KOOLSEK

what's this famous cybersecurity

DEFINITION OF CYBERSECURITY

Cybersecurity is the set of means, practices and technologies implemented to protect IT

systems, networks, data and users against cyberthreats. It aims to prevent, detect and
respond to attacks such as hacking, malware, phishing and data breaches, in order to ensure
the confidentiality, integrity and availability of [Link] now let's talk about what
attracts us the most pentesting.

WHAT IS THE PENTESTING

Pentesting is like fake hacking, carried out in a controlled and authorized manner. The aim is
to test the security of a site, network or computer system to see if there are any flaws that
real hackers could exploit.

Basically, a slater plays the role of a “nice” hacker to help companies spot their weak points
and correct them before a real attacker discovers them.

Here are the steps of a pentest (penetration test) explained in a simple and logical order, as
you might follow them in the field:

1. Preparation (or scoping) phase

 Define objectives with the customer: what do they want to test?
Determine the scope: website, internal network, mobile application, etc.
Choose the type of test: black box (no information), gray box (partial information), or
white box (full access).
Obtain legal authorization to act.

2. Information gathering (reconnaissance / passive & active recognition)

Passive: search for publicly available information (whois, social networks, search engines,
etc.).
Active: scan ports, identify services, map infrastructure.
Goal: understand the target without being detected, then interact with it to find out
more.

3. Vulnerability scanning

Use tools (such as Nmap, Nessus, Nikto, etc.) to spot known vulnerabilities.
Check software versions, open services, weak configurations.
Identify potential entry points.

4. Exploitation

Attempt to take advantage of any vulnerabilities discovered to gain access to the system
or data.
Use scripts or tools such as Metasploit, SQLmap, etc.
Warning: this step must be controlled to avoid causing damage.

5. Elevation of privileges

Once inside, try to increase your rights (e.g. from simple user to administrator).
Exploit internal vulnerabilities, weak passwords or bad configurations.

6. Maintaining access (optional)

Simulate what an attacker would do to keep a door open (backdoor), without alerting the
security systems.
This step is often used in Red Team, but can also be tested in Pentest.

7. Deleting traces (optional)

 Show that an attacker could delete the logs or mask his passage (without actually doing
so in most cases).
Just demonstrate the risk.

8. Report

Details of the vulnerabilities found, how they were exploited and the associated risks.
Clear recommendations for correcting problems.
A technical report + an understandable summary for decision-makers.

9. Presentation to customer

Present results orally, answer questions.

Help understand correction priorities.

Once you've mastered the basics of pentesting, you can take things a step further by
simulating more realistic attacks (Red Team) or focusing on active defense (Blue Team), two
complementary approaches that enable you to test and reinforce security under conditions
close to the real thing.

WHAT IS THE RED TEAMING

Red Teaming is a realistic and comprehensive attack simulation carried out by a team playing
the role of a real group of hackers.

But unlike a simple technical test, the Red Team can use any means possible to achieve a
precise objective, such as :

Hacking into systems,

Deceiving employees (social engineering),
Physical access to premises,
Remaining discreet and bypassing defenses.

It acts like a real attacker, without the defense team (Blue Team) necessarily being aware of it.

WHAT IS THE DIFFERENCE WITH A TRADITIONAL PENTEST?

PENTEST RED TEAM

Targeted test(e.g,website, network) Realistic and Global Attack

Goal: find technical vulnerabilities Goal: test the company’s defense

Duration: a few days Duration: several weeks or even months

Visible approach Stealthy approach

The security team knows a test is happening The security team doesn’t know it’s being tested

In a summary:

Pentesting looks for open doors.

Red Teaming checks to see if someone can get in unnoticed.

While the Red Team simulates the attack, it’s just as important to understand the role of
those who defend — that’s where the Blue Team comes in.
 WHAT IS THE BLUE TEAMING

The Blue Team represents defenders in cybersecurity.

Its role is to protect, detect and react to attacks. Unlike the Red Team, which attacks, the Blue
Team :

Implements protection measures (firewalls, antivirus, security policies),

Monitors system activity (logs, alerts),
Reacts rapidly to intrusion (analysis, containment, clean-up),
Continuously improves security after each incident.

It works in real time to keep the environment secure, a bit like a security team in a building
monitoring cameras, closing exits and managing emergencies.
 BLUE TEAM RED TEAM

Defends the organization Simulates a real attack

Monitors systems continuously Operates stealthily

Responds to threats Tries to stay unnoticed

Uses detection tools(SIEM,antivirus,etc.) Uses advanced attack techniques

To carry out these ethical attacks, cybersecurity experts rely on specialized operating
systems designed for auditing and attacking — known as offensive distributions.

WHAT IS THE OPERATING SYSTEM USED FOR PENTESTING AND

RED TEAMING?

Before diving into real-world attacks, every ethical hacker or Red Teamer needs the right
tools — and that starts with the right operating system.

In this section, you’ll discover the most popular OS environments used by professionals in
offensive security.
We’ll introduce you to powerful systems like:

Kali Linux
Kali Linux is a Linux distribution specially designed for penetration testing and security
auditing.

It comes with over 600 pre-installed tools for:

analyzing networks,
finding vulnerabilities,
exploiting vulnerabilities,
carrying out ethical attacks.

It is developed and maintained by Offensive Security, and is widely used by penters, ethical
hackers, and cybersecurity trainers.

Available on PC, virtual machine, or even smartphone (via Kali Nethunter).

Parrot os

Parrot OS is a Debian-based Linux distribution designed for cybersecurity, pentesting and

privacy protection.

It is often seen as an alternative to Kali Linux, but with an added emphasis on :

 anonymity and online security,
forensic tools (post-attack analysis),
a lighter, more optimized environment.

It comes with numerous tools for ethical hacking, network analysis, encryption and
programming.

There are several versions: one for offensive security, one for developers, and a lighter one
for everyday use.

Exegol

Exegol is not a complete Linux distribution like Kali or Parrot, but a Docker-based pentest
environment.

It was created for cybersecurity professionals who want a ready-to-use, yet lightweight,
customizable and reproducible attack machine.

Exegol contains :

offensive tools (such as Metasploit, BloodHound, etc.),

a graphical (XFCE) or command-line environment,
the ability to install it in just a few minutes with a simple script.

It's ideal for Red Teamers, as it keeps the environment clean, quick to deploy, and easy to
share between colleagues.

Bonus: because it's Docker, it can run almost anywhere (Linux, Windows, macOS).
 DISTRIBUTION/OFFENSIVE COMPARISON

CRITERIA KALI LINUX PARROT OS EXEGOL

TYPE Full Linux Distribution Full Linux Distribution Docker-based Environment

MAIN PURPOSE Pentesting and offensive Pentesting,privacy, and Red Teaming,Portable

security Forensics offensive environment

PREINSTALLED TOOLS 600+ hacking tools Security Tools + selected Red

anonymity an privacy Team/pentest tools
tools

INTERFACE Graphical(XFCE,Gnome,e Graphical(MATE,Lightwei CLI, or graphical(Via

tc) ght) Docker + XFCE)

MAINTAINED BY offensive security Parrot Security Community(Security

professionals)

INSTALLATION ISO,VM,LIVE USB ISO,VM,live USB Simple Docker script(fast

and automated)

CONCLUSION

In this first chapter, we've covered the essential foundations of offensive cybersecurity.
You learned what penetration testing is, the step-by-step process behind it, and how it
differs from Red Teaming, which simulates more realistic and stealthy attacks.

We also looked at the role of the Blue Team, which focuses on defending systems, and how
the Purple Team bridges the gap between attackers and defenders to improve overall
security.

Finally, we explored the tools and environments used by professionals:

Kali Linux, the go-to distro for penetration testers,

Parrot OS, a lightweight and privacy-focused alternative,
Exegol, a modern, portable, and flexible solution for Red Team operations.

WHAT’S NEXT

What’s Next?

In the next part of this eBook series, we’ll begin with Passive Footprinting
you’ll learn how to collect valuable information about a target without ever touching it
directly, using open sources and discreet methods.

OTHER RESSOURCES FOR INSTALLATION OF OS

Here's a curated list of popular operating systems used for penetration testing and Red
Teaming, along with their official download links:

🐉 Kali Linux
Description: Kali Linux is a Debian-based distribution developed by Offensive Security.
It's widely used for penetration testing and security auditing, offering over 600 pre-
installed tools for various information security tasks.
Download: [Link]

🦜 Parrot OS
Description: Parrot OS is a security-focused, Debian-based distribution that combines
penetration testing tools with privacy features. It's suitable for ethical hacking, computer
forensics, and anonymous web browsing.(Wikipedia)
Download: [Link]
💻 Exegol
Description: Exegol is a Docker-based, community-driven hacking environment designed
for professionals. It provides a customizable and portable setup for Red Team operations
and penetration testing.(PyPI)
Installation Guide: [Link]
started/[Link]([Link])

These operating systems are essential tools for cybersecurity professionals, each offering
unique features tailored to different aspects of offensive security.

⚖️ Legal Disclaimer:
The tools mentioned are for educational or authorized use only. Any unauthorized use is illegal. Always respect the law and ethics: test only what you are authorized to test.

Joseph KANKO

kankojoseph4@[Link]