Hello and welcome back. We're now looking at the area of ethical testing and in this lecture, we’re going to look at Kali Linux. 

Kali Linux is a penetration testing operation system run by Offensive Security Ltd. 

Offensive Security are actually the owners of the course, you may have heard of it, the OSCP course. It’s created by Kali Linux and definitely worth looking into. 

They also run the Exploit Database. And they do a training on Metasploit. Metasploit is a framework used for vulnerabilities. I think about Metasploit like a vulnerability gun, where you load the Metasploit framework, which is just software, with vulnerability bullets, you aim it at the target, and you pull the trigger. Also known as Exploit, or Run. And then you just hack a system essentially.

They also house the Google Hacking Database. And they have the Kali NetHunter which is an Android penetration platform. 

The Google Hacking Database is just an index of Google searches used to obtain sensitive data. 

Kali Linux is where we find our operating system. You can download it. Here you go. These are the actual ISO images. You can also download virtual images for VMware, VirtualBox, and also Hyper V. And you can run those, and it works quite well. My personal favorite is the VirtualBox version.

So they use those same tools both to be an attacker or to be a defender. Okay, so our attackers, they are known as Red Team. And Blue Team, we can also use it to test our environment, to make sure it's safe. 

So that brings us to the world of penetration testing. Penetration testing comes in a couple of different flavors. You’ve got Red Team, external, the kind of people you hire to hack yourself so you can get good feedback as to how good your security posture is. 

Blue Team, your internal folk where you kind of do it yourself. You're testing your own environments. 

You've got Purple Team, which is a mixture of both, where they come together and try and get a blend of knowledge about your organization, and what's capable. 

With Red Team they'll try everything under the sun to get into your organization. Or rather whatever is inside the scope. So as long as it's inside the scope it's fair game. If it's outside the scope it stops being ethical testing.

So, if a company says to a tester, "You can check our server farm." and as they were testing the server farm they found that there was a way to get from the server farm to the company’s actual app and its customer data storage, but the customer data storage wasn't in the scope of the test, but the tester hacked it anyway to show, "Hey look. This is vulnerable as well,” then that's not ethical, in fact, they've actually broken the law, because it's outside the scope of the agreement.

So that's what ethical testing is. It's just testing inside the scope of the agreement that's made between a company and a tester. And that's when you start to fall into the world of gray hats.

A gray hat is a hacker who may not operate to the ethical testing standards we've discussed here, but they don't have malicious intent. So their intentions are still good.