Kali Linux for Beginners: Boost Your Study and System Research Productivity

1. Welcome: Welcome to Mastering Cal nis using built in tools for cybersecurity. I am Ashwakar, your instructor for this course, and I will be guiding you every step of the way. This course is proudly developed in collaboration with Shuba Pari, and together, we have created something truly hands on and beginner friendly. 2. Introduction to Virtual Machines: Diving into live testing, you need a safe and cultd environment to practice, and that is exactly what our Virtual lab offers. It's your personal cybersecurity playground where you can attack, defend, and experiment without consequences. Our virtual lab setup include aliens as your attacking machine and several vulnerable targets like Metasplotable or Spoken webbl. You will configure these within our Vtual network so they can interact but stay isolated from your actual system. You will learn how to set up virtual machine, assign network adapters, create snapshots, and simulate real wallet scenario. The goal is to make mistakes, learn from them, and build confidence in your skills safely. Having your own lab is not optional. It's the foundation of hands on learning in cybersecurity. You control everything, you break everything, and most importantly, you fix everything. To build that Virtual lab, you will need a hypervisor, and Virtual Box is one of the best free options available. It allows you to run multiple operating systems on your horse machine without affecting your main system. With Virtual Box, you can install Colin, windows, met explore table, and other machines as virtual environments. You will learn how to allocate memory, CPU, storage, and set up network types like NAD, bridge or horse only. Are critical for simulating real attacks. It's not just about running machines. Virtual box helps you manage resources, control snapshots, share folders and experiment in ways that physical systems cannot. Plus, you can export and import virtual machines making your lab portable and scalable. Whether you are practicing ethical lacking, ditch forensics or malware ans, virtual box is your launchpad. Metasploitb is your go to intentionally vulnerable virtual machine. It's built to be attacked, poked, prodded and exploited. Think of it as your crash test dummy. Perfect for learning how real world vulnerabilities work. This virtual machine is packed with outdated software and services, including vulnerable versions of FTP, SSS, web servers, and even databases. It's a gold mine for practicing exploit using tools like Metasploit and Map, NICTO and many More. Targeting matters por table, you will learn how to scan for weaknesses, gain access, cleared privileges, and maintain persistence, all without harming our real system. And because it's open source and widely spotted, it integrates perfectly with Cal IEX tools. If you are serious about mastering penetration testing, this machine is not optional. It's essential. The OAS Broken Web application project is a created collection of deliberately in sscure web apps. It's designed to help you understand how web based attack works from injection flaws to session hijacking. Inside this virtual machine, you will find a variety of applications like DAM vulnerable web application, Multidi, web God, and many More. Each app is loaded with lessons around OS top ten vulnerabilities. That you are testing SQL injection, cross side scripting, request for G or file inclusion, Broken web app gives you a safe environment to explore the full spectrum of application vulnerability. The web interface is make it easy to use and beginner friendly, even if you have never written a line of code. If your goal is to become a web Security expert, this is the playground where you will build that expertise. Congratulations. You have just completed a deep dive into the world of Kalinic and it's built in tool from learning what Linux is to setting up your own virtual lab to mastering categories like exploitation, sniffing, pause exploitation, and more. You have laid the foundation for real world cybersecurity skill, but this is just the beginning. That you know how CLNC works, how its tool are organized. The next step is practice. Go hands on, explore tools like metasploit, bud Suite, WireShark, and social engineering toolkit in your lab. Revisit vulnerable machines, break them, fix them, and learn. In the real world, cyberscuity is about persistence, curiosity, and responsibility. Use your skills ethically, keep learning, and most importantly, stay sharp because attackers never stop evolving. 3. Setting up Secure LAB Environment: Things off, we will establish a lab environment designed for ethical lacking and penetration testing. This setup will consist of a core Linux machine, along with two vulnerable systems that will serve as a target for testing and exploitation. To get started, we will head over to the official Kenex website to download a preconfigured Karenix virtual machine. That open up your browser and type Kali Linux. Open up the official website and click on Download. So opting for the prebuilt VM rather than ASTOimage streamline the process saving us from setting up the operating system from scratch. This way, we can dive straight into testing without spending extra time on initial configuration. So I will be using Virtual Box. Our hypervisor is Vitualbx, so I will click on it. So we have initiated the download process for Cali, and the file size is approximately 3.3 GB. Since it is a fairly large file, we will need it to give it some time to complete. The download is complete and we now have a zip file. The next step is to extract it, so we will get started with the right away. So right click on it and extract here. So extraction might take a moment. So let's sit back and let the system do its thing. Now that the extraction process is finished, and we have the CN vitualbx file. Now the next task is to set up a virtual box. So head over to its official website, type virtual box in the search bar and hit Enter. Open it up. So unlike the LINX setup, we will need the virtual box setup. So make sure to choose the appropriate version for your operating system. Windows user should choose Windows host package, while McIntosh user can grab the MacOS version, and Linux enthusiasts can opt for the Linux distribution version. So I will click on Windows Host. So the download is roughly 119 MB, so it won't take too long. I have already installed it, so I will pause it and install the software instead. There it is. So we can begin the installation. So click to proceed through the setup wizard. Stick to the default options as you navigate through the installation process. Okay, next, yes. Okay, next, install. When you reach the final setup, install, allow the software to install completely. Don't exit or close it prematurely. Once it's finished, click Finish to complete the setup. So with Virtual box successfully installed, we can now load our current virtual machine. So now we get to the folder where you extracted the index files where it is. So look for the virtual machine with the extension VBox file. You can check it by going to properties and dot VBox extension. So double click on it. So the file will download into Virtual Box. So next, customize the specifications of the virtual machine according to your customs capability. For instance, you can increase the memory allocation. I will increase up to eight GB. Or suggest a number of processes if you want. Okay. So I will set the network adapter to Bridge adapter. And other than that, you can also get all these options. Okay. So now, head back to the main page and click start to launch the virtual machine. While the Linux virtual machine is starting up, we will download to vulnerable machine. So first head over to L Hub website. OL Hub. Um, I think this is let's check it. Yeah, this one. And in the search bar first, we will download the OS broken web application, and after that, Metasplotable. So let's download it type OS broken web application. Okay, here it is, click on it and click on the SourceForge website link. And it will start downloading and here you go. So it's around 1.7 GB. I have already downloaded this file, so I will not download it. So once you download it, head back again to the OHI website and type MetasFlotable. And you had to download MetasFlotable, to Vulnerable Machine. Again, on the search for website, you can download this vulnerable machine. And here you go. My download has started, I will also pass this one. So if your download does not start on source for website, you can do that. You can change the mirror simply by go to Problems downloading and you can change the mirror from here and your download will start downloading. So my vulnerable me machine was downloaded. I will navigate to the fold here it is, first, I will extract both of them. Let's head over to Cinex Machine. Okay. Default password and username is Kali Cali. Okay, you can maximize the screen by going to view and full screen mode. Okay, there you go. So Cali has prebuilt directories similar to folders and Windows. You can create or download or delete them, which is here. So next, it has the text editor which allows you to create or edit text file. There is also a browser icon for accessing the web and finally the terminal to update the Kalinex machine. So use sudosu command to access root privileges, password by default is Col. Here we go. So once you have entered the password, run the command, APT, get update and hit Enter. It will update the system, so make sure to type the command exactly as shown or you might encounter errors. The terminal has several useful features. For example, you can open a new tab through the file menu. There you go. And you can also customize the theme by going to preferences tab. So Okay. From here, you can change the theme I preferred. I love green or black. So I will apply this one. Apply and ok. It gives me a hacking vibes. So here you go. So if you want to zoom in or out, you can simply press Control and plus icon together and zoom out for control and minus icon. So once the update is complete, Cali Enix is fully set up. We will now proceed to configure the vulnerable machine. So let's get this one and here it is. So let's head over to the virtual box, go to settings, my word. No settings, click New type whatever name you want, first I will metasploit, so it is meta. Okay. And here you have to give the path where your file is saved. So in my case, it's documents and metastable Linux and here and slack folder. Next, you had to give the ISO file, but we don't have. So skip it. What you have to do is that you have to change this to Linux, and you can use other Linux 60 forward. Then go to hardware. You can change there memory. I will allocate one GB is enough for this and on the hard disk. Click on use an existing hardware D file and click this icon. Click on AD and here you go. Here it is Meds portable. Click on it. Click Finish, and Metasputable machine is ready to use. Open it. Same procedure with the OS Broken web application machine. First, we had to extract it until then let's navigate to the OAS Broken web application. Here you go. So I forgot one thing here that for matters portable, you had to give it's a bridge adapter. So I will close the machine and once I will restart again, I will set it to Bridge adapter, o? Because if you don't select this one, you can perform any attack on this machine because Net is a private network. We will discuss all these things in detail in our further videos. So our machine is first time loading, it will take some time. Let's see. So our Clinex machine is fully installed and configured. This is our IP. This is our subnetmarks. This is our broadcast address, and this is our IPV six address, and these are interfaces, en at zero and local ost. And here we go. Okay, great. So I will close the Clinix machine and it is installed successfully. Okay. So I don't know why it's taking too much time, Let's wait for it. Also, our OS broken W application has almost been extracted. Now it's time to configure the second vulnerable machine. First, I will create a new virtual machine in virtual box and give it an appropriate name such as p. Then I will select the folder where this machine is located. Not here, other documents, and here it is. Select folder. So similar to before, I will choose other as machine type and then proceed to the hardest setting. In the hardest option, I will choose the second option and then click on ED and you can add the first one. Double click on it, and you are good to go. Okay. Finish. I will start this machine too. I forgot again the conversion of the network adapter from net to bridge adapter. I will do this later. Okay, MSF machine has been started. Default password is MSF Admin and MSF admin. And here you go. It started. Currently, the IP is 10.0.2.15 because it is a net IP. I did not convert it to bridge adapter, like our Clinix IP was starting with 192. So in my next videos, you will see here, the IP is like 192 dot 1681 dot something. Okay. So this machine is also configured. I will close this one. And the last machine is being opened too. It's by default, username is root and password is OS BWA. Let's type. And here you go. I started to, again, it's IPs 10.0.2.15 because my adapter is in Net. So our lab environment is fully set up. You have installed CNX machine with two vulnerable machines. 4. Learn DNS Map Ethically: This video, we continue our practical work on the prebuilt tools of CLNC. In the previous video, we work with our first DNS analysis tool, which was DNS EAM and perform a complete DNS footprinting scan on the domain trhacm.com. In this video, we will move forward to the second tool in the same category. This tool also belongs to the information gathering category and its subcategory is DNS Analysis. Name of the tool we will cover in this video is DNS Map. DNS Map is a powerful tool used for DNS embrion tool or included by default in CLNC. It is primarily used to discover subdomains of a target domain by performing brute force looks using built in or user splied wordlist. Tool works by systematically trying each word from the list and appending it to the target domain to check it if resolved to a valid IP address. So if the DNS query is successful, DNS Map locks the subdomain along with its resolved IP address. Unlike some other DNS enumeration tools that are performed zone transfer, Google scrapping or reverse lookups, DNS map is solely focused on root for subdomain discovery. This makes it lightweight, fast and effective when the aim is to uncover hidden or obscure subdomain that may not be publicly advertised but still exists in the DNS records. It's important to note that discovering subdomain can give critical insights into the structure of an organization's network. Subdomains can reveal development environments, admin panels, APIs, staging sites, or internal tools, any of which could be potential entry points for a penetration tester or attacker. Thus, tools like DNS map play a vital role in reconnaissance the first phase of any security assessment. NS MAP is particularly useful in the early stages of ethical lacking or bug bounty hunting, where you need to gather as much information as possible about the external attack surface of a target because it relies on brute forcing from a wordless. Its effectiveness depends heavily on the quality and relevance of that wordless. Now that we have studied the manual and understand the theoretical foundation of the DNS map tool, let's dive into its command line usage to explore the practical option available to us. Okay, pseudosu and C. So unlike mini tools where help information is displayed using the minus H or minus minus help flag, DNS Map displays its basic usage guide when we run the tool without any argument. So to access the available flags and use scientists, we simply type DNS Map. My. So this command displays the DNS map Varian, which in our case is 0.36, along with its short description DNS Network mapper. Below that, we see the usage sites and a list of optional parameters that we can use to customize our subdomain enumeration. Let's go through some of the important options available and explain what they do. First, we have minus W. This option allows us to specify an external Wordless file. By default DNS map uses is internal Words of around 1,000 commonly used subdomain, however, by using the minus W flag, we can provide our own custom wordlist. This is particularly useful during red teaming or targeted engagements when we want to use a highly specialized or larger set of subdomain prefixes. For example, if we are attacking a target in a particular industry, we might include industry specific terms in our wordlist, increasing our chances of discovering valid subdomains. Next is minus R. Minus this flag is used to store the output in a human readable format. This is very helpful for documentation and reporting purposes. After the scan is complete, the output is saved to the file specified here, so we don't need to scroll through the terminal to find results. It's help in situation where the results might be large or need to be shared with a team. Then we have minus C. So this option tells DNS Map to save the output in a CSV format. This is extremely valuable if we want to further analyze the results in tools like Excel, Google Sheets or integrate them into automated pipelines for asset tracking or attack surface management. CSV format, make it easier to filter and sort results, especially when dealing with hundreds of subdomains. Another powerful flag is minus D. This flag allows us to introduce our delay in milliseconds between each DNS request, by default, DNS performs a rapid enumeration, which can sometimes trigger rate limiting or DNS server protection mechanism. When scanning large domains or working in stealthy red team operation, this option is critical. It allows us to throttle the scan to stay under the radar and avoid being blocked or detected. Lastly, we have minus I. So this is a smart feature. During subdomain and aggression, it's common to encounter false positive. For example, wildcard DNS record that is every subdomain to a single IP address This can make it look like all guest subdomain exist when they really don't. Using the minus I option, we can specify such IPs to ignore. Filters out noise and foxes only on the truly unique or interesting subdomains. Now that we have covered the options and theoretical background of the DNS map tool, let's move into the practical demonstration. So we will execute the tool on a real domain to observe how it identifies subdomain using brute forcing techniques to initiate the scan, so we simply enter the command, DNS Map, then trhacm.com. So once we run this command, DNS Map starts by confirming its version. In our case, version is 0.36. Then it prints a message indicating that it's searching for subdomains related to trihacme.com. Okay. Then as we mentioned earlier, the internal world contains around 1,000 Coba English and Spanish subdomain prefixes, such as admin, mail, VPN, and so on. So it also mentions that it is using maximum random delay of ten milliseconds between DNS requests. This slide delay is built in by default to avoid overwhelming the DNS servers and to reduce the chance of getting blocked during fast enumeration. Now, let's examine the output. First subdomain discovered is admin.trihcm.com. So DNS map shows both IPV six address and IP V four addresses. With this subdomain. So the IPV V six addresses include these three. So immediately after that, we also see the IPV four addresses tried to the same subdomain. So these IP addresses reveal the various network paths or mirrors through which this subdomain is accessible. This is valuable for security analysts as it might indicate load balancing, CDNs or geographically distributed infrastructure. Next DNS Map discovers blog.thcm.com. Once again, we receive both IPV six and IPV four addresses. So this consistent dual stack setup, IPV six and IPV four shows that the site is modernized to spot both addressing protocol, which is quite common for well maintained infrastructure. Then we find help do trib.com, just like with the other subdomain, DNS Marisol, this domain to the same group of IPV six and IPV four addresses. So this indicates that these subdomains are likely hosted on the same infrastructure, possibly behind a reverse proxy or content delivery network like Cloudfare. This enumeration process helps us map out the external facing services of our target. So in a real penetration test, each of these subdomains could be explored individually to look for misconfiguration, outdated software, or expose administrative interfaces. For instance, admin.thcm.com could host administrative portals while help.thcm.com might contain knowledge based articles that accidentally expose internal technologies or service details. So by discovering these subdomains passively through DNS queries without sending any direct STTP or web traffic, we remain still the key requirement in many RD Team or steal recon engagements. So in this video, we explore the tool DNS Map which is a powerful utility for scanning subdomains through brute force techniques. We discuss its usage, installation, and key flags such as minus W for using a customer list minus R for saving results in a regular text file, minus C for CSS, CSV format, and the minus D option to set a delay between requests to avoid detection. Through a practical demonstration on the dominrahacm.com, we see how DNS helps in identifying subdomains and their associated IP addresses. Remember, tools like DNS Map are integral during the information gathering and during the information gathering phase of penetration testing. So helping to uncover hidden subdomains that could provide valuable entry points or sensitive information. So always use these tools ethically and legally, happy learning, and stay safe while exploring cybersecurity. 5. Zenmap: Welcome back, everyone, to our ongoing series, Mastering Care IEX Pre Build Tools. In our last video, we dove into Unicorn Scan, a high speed POTScanner that help us uncover open services, ACRS, and entire subnet. Today, we are moving to the third tool in our exploration of information gathering, specifically under network and POTScana subcateary and that tool is ZN ME. Just as a quick recap, we are currently deep diving into the information gathering section of CLNExEtensive toolset. This stage of pentation test is all about visibility, discovering devices, identifying ports, and gathering data without directly engaging the target. Within this phase, the network and pot scanner subcategory is essential for uncovering the digital footprint of a system or network. So far, we have covered tools like Unicorn, which focus on speed and app. Now it's time to look at something more visual and user friendly, something designed for user who prefer a graphical interface without sacrificing the power of a command line tool. So NMAP is the official GI front end for NMAP, the industry standard network scanner used by professional across the globe. It's built to make NMAPs powerful capabilities more accessible, especially for user who might not be as comfortable typing complex command into a terminal. NMap was designed with both beginners and season pros in mind. For newcomers, it offers a simple interface where you can run scans, view results, and even save them for future analysis. For advanced user, it enables quick access to custom and map profiles, complex scan types, and visual topology maps all in just a few clicks. So what really sets XN Map apart as its combination of ease of use and depth will get all the power of NMAP, like sink scan, OS fingerprinting, virgin detection, pink sweep, trace route, and many more, but wrapped in a clean initiative interface. So some standout features include intense scan or quick scan plus, which you can run without memorizing syntax. It shows the exact NMAP scan being run under the hood, so it's educational tool. Can compare scans over time to detect changes in network configuration or services. A ZN Map generates a visual network map showing how hosts relate to each other, great for visual lenders or reporting purposes. So if you are a visual thinker or working in an environment where screenshots and documentation are important, ZN Map is of fantastic choice. It bridges the gap between CLI Power and JI clarity. Zenmap is perfect for presentation testers, system administrators, students and learners and security. So whether you are mapping out database auditing internalan or NI scans on your home lab, Zen Mps gets the job done and present its beautifully. Now, let's explore with opening Zenmap on our Karen system. So first, go to the application menu in Kareni and type Zenmap, or you can see the such category of information gathering and then go to Network port scanner and here it is and press and click on it. Also you can access it from a command line by simply typing Zenmap and hit Enter. So once you open, the tool will launch and you will see the main Zenmap dashboard. So first of all, we will perform our scan on our vulnerable machine, which is Metasplotable. I've already opened the machine and configure it to check its IP address, which is 190-21-6081 dot 11. Now, let's enter this IP in the target field. You have already done this. So if you didn't type IP address in the target field. Next, we have different type of scans available in a ZN map. So the options are like, first of all, intense scan. So this is a thorough scan that checks for open ports, attempts to identify the services running on those ports and detect the operating system of the target machine. So it may take longer because it performs many checks. Then we have intense scan plus UDP. So this scan is extension of the intense scan, including scanning for UDP services. So UDP is a protocol often used for services like DNS, DSCP and SNMP, and scanning for these services provides a more comprehensive result. Then we have intense scan or TCP port. This scan checks all 65,000 plus TCP ports on the target, unlike the default intense scan that checks only the most common ones. Then we have intense scan no ping. So this scan performs all the checks of the intense scan, but it skips the ping to avoid detection or bypass a firewall that may block ICMP packets. Then we have pink scan. This is a lightweight scan that only checks if the target machine is alive or reachable. Then we have quick scan, a faster scan that checks only the most common 1,000 TCP ports. We have Quick Scan plus. So this scan is extension of the quick scan. It's not only check the most common 1,000 TB pots, but it also performs service virgin detection attempts to identify the services running on those pots. Then we have quick Trace route. So this scan helps map the network route between the scanner and the target. We have regular scan, a simple scan that performs a basic check for open ports and a few service detection. Last, this scan is a detailed and thorough check, but it's much lower because it checks every aspect of the target, including the services, versions, and the entire range of ports. So for now, we will performing, first of all, a pink scan on the target machine to use this simply select pink scan from the option. You can also see the command for this scan at the bottom, which in this cad is NMAP minus small AN and then IP. So the minus small AN flag is used for a pink scan, which tells NMAP to skip the pot scan and just check whether the horse is reachable. So this command is very useful for discovering if a machine is up and running without wasting time scanning for open pod. After setting the scan types, simply click on scan to initiate the process. So this will perform the pink scan and give you a result that shows if the target machine is online or not. Now after selecting the pink scan, you had to click on the scan button to begin. And once clicked, the scan will start and you will see the progress in real time. Since everything is in GI form in Zenmap, it makes it much easier for user to perform this scan without manually entering complex command. So once the scan complete, you will see the output with details such as in my case is host is up, this indicate that the target machine is online and reachable. Then we have the MAC address of the target machine and the NMAP time taken for the scan to complete is shown here too, which is 0.30 seconds. Output of the scan is similar to what you would see in a command line NMAP scan. But all of this is happening through the I. In the I, you can modify the scan setting. For example, you can change the scan type and even manually type down Nmap scan for command for different types of scan. So if you want more boss output, you can change the command to use minus V for orbs and for the Wboss mode, Nmap, when the minus V option is used, NMAP provides extra details such as port status, scan progress and more detailed information about the scan itself. This is our boss mode, and it provides more output than the normal scan. You can check it ten. See, now the output is more than before. This showing that the scan progression and giving more information about each stage. So when trying to perform an OS scan using the minus of legs, you will get an error. Why? I will tell you. You see, when trying to perform an OS case using the minus of lag, you will get an error if you don't provide a port scan. This is because OI detection requires information about the open ports, too. We had to find open ports. After that, we can find the OS version. So now let's perform a port scan to check the open parts on the target machine. So we will try quick scan which is faster and does not take much time. And what happened even with a port scan, you need to use Let me type again, 68 dot one dot one, and I will check the quickscan and scan. Okay. And for the quick scan, NMap shows the command minus T four. This flag sets the timing template to four, which is aggressive and speed up the scan the minus F flag, this flag scan fever ports to complete the scan more quickly. Once you click on the scan button, the scan will start and you will see a list of open ports like FTP, SSH, Telnet, and SMTP and many others. However, since this is a quick scan, you won't get detailed information about E service. And if you want more information about the open ports, you can opt for a more detailed scan like the Intense scan or Intense plus UDP. For intense scan, the command is this one, we have minus A flag and with minus V for boss mode. So the minus A, this flag enable aggressive mode, which does a deeper scanner to gather information about the target machine such as OS detection, virgin detection, and script scanning. And for intense scan plus UDP, the command is this. We have some more flags in addition to previous scan, which is small a capitals. So this flag is used for a TCB sync scan, and the minus small capitUT flag perform the UDP scan which checks UDP ports. This can take longer to complete, but you can try them on your own if you are interested in more detail result. Simply click on the scan button and the scan will be started. We will perform one last scanner, which is the quick trace route. But let's briefly explain trace route. Basically trace route is a network diagnostic tool used to trace the path that packets take from one device to another across a network. It shows the intermediate hops, which are routers or devices along the way, along with the round trip time for each hob. This helps in understanding the route taken by the data and is useful in diagnosing network issues such as latency or routing problem. So for the quick trace route, we will start with an IP. We will start with an IP address within our own network. So the trace route should complete in one hop. So the scan for this type is a small ASN. This flag tells NMAP to perform a pink scan, then minus minus trace route. This option enable trace route in the scan. And so first, we will perform scan over our internal machine, which is within the same network. So this scan should complete in one hop since it's your local network. Now let's scan as expected, we get only one hop, which indicates that the direct connection with the network. Now let's try a trace route to w.trohcm.com. Since this website is not in your local network, it will have multiple hop as the data passes through several routers and network. So we will we will type www.rhab.com as the target and perform the scan. So as you can see, we get a trace route with eight hops, starting from our network and passing through intermediate networks like 10.60 192 dot one, then 10.0 0.0 dot 81. And before reaching trihcm.com, it goes to these devices or routers or whatever these are. So as you can see, we get a trace of eight hops. This concludes the end of the video. In this session, we thoroughly explore Zenmap, the graphical user interface for NMAP, a powerful network scanning tool. So throughout we explore XN easy to use interface, allowing us to configure scan with simple options and view results graphically. We also describe different scan types such as intense scan, quick scan, and trace route, and how to use them effectively for both detail analysis and checks. So overall, XN Map offers a comprehensive user friendly solution for network discovery and Security editing, making it an essential tool for network administrators, cybersecurity professionals, and anyone looking to better understand their network environment. So stay safe, stay secure and keep learning.