Course Outline: Mastering Kali Linux for Beginners: A Penetration Testing Starter Kit
๐ Module 1: Introduction to Kali Linux
- What is Kali Linux and its purpose
- History and evolution of Kali (BackTrack to present)
- Use cases in cybersecurity and penetration testing
- Overview of tools included in Kali
- Understanding Offensive Security (Creators of Kali Linux)
๐ป Module 2: Setting Up Your Kali Environment
- System requirements
- Installing Kali Linux (VirtualBox, VMware, Bare-metal, or WSL)
- Downloading from the official source and verifying ISO checksums
- Configuring your VM (networking, resources, persistence)
- First boot and initial configuration
๐งญ Module 3: Navigating Kali Linux
- Introduction to the GNOME/XFCE Desktop Environment
- Terminal Basics (bash commands, sudo, apt)
- Filesystem structure in Kali
- Managing files and directories
- Keyboard shortcuts and productivity tips
๐ง Module 4: Managing Kali Tools & Software
- Using APT and package management
- Updating and upgrading tools
- Installing new tools (git, dpkg, custom scripts)
- Using
Kali Tweaksto optimize your environment - Understanding the Kali Linux metapackages
๐ Module 5: Introduction to Linux Networking
- Basic networking concepts (IP, MAC, DNS, etc.)
- Network configuration in Kali
- Common networking tools:
ip,netstat,ifconfig,nmap,ping,traceroute - Understanding interfaces (eth0, wlan0, lo)
๐งช Module 6: Introduction to Penetration Testing
- What is Penetration Testing?
- The Phases of a Penetration Test:
- Reconnaissance
- Scanning & Enumeration
- Exploitation
- Post-exploitation
- Reporting
- Kali’s role in each phase
- Ethical and legal considerations
๐งฐ Module 7: Essential Tools in Kali Linux
- ๐ Reconnaissance & Information Gathering:
whois,theHarvester,Maltego,dnsenum
- ๐ก Scanning & Enumeration:
nmap,netdiscover,enum4linux,Nikto,dirb,dirbuster
- ๐งจ Exploitation:
Metasploit Framework,searchsploit,exploitdb,msfvenom
- ๐ง Post Exploitation:
meterpreter, privilege escalation tools
- ๐ Reporting:
- Keeping logs, screenshots, and using
CherryTreeorDradis
- Keeping logs, screenshots, and using
๐ Module 8: Wireless Attacks (Intro Level)
- Wireless concepts (SSID, BSSID, WPA/WPA2)
- Wireless card setup in Kali
- Tools:
airmon-ng,airodump-ng,aireplay-ng,aircrack-ng - Capturing handshakes
- Cracking passwords with wordlists
๐งฑ Module 9: Password Attacks & Cracking
- Wordlists & brute force vs dictionary attacks
- Tools:
hydra,John the Ripper,Hashcat - Cracking demo: zip files, SSH, basic hashes
- Creating your own wordlist with
Crunch
๐ Module 10: Web Application Testing
- OWASP Top 10 Introduction
- Using
Burp Suite Community Edition - Tools:
sqlmap,nikto,XSSer - Lab-based testing: DVWA, Juice Shop, BWAPP
๐ Module 11: Automating Tasks with Scripting
- Introduction to Bash scripting
- Writing basic automation scripts for scanning and recon
- Tool integration examples (nmap โ grep โ report)
- Intro to Python for hackers (optional)
๐งช Module 12: Building a Home Lab for Practice
- Setting up target machines: Metasploitable, DVWA, TryHackMe, HackTheBox
- Networking your VMs
- Safe hacking: keeping your host safe
- Snapshotting and backups
๐ Module 13: Reporting & Documentation
- Why reporting matters
- Screenshotting tools (
shutter,gnome-screenshot) - Tools:
CherryTree,KeepNote,Dradis,LibreOffice - Creating a sample pentest report
๐ Module 14: Next Steps and Resources
- Where to go from here: OSCP, TryHackMe, HackTheBox
- Community resources: Reddit, Discord, GitHub, Twitter
- Maintaining a Kali system
- Staying legal, ethical, and up-to-date
๐ Bonus Materials
- PDF Cheat Sheets for key tools
- Wordlists (SecLists, RockYou)
- Lab Challenges and Assignments
- CTF walkthrough examples (basic)
Outcome: By the end of the course, learners will be able to:
- Confidently use Kali Linux for ethical hacking
- Understand the phases of penetration testing
- Conduct basic attacks in a controlled lab
- Document findings and write penetration test reports
- Begin preparing for certification (e.g., OSCP, COMPTIA, CEH, ..)