Despite the massive improvements the Raspberry Pi 3 makes over its predecessors, it should still be considered an underpowered platform for security assessments. That being said, it is designed as a low-cost, ultra-portable computer primarily targeting educators and hobbyists. That gives it an advantage in covert, on-site penetration testing and other discreet engagements. Our focus for this chapter will be on how to prepare a Raspberry Pi (or other platforms) running Kali Linux for the management access and connectivity it will need during all phases of a penetration test.
We'll cover the following topics in this chapter:
Using a Command and Control server
Preparing for a penetration test
Setting up the SSH service
SSH default keys and management
Reverse shell through SSH
Using stunnel and other tunneling protocols
Setting up Remote GUI Access
Overclocking
Setting up the wireless interface
Setting up the Bluetooth interface
Setting up a 3G USB modem
Wrapping up with...