๐ฏ Lab Objectives
- Keep Kali fully updated with latest packages and tools
- Install wordlists, SecLists, and essential tooling
- Configure SSH for remote access and key-based auth
- Set up productivity aliases and tmux configuration
- Build a consistent directory structure for engagements
Step 1 โ Update Everything
# Full system update (run first on any fresh Kali)
sudo apt update && sudo apt full-upgrade -y
sudo apt autoremove -y && sudo apt autoclean
# Update all installed pip packages
pip3 list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip3 install -U 2>/dev/nullStep 2 โ Install Core Tools
# Wordlists
sudo apt install seclists wordlists -y
sudo gunzip /usr/share/wordlists/rockyou.txt.gz 2>/dev/null || true
# Recon & enumeration
sudo apt install gobuster ffuf feroxbuster nikto whatweb -y
# Exploitation
sudo apt install metasploit-framework sqlmap -y
# Privilege escalation helpers
sudo apt install linenum linpeas -y 2>/dev/null || true
wget https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh -O /opt/linpeas.sh
chmod +x /opt/linpeas.sh
# Network tools
sudo apt install netcat-traditional ncat socat curl wget -y
# Password cracking
sudo apt install hashcat john hash-identifier -y
pip3 install hashidStep 3 โ Configure SSH
# Enable and start SSH
sudo systemctl enable ssh
sudo systemctl start ssh
# Generate SSH key pair
ssh-keygen -t ed25519 -C "kalirange-lab"
# Change default SSH port (optional โ reduces scan noise)
sudo sed -i 's/#Port 22/Port 2222/' /etc/ssh/sshd_config
sudo systemctl restart sshStep 4 โ Shell Aliases
# Add to ~/.bashrc or ~/.zshrc
cat >> ~/.bashrc << 'EOF'
# KaliRange aliases
alias ll='ls -alh --color=auto'
alias nse='ls /usr/share/nmap/scripts | grep'
alias www='python3 -m http.server 8080'
alias msf='sudo msfconsole -q'
alias myip='ip addr show tun0 2>/dev/null | grep "inet " | awk "{print \$2}" | cut -d/ -f1'
alias rocks='/usr/share/wordlists/rockyou.txt'
alias update='sudo apt update && sudo apt full-upgrade -y'
# Quick nmap functions
nmapq() { sudo nmap -sC -sV -oA nmap_$1 $1; }
nmapf() { sudo nmap -sS -p- --min-rate 5000 -oA nmap_full_$1 $1; }
EOF
source ~/.bashrcStep 5 โ tmux Setup
# Install tmux
sudo apt install tmux -y
# Basic ~/.tmux.conf
cat > ~/.tmux.conf << 'EOF'
set -g default-terminal "screen-256color"
set -g history-limit 50000
set -g mouse on
set -g base-index 1
bind | split-window -h
bind - split-window -v
bind r source-file ~/.tmux.conf \; display "Reloaded!"
set -g status-style 'bg=#161b22 fg=#dc2626'
EOF
# Start a named session for your lab
tmux new -s labStep 6 โ Engagement Directory Structure
# Template function โ add to ~/.bashrc
newlab() {
TARGET=$1
mkdir -p ~/labs/$TARGET/{nmap,web,exploits,loot,notes}
echo "[*] Lab directory created: ~/labs/$TARGET"
echo "[*] Target: $TARGET" > ~/labs/$TARGET/notes/README.md
cd ~/labs/$TARGET
}
# Usage
newlab 10.10.10.1
# Resulting structure:
~/labs/10.10.10.1/
โโโ nmap/ โ scan results
โโโ web/ โ gobuster, nikto output
โโโ exploits/ โ exploit code, modified payloads
โโโ loot/ โ files, hashes, credentials found
โโโ notes/ โ your notes and READMEEnvironment Ready! Your Kali is configured for efficient pentesting. Next, run your first Nmap scan.