On this page

• Install Tools
• Troubleshooting

---

Exercise 00: System Setup

This workshop will make use of some common penetration testing tools, all of which are free and available on Kali, a Linux distribution made for penetration testing and ethical hacking.

There are many ways to run Kali. I recommend using one of the pre-built virtual machine or container images, but choose whichever method you feel most comfortable with:

• Pre-built virtual machines:
  • VMware
  • VirtualBox
  • Hyper-V
• Windows Subsystem for Linux (WSL)
• Docker
• Podman
• Live USB/CD/DVD
• Bare metal (hardcore option!)

Install Tools

Once you have Kali up and running, run the following command at a terminal to ensure you have the necessary tools installed (note that sudo is not required on Docker as you are the root user by default):

sudo apt-get update
sudo apt-get -y install hashcat nuclei sqlmap sublist3r

If you are using WSL or Docker, you should also install Burp Suite Community Edition on your host system (as it is a GUI app). If you use one of the pre-built virtual machines (which come with a graphical desktop environment), Burp comes pre-installed.

Troubleshooting

If you are having trouble getting things set up, feel free to raise an issue on GitHub or get in touch with me on Discord (I am stvnhrlnd), Mastodon, or the Umbraco community forum.

You may also want to watch the repository for updates as I develop the workshop. The exact tools we use may change, but the main things to have prepared in advance are Kali and Burp.