Offensive Security on AWS Part 1

The cyber crime has taken a new landscape to the cloud. Many businesses have not taken notice the shared responsibility model when they start migrating their production and critical workloads to the cloud. I wrote a blog regarding this on Kloud blog.

2014 data breach has reached the highest point all time. Because of the public availability of hacking software and tools, the hacker of this decade could be anyone even an under-age kid.

Kali Linux is one of the offensive security (hacking) tools with more than 300 pre-installed tools. This will provide enough tools to test the security on our environment.

Writer does not responsible for any misuse of Kali Linux and this guide is written for educational purpose.


Kali Linux on AWS Step One

For the readers who want to know more regarding Kali Linux, click here . A year ago Kali Linux has finally been approved into Amazon EC2 marketplace. What does it mean for us? It means we can now boot an EC2 instance of Kali Linux  using Image from AWS Marketplace and quickly take advantage of these offensive security tools to do penetration testing for our AWS environment especially.

For the readers who want to know how to start with AWS, click here.

Log into your AWS, Go to EC2 services, Go to AWS Marketplace and search for Kali Linux:



Select Kali Linux, for the lab purpose I use Micro instances and next configure the instance as required. You can launch Kali inside VPC.  It is recommended :

  • To use IAM (Identity and Access Management) role to secure access to your Kali Linux. The last thing you want is some bad guys using Kali inside your environment to hack your own environment.  IAM best practices can be found here.
  • Security Groups to be configured allowing SSH only to certain IP addresses. AWS Security Groups guidelines can be found here.

Download your keypair and keep it safely. SSH to your Kali. USERNAME = admin


Ok first step is done. Run sudo su to go to the root and we are ready for the step two


Kali Linux on AWS Step Two

The Kali-Linux provided is bare-bones Kali image. We need to install Full Kali and several other packages available.

Run : apt-get update if you got an old version of kali-archive-keyring

Run : apt-key adv –keyserver hkp:// –recv-keys 7D8D0BF6

Run apt-get install kali-linux-full to get full Kali Linux full installation


Run : apt-get install kali-linux-top10 to get the top 10 security tools in one swoop

Then the next step if you want to install X on your desktop (xfce):

apt-get install xorg xfce4 xfce4-places-plugin xfce4-goodies

You will be prompted with configuration wizard:


Then check to see if TightVNCServer is installed:

dpkg –get-selections |grep tightvncserver

If not, Run: apt-get install tightvncserver


Start the VNC server, run:  vncserver :1

Check the VNC Port, run: netstat -an |grep 590


On Production environment do not allow listening to anything ( Check the AWS Security Groups to allow your IP VNC to the kali linux instance.

Kali Linux on AWS Step Three (Optional)

Install GNOME Desktop (Optional) to give us user-friendly GUI driven for our Kali

apt-get install gnome-core kali-defaults kali-root-login desktop-base

To enable full GNOME instead of fallback GNOME, run:

dbus-launch gsettings set org.gnome.desktop.session session-name ‘gnome’

VNC to Kali Linux on AWS

VNC to the Kali :


Click here for the list of all Kali Linux metapackages you can install.

Next blog post we will discuss further on how to use Kali Linux

5 thoughts on “Offensive Security on AWS Part 1

  1. Hi! I’m getting a blank gray screen in VNC and have been unable to resolve this with the guidance I’ve found online. Any tips?

    1. Hi Ayush,

      Yes this is long overdue. I am working on it, maybe started looking at the threats from standard image for both Windows and Linux provided by AWS.
      Thanks for reminding me.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.