Resources
Table of Contents
Primary Resources⌗
Monash students/staff can access our list of resources.
Access our workshop CTF scoreboard.
Missed a workshop? Recordings are on our YouTube channel!
Kali Linux Set-up⌗
Hypervisor⌗
- Download a hypervisor (virtual machine manager) either via the official website or via your preferred package manager.
- VirtualBox
- VMware
- UTM (for Apple Silicon on macOS)
From here, you can set-up you Kali Linux virtual machine (VM) either manually with Kali’s pre-built images, or automatically with Windows Subsystem for Linux or Vagrant.
VM Set-up⌗
Option 1: Manually⌗
- Download your Kali Linux installer:
- Pre-built hypervisor-specific installation media (recommended):
- Mirrored files could be sourced from any trusted mirror, such as the following:
- Download the appropriate image for your hypervisor (e.g.
kali-linux-2022-W43-virtualbox-amd64
for VirtualBox). In general, use theamd64
variant of the VM image.- Kali and its mirrors tend to package pre-built installation media as compressed 7-Zip archives, which means they must be decompressed before proceeding.
- Apple Silicon users: it appears that there are currently no pre-built Kali VM images for the platform. You will need to use the ISO installation media below.
- Installation media (ISOs):
- Mirrored files could be sourced from any trusted mirror, such as the following:
- Non-Apple Silicon users should use the
amd64
variants of the installation media. - Apple Silicon users should use the
arm64
variants of the installation media. - If https://kali.download and https://kali.org are blocked your network, installation with ISOs might not work.
- Pre-built hypervisor-specific installation media (recommended):
- Follow Kali’s documentation for your hypervisor:
- Pre-built images (recommended):
- ISOs:
- VirtualBox
- VMware
- UTM (for Apple Silicon on macOS)
Option 2: Windows Subsystem for Linux⌗
Please make sure to review the following configuration before proceeding.
According to Microsoft’s documentation regarding Windows Subsystem for Linux (WSL) set-up:
- Install Kali’s WSL distribution by running
wsl --install -d kali-linux
in an administrator command-line shell. - Restart your machine.
- Open the Kali app from the Start menu, and follow Microsoft’s best practices for setting-up your Kali user account.
- (Optional) Install Windows Terminal for easier access to Kali, PowerShell, cmd and other WSL distros you might have installed (e.g. Ubuntu)
The default WSL installation provides a minimal Kali system without a GUI. In order to use the desktop as found in the VM or ISO version of Kali or launch GUI apps, you need to install Win-KeX.
- Install
kali-win-kex
package:sudo apt update sudo apt install kali-win-kex
- Launch Win-KeX from your Kali WSL app:
- Windowed mode:
kex --win -s
- Seamless mode:
kex --sl -s
- Enhanced Session Mode:
kex --esm --ip -s
- Windowed mode:
Refer to the Win-KeX documentation for more information.
Option 3: Vagrant⌗
Please make sure to review the following configuration before proceeding.
- Download Vagrant either via their website or via your preferred package manager.
- Create a new file, named
Vagrantfile
in your current directory, with the following configuration:- Preferred hypervisor provider (
virtualbox
orvmware_desktop
) - Allocated memory
- Allocated threads
- Optional: Launch with graphical interface (
true
orfalse
) - Optional: VM name
- Synced folder between host machine and guest machine
- Preferred hypervisor provider (
- Run
vagrant plugin install vagrant-vbguest
in your command-line in order to download the plugin that makes sure that VirtualBox Guest Additions is installed on the guest machine.- Note: This command will fail to complete if you run it on an
Arch-based distribution of Linux. In this case, the
Vagrantfile
example below uses a password-based authentication instead of the key-based authentication in order to complete the VM set-up. For further information, refer to the Vagrant SSH configuration documentation.
- Note: This command will fail to complete if you run it on an
Arch-based distribution of Linux. In this case, the
- Run
vagrant up
in your command-line (at the same directory as yourVagrantfile
) in order to start the VM.- You can follow
Kali’s guide on setting-up a
Vagrantfile
. - At this stage you can wait for the VM to boot and interact with it graphically when it is ready.
- You can follow
Kali’s guide on setting-up a
- You can shut-down your VM either graphically, or by running
vagrant halt
at the same directory as yourVagrantfile
. - Run
vagrant ssh
in your command-line (at the same directory as yourVagrantfile
), in order to start an command-line session. This is a great option if your host machine does not have lots of resources for a graphical session, or if you like working with the integrated terminal of your preferred IDE.
- Example
Vagrantfile
:- VirtualBox hypervisor
- 2 GiB of memory
- 2 CPU threads
Vagrantfile
’s directory on the host is synced to/home/vagrant/Documents/CTFs
on the guest machine.
Vagrant.configure("2") do |config|
if Vagrant.has_plugin?("vagrant-vbguest")
config.ssh.insert_key = false
config.ssh.forward_agent = true
else
config.ssh.username = "vagrant"
config.ssh.password = "vagrant"
end
config.vm.provider "virtualbox" do |virtualbox|
virtualbox.memory = 2048
virtualbox.cpus = 2
virtualbox.gui = true
virtualbox.name = "Kali"
end
config.vm.box = "kalilinux/rolling"
# creating a synced folder from current directory on host to /home/vagrant/Documents/CTFs on guest
config.vm.synced_folder ".", "/home/vagrant/Documents/CTFs", create: true
end
Alternative Kali Mirrors⌗
Please make sure to review the following configuration before proceeding.
It might be the case that the Administrator of your currently-used network intentionally blocked the
https://kali.download and
https://kali.org websites from being accessed. This means that Kali’s apt
package manager is rendered unusable by default. In this case, in order to download additional packages, you have to change to default mirror to a different one.
Notable Kali mirrors include:
- https://mirrors.ocf.berkeley.edu/kali/ (recommended)
- https://mirrors.dotsrc.org/kali/
- https://mirror.serverion.com/kali/
- https://mirror.anigil.com/kali/
- https://ftp.hands.com/kali/
Option 1: Manually⌗
Run the following script from your Kali command-line session, with the alternative mirrors of your choosing:
sudo sed -i 's$http://http.kali.org/kali$https://mirrors.ocf.berkeley.edu/kali/$' /etc/apt/sources.list
sudo apt update
Option 2: Automatically (Vagrant only)⌗
Please make sure to review the following configuration before proceeding.
Add the following configuration to your Vagrantfile
, with the alternative mirrors of your choosing:
config.vm.provision "shell", inline: <<-SCRIPT
cp -f /etc/apt/sources.list{,.bkup}
cp -f /etc/apt/sources.list /tmp
sed -i 's$http://http.kali.org/kali$https://mirrors.ocf.berkeley.edu/kali/$' /tmp/sources.list
cat /tmp/sources.list > /etc/apt/sources.list
sudo apt update
SCRIPT
Additional Software⌗
- Cloud:
- Cryptography:
- Reverse-engineering:
- Steganography:
- Open-source intelligence:
apt
⌗
sudo apt install ghidra docker.io python3-pycryptodome ropper python3-ropgadget sherlock python3-pwntools steghide stegcracker binwalk
pip
⌗
pip install pwndbg
apt
Troubleshooting⌗
- If
sudo apt upgrade
fails, try runningsudo apt update
and thensudo apt full-upgrade
.