Kali Linux

Trace Labs Kali Linux Build Configuration

Trace Labs OSINT Distribution based on Kali Linux. It covers modifications to the default Kali repository, build steps using Docker or a Debian host, and includes a list of pre-installed applications tailored for OSINT investigations.

The following changes have been made to the default Kali git repo:

  • Creation of a folder for Tracelabs under the kali-config/variant-tracelabs/package-lists/kali-list.chroot path. The kali-list.chroot can be modified to add additional packages or remove pre-configured packages that are required as part of the build process.
  • Creation of the kali-config/common/hooks/normal/osint-packages.chroot file to include the installation steps for all the git repositories that have been included in the build, and do not already have a package. The osint-packages.chroot file can be modified to add additional git repositories or remove pre-configured git repositories that are required as part of the build process. Please add any pre-requisite packages to the kali-live/kali-config/variant-tracelabs/package-lists/kali-list.chroot file.
  • Creation of the following folders under the directory kali-config/common/includes.chroot/usr/share/
    • applications: linked to the menu for applications
    • backgrounds: default Tracelabs background
    • desktop-directories: desktop directories with tools
    • firefox-esr/distribution: default Firefox policy

Build Steps

Building The ISO File On Docker

You will need a host\vm with Docker-engine installed. Installation guide can be found. Once you have docker install, you just need to run:

docker build -t tlvm .
docker run --privileged -v $(pwd)/data:/data tlvm

Windows Powershell:

docker build -t tlvm .
docker run --privileged -v ${PWD}\data:/data tlvm

Windows CMD:

docker build -t tlvm .
docker run --privileged -v %cd%\data:/data tlvm

Once the docker container will finish running, you will be able to locate the ISO file inside a folder named “data” in the location you ran the commands. Now you can use the ISO file to install the tlosint vm.

Building The ISO File On Your Debian Host Or Debian VM

Setup

This build has only been tested on a pre-existing Kali environment, as recommended by Offensive Security.

git clone https://github.com/tracelabs/tlosint-live.git
cd tl-osint
sudo ./build_tracelabsiso_recipe.sh

If the build process is successful, a .iso file will be created in the /opt/live-build-config/images directory. The .iso file can be used for live boot or to install the Virtual Machine.

The .iso file can also be converted to a .ova file using the ovftool as outlined in the “Converting to an OVA“.

OVA Download

We have set up Version 1.0 of this build in an OVA for you to easily try out.

To get started, download the OVA file via the link below and run it in your choice of VM software (ie. VMware Workstation, Virtualbox etc.).

The default credentials to log in to the TL OSINT VM are osint:osint

Applications Included In The Build

Browsers

  • Firefox ESR
  • Tor Browser

Data Analysis

  • DumpsterDiver
  • Exifprobe
  • Exifscan
  • Stegosuite

Domains

  • Domainfy (OSRFramework)
  • Sublist3r

Downloaders

  • Browse Mirrored Websites
  • Metagoofil
  • Spiderpig
  • WebHTTrack Website Copier
  • Youtube-DL

Email

  • Buster
  • Checkfy (OSRFramework)
  • Infoga
  • Mailfy (OSRFramework)
  • theHarvester
  • h8mail

Frameworks

  • Little Brother
  • OSRFramework
  • sn0int
  • Spiderfoot
  • Maltego
  • OnionSearch

Phone Numbers

  • Phonefy (OSRFramework)
  • PhoneInfoga

Social Media

  • Instaloader
  • Twint
  • Searchfy (OSRFramework)
  • Tiktok Scraper
  • Twayback

Usernames

  • Alias Generator (OSRFramework)
  • Sherlock
  • Usufy (OSRFramework)

**Other tools

  • Photon
  • Sherlock
  • Shodan
Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Recent Posts

Flyphish : Mastering Cloud-Based Phishing Simulations For Security Assessments

Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…

16 minutes ago

DeLink : Decrypting D-Link Firmware Across Devices With A Rust-Based Library

A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the…

22 minutes ago

LLM Lies : Hallucinations Are Not Bugs, But Features As Adversarial Examples

LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without…

29 minutes ago

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

5 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

5 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

1 week ago