fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Kali Linux 2021.3 Released With New Pentest Tools, Improvements

Kali Linux 2021.3 Released With New Pentest Tools, Improvements

Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface.

Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.

With this release, the Kali Linux Team introduces the following new features:

  • OpenSSL – Wide compatibility by default
  • New Kali-Tools site – Kali-Tools has had a complete refresh
  • Better VM support in the Live image session – Copy & paste and drag & drop from your machine into a Kali VM by default
  • New tools – From adversary emulation, to subdomain takeover to Wi-Fi attacks
  • Kali NetHunter smartwatch – first of its kind, for TicHunter Pro
  • KDE 5.21 – Plasma desktop received a version bump

OpenSSL: All legacy protocols enabled

Many Linux distributions disable older insecure protocols in OpenSSL, such as TLS 1.0 and TLS 1.1, to secure devices and websites properly.https://www.ad-sandbox.com/static/html/sandbox.html

However, as Kali Linux is a penetration test distribution, it makes more sense to enable all protocols so that you can target all systems, even older devices using insecure protocols.

With this release, Offensive Security is configuring OpenSSL for wide compatibility, which means that they are enabling older ciphers and insecure protocols to increase the attack surface.

Also Read: How COVID-19 Contact Tracing in Singapore Applies at Workplace

Increased virtualization support

The Kali Live image gained increased support for running in virtualized environments such as VMware, VirtualBox, Hyper-V, and QEMU+Spice.

Offensive Security states that you can now use the Live image in a virtualized environment and automatically get copy and paste and drop and drop functionality without the need to install guest additions or other guest software.

In BleepingComputer’s tests running the Kali Linux 2021.3 Live build in the latest version of VirtualBox on Windows, resizing the display and copy and paste worked out of the box.

However, we could not get the drag and drop feature to work.

New tools added in Kali Linux 2021.3

It wouldn’t be a new Kali Linux version without some new tools and utilities, which are listed below:

  • Berate_ap – Orchestrating MANA rogue Wi-Fi Access Points
  • CALDERA – Scalable automated adversary emulation platform
  • EAPHammer – Targeted evil twin attacks against WPA2-Enterprise Wi-Fi networks
  • HostHunter – Recon tool for discovering hostnames using OSINT techniques
  • RouterKeygenPC – Generate default WPA/WEP Wi-Fi keys
  • Subjack – Subdomain takeover
  • WPA_Sycophant – Evil client portion of EAP relay attack

Revamped Kali-Tools site

Offensive Security has revamped the Kali-Tools site with a design refresh and speed improvements. In addition, OffSec hopes to make this documentation repository available offline soon.

Kali Tools documentation site

Enhanced ARM support

The Kali Linux team continues to improve support for ARM devices with the following changes:

  • Our Kali ARM build-scripts have been re-worked.
  • All images should finally resize the file-system on the first boot.
  • We now re-generate the default snakeoil cert, which fixes a couple of tools that were failing to run previously.
  • Images default to iptables-legacy and ip6tables-legacy for iptables support.
  • We now set a default locale of en_US.UTF-8 on all images, you can, of course, change this to your preferred locale.
  • The Kali user on ARM images is now in all of the same groups as base images by default, and uses zsh for the default shell. You can change your default shell by using the kali-tweaks tool which also comes pre-installed.
  • Raspberry Pi images can now use a wpa_supplicant.conf file on the /boot partition.
  • Raspberry Pi images now come with kalipi-config, and kalipi-tft-config pre-installed.
  • Pinebook Pro’s kernel has been updated to 5.14, and you now get messages on the LCD screen as it’s booting, instead of a blinking cursor until X starts.

How to get Kali Linux 2021.3

To start using Kali Linux 2021.3, you can upgrade your existing installation or download ISO images for new installs and live distributions.

Also Read: What Is Data Sovereignty and How Does It Apply To Your Business?

For those updating from a previous version, including installs on the Windows Subsystem for Linux (WSL), you can use the following commands to upgrade to the latest version.

echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" | sudo tee /etc/apt/sources.list

sudo apt update && sudo apt -y full-upgrade

cp -i /etc/skel/.bashrc ~/

cp -i /etc/skel/.zshrc ~/

chsh -s /bin/zsh

[ -f /var/run/reboot-required ] && sudo reboot -f

Once you are done upgrading, you can if the upgrade to Kali Linux 2021.3 was successful by using the following command:

grep VERSION /etc/os-release

full changelog for Kali 2021.3 can be found at Kali’s website.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us