As recently mentioned, I’ve been working on a few projects of late. In preparation for an OpenSSH based class I might offer, I found myself wanting to offer a shorter class on OpenBSD’s VMM/VMD virtual machine hypervisor system. In researching this VMM/VMD system, one of my tests involved booting a linux live disk. I chose Kali for this. Getting it to boot wasn’t straight forward, due to the lack of a graphics KVM style console. The VMM/VMD hypervisor uses serial connections to the guest operating systems, so I had to find all of the bells and whistles to pass to the Kali boot loader to make it boot to a usable login prompt.
Secondary to the above, and partially why Kali was chosen, is the fact that my GCIH is half its lifetime old. It’s a 4 year certification, and I’ve had it for 2 years, now. I got a reminder that renewal is coming up, and I began the refresher research on what’s involved in keeping this certification maintained through the renewal process. One option is to take another SANS course, and get a new certificate from it. While I would love to do this at some point, their courses are very expensive. I also have an itch to try a different certification provider, and one of those stands out above the rest, to me. I’ve decided I will likely go for the PWK (Pentesting With Kali) class from Offensive Security, and take the OSCP (Offensive Security Certified Professional) exam and certification. This certification has “teeth” in that you don’t memorize a question/answer pool in order to answer a bunch of questions that are similar, but not exactly the same. Instead, they give you about 48 hours (2 days) for the total exam. The first day is to do an actual penetration test of a 5 machine environment, and the second day is to give you time to do a professional quality write up/report of the pentest as if you were presenting the report to a client. The cost is within reason, and my family supports me in this endeavor. To that end, Kali is on my radar as a “use this frequently” system this year.
I have several options for running Kali moving forward, and I will cover many of them as I go on this journey. I will eventually go over running it in virtual machine environments up to and including VMware Workstation, Oracle VirtualBox, as a ProxMox guest, and of course, through the serial console as an OpenBSD VMM/VMD guest. I may or may not get around to covering running it as a live bootable USB stick, or as a physical install to a typical x86_64 laptop. All of these are things I’m looking at, but the first thing I’ll cover is installation and use on a Raspberry Pi.
I’ve made a few attempts at using Kali on a Raspberry Pi before. I had trouble getting the TFT displays working satisfactorily, and I benched those projects due to the level of hassle and my own time constraints. I knew that when I circled back around to this idea, I’d want a bigger screen than either of those TFT displays offered. I want the device to be portable enough that I can take it almost anywhere and set up shop, but I need a display that gives me enough work space to actually … work.
The smallest display I was willing to look at was the 7 inch displays available, but my wife has a 7 inch tablet, and it’s only a little larger than a modern day smart phone. My latest failed Kali attempt was on my own tablet, where Kali Nethunter never seemed to get installed properly no matter how many times I went through the process. I like this screen size, and there are a few 10 inch displays available. I almost settled on a device that used one of these when I discovered that there is actually a kit that turns a Raspberry Pi into a laptop form factor.
The two versions of the kit available on AdaFruit are the first version of this product. One is green, and one is grey, but the kit itself is otherwise the same. The project site has an updated “pi-top 2” design, which moves the trackpad down below the keyboard, and gives room for the keyboard to be full size, which works better for me. I never liked trackpads in general, because I tend to brush the thing while I’m typing, but I’m sure I’ll work around this limitation somehow. This case is also green, with no grey option available. I would prefer grey, but I can live with the green case as long as it is as functional as I hope it will be.
After all of the research I’ve done, I have decided on the pi-top as my next Kali attempt. I’ve made the purchase for the pi-top 2 style case, and will cover the experience of how the order/tracking went, unboxing, setting it up, running the pi-top polarisOS that comes with it, and getting Kali installed and running on the new machine.
The order arrived today, but the write up for that will be next week.