has stopped translation of webpages with both the input and output language being the same.