Baby Steps
Hello World
On Feb 28, I migrated my Kali, Mint, and my OWASP BWA OS to VMware as they were gathering dust on VirtualBox. After research and final decision, I have decided that VMware was the most optimized to run my VirtualBox, where VirtualBox just wasn’t able to compare. I am still running a Ubuntu server on VirtualBox that I set up months ago for creating a encrypting private network.
Mint
For my Mint, I just used VirtualBox’s feature “Export Appliance” and then opened it and stored it under VMware. Easy peacy, didn’t even know that was a feature. Learned it from HowToGeek blog.
OWASP BWA
For OWASP BWA, I followed instructions found on GitHub and downloaded BWA from SourceForge. NOTE:
- Make sure to install on HOST-ONLY.
- Username root with the password owaspbwa.
- Make sure to change your hosts file to make it easier to browse.
More info on set up see greenjam’s blog
Kali
To install Kali 2020.1, I downloaded the VMware version from Offensive Security website. For hardening I followed Null’s Blog and Alpha Cyber Security’s blog
To summarize some steps I took to harden my Kali:
- Configuring bash alias
- Configuring Root account back (was removed on 2020.1 version)
- Changed name of Kali default user
- Created a unprivileged toruser for tor browsing
- Changed default SSH keys
- Installed Git, Tor, Tilix, Atom, Sublime,
- Changed UID and GID of users
- Installed kali-linux-all metapackage
- Update and upgraded
Next up, I plan on going through Violent Python book by TJ O’Connor and playing around with SDR dongle and getting radio waves following OZHack’s blog.
Backlog
As I am passionate to learn and understand Web Security more, I was recommended PortSwigger’s course “Introducing the Web Security Academy”.