WEBVTT 1 00:00:00.160 --> 00:00:03.759 Welcome to the deep dive. Today, we're taking a fascinating 2 00:00:03.839 --> 00:00:08.080 journey into ethical hacking and penetration testing, but with a 3 00:00:08.119 --> 00:00:11.240 twist that might surprise you. Forget those images of labs 4 00:00:11.279 --> 00:00:14.679 filled with blinking high end equipment. We're diving into how 5 00:00:14.720 --> 00:00:17.920 the incredibly versatile Raspberry Pie can be transformed into a 6 00:00:17.960 --> 00:00:20.640 surprisingly effective security testing platform. 7 00:00:20.719 --> 00:00:22.440 Yeah, it's pretty amazing, and our. 8 00:00:22.320 --> 00:00:25.719 Guide for this exploration the comprehensive resource you shared with 9 00:00:25.800 --> 00:00:28.519 us security testing with Raspberry Pie. 10 00:00:28.559 --> 00:00:31.199 That's right, and this isn't just a thought experiment. We 11 00:00:31.280 --> 00:00:34.640 have a detailed roadmap here that covers everything from building 12 00:00:34.679 --> 00:00:37.799 your testing environment to deploying a really wide range of 13 00:00:37.840 --> 00:00:42.159 potent security tools, all within the capabilities of a Raspberry Pie. Okay, 14 00:00:42.679 --> 00:00:46.320 our mission today is well to extract the core insights, 15 00:00:46.719 --> 00:00:50.039 the practical applications that go beyond the obvious, and maybe 16 00:00:50.039 --> 00:00:53.799 those genuine aha moments that highlight the unexpected power packed 17 00:00:53.799 --> 00:00:54.840 into this tiny device. 18 00:00:55.200 --> 00:00:58.200 Absolutely, what immediately grabbed my attention was just the sheer 19 00:00:58.320 --> 00:01:01.320 scope of what this guide lays out. It apparently started 20 00:01:01.359 --> 00:01:03.840 as a smaller piece and just kept growing, which really 21 00:01:03.880 --> 00:01:05.719 speaks to the depth of what's achievable here. 22 00:01:05.799 --> 00:01:06.079 It does. 23 00:01:06.159 --> 00:01:11.239 Yeah, it almost feels counterintuitive, this unassuming, budget friendly computer 24 00:01:11.359 --> 00:01:15.560 tackling tasks often associated with much more substantial and frankly 25 00:01:15.640 --> 00:01:16.760 expensive hardware. 26 00:01:17.319 --> 00:01:20.239 Okay, so let's dig in. Where does this guide begin 27 00:01:20.480 --> 00:01:23.439 in setting up our Raspberry Pie for security testing. 28 00:01:23.879 --> 00:01:26.920 Well, the guide wisely starts by emphasizing the importance of 29 00:01:26.959 --> 00:01:30.560 a secure foundation. Really important. Okay, this means creating an 30 00:01:30.599 --> 00:01:34.560 isolated testing environment on your main machine using virtualization software. 31 00:01:35.359 --> 00:01:37.079 VMware Player is the example. 32 00:01:36.799 --> 00:01:38.599 Used right, virtualization makes sense. 33 00:01:38.680 --> 00:01:42.359 It specifically mentions downloading VMware player version fifteen was current 34 00:01:42.400 --> 00:01:45.000 when it was written, and there's a link provided following that. 35 00:01:45.480 --> 00:01:49.439 It guides you through obtaining a Kalie Linux Virtual Machine image. 36 00:01:49.200 --> 00:01:53.359 College Okay, the standard exactly. It even details verifying the 37 00:01:53.400 --> 00:01:57.519 download using it checksum a really crucial step actually to 38 00:01:57.599 --> 00:02:01.040 ensure the integrity of your tools. Think it a digital signature, 39 00:02:01.400 --> 00:02:03.879 you know, confirms the file hasn't been tampered. 40 00:02:03.560 --> 00:02:05.079 With, right, a way to make sure we're starting with 41 00:02:05.079 --> 00:02:07.439 a clean slate. So once we've got that downloaded, what's 42 00:02:07.519 --> 00:02:10.599 next in getting our virtual COLLI environment running. 43 00:02:10.400 --> 00:02:13.560 The next step is to open the kalielinux dot VMX 44 00:02:13.639 --> 00:02:19.400 file within VMware player, pretty straightforward. The guide then provides 45 00:02:19.439 --> 00:02:23.719 the initial logging credentials route as the username and tour 46 00:02:23.840 --> 00:02:27.560 that's root spelled backward as the password. Ah the classic, 47 00:02:27.719 --> 00:02:30.879 so well known default for Collie, but definitely the first 48 00:02:30.879 --> 00:02:33.159 thing you'd want to change in any real world scenario. 49 00:02:33.439 --> 00:02:36.960 Definitely agreed. So our virtual Collie Linux is up and 50 00:02:37.000 --> 00:02:40.280 running in its own isolated space. What are the subsequent 51 00:02:40.280 --> 00:02:43.680 steps in preparing for our high powered adventures? 52 00:02:43.879 --> 00:02:47.520 Next, the guide focuses on configuring the Kali virtual machine's 53 00:02:47.560 --> 00:02:51.439 IP address. It highlights the benefit of manually setting this 54 00:02:51.520 --> 00:02:54.360 in the network settings. Gives you a predictable address for 55 00:02:54.400 --> 00:02:55.879 your testing activities. 56 00:02:55.439 --> 00:02:57.800 Right, so it doesn't keep jumping around exactly. 57 00:02:58.479 --> 00:03:01.319 It then shows how to confirm the configuration using the 58 00:03:01.319 --> 00:03:05.199 if can fit command in the Collie terminal. Immediately after 59 00:03:05.240 --> 00:03:09.120 this a critical step updating Collie using APT update and 60 00:03:09.199 --> 00:03:12.680 APT upgrade crucial. This ensures you have the latest tools 61 00:03:12.919 --> 00:03:17.000 and just as importantly, the most recent security patches, keeping. 62 00:03:16.680 --> 00:03:19.719 Those tools sharpen up to date. That's fundamental in this field, 63 00:03:19.800 --> 00:03:20.120 isn't it. 64 00:03:20.360 --> 00:03:23.439 Absolutely you can't afford not to. The guide also briefly 65 00:03:23.479 --> 00:03:28.520 mentions the pre installed VMware tools which enhance the interaction 66 00:03:28.599 --> 00:03:32.800 between the virtual machine and your host os better integration. Okay, then, 67 00:03:32.960 --> 00:03:36.159 to provide a safe environment for practicing our ethical hacking techniques, 68 00:03:36.439 --> 00:03:39.039 the book guides you through setting up Metasploitable too. 69 00:03:39.400 --> 00:03:41.439 Ah the punching bag kind of. 70 00:03:41.439 --> 00:03:44.840 Yeah, it's another virtual machine, but this one's specifically designed 71 00:03:44.840 --> 00:03:48.360 to be vulnerable. The installation process mirrors Colleigues pretty much, 72 00:03:48.439 --> 00:03:51.879 and it comes with its own default credentials ms fadmin 73 00:03:52.080 --> 00:03:53.759 for both username and password. 74 00:03:53.879 --> 00:03:54.360 Got it. 75 00:03:54.360 --> 00:03:56.919 It's essentially a digital playground where you could experiment. 76 00:03:56.599 --> 00:04:00.080 Without risk, a safe target for honing our skills and 77 00:04:00.120 --> 00:04:03.240 I see. It also recommends setting a static IP address 78 00:04:03.280 --> 00:04:06.280 for metasploitable two. Why is that beneficial? 79 00:04:06.560 --> 00:04:09.199 Again, It comes down to predictability and control in your 80 00:04:09.240 --> 00:04:13.039 testing environment. A static IP ensures that your target always 81 00:04:13.080 --> 00:04:16.360 resides at the same network location, which just simplifies the 82 00:04:16.399 --> 00:04:19.560 process of directing your tests and tools much easier. 83 00:04:19.680 --> 00:04:20.199 Makes sense. 84 00:04:20.399 --> 00:04:23.279 The guide then emphasizes the importance of using the pin 85 00:04:23.360 --> 00:04:27.519 command just to verify network connectivity between your Collie machine 86 00:04:27.720 --> 00:04:32.040 and metasploitable two. Those sixty four bytes from responses confirm 87 00:04:32.079 --> 00:04:33.000 they can talk to each other. 88 00:04:33.199 --> 00:04:37.199 A digital confirmation that the connection is live. Now I 89 00:04:37.240 --> 00:04:40.160 noticed a brief mention of metasploitable three. Is that something 90 00:04:40.160 --> 00:04:41.759 we should delve into for our purposes? 91 00:04:41.800 --> 00:04:45.360 You think? The guide presents metasploitable three as an optional, 92 00:04:45.360 --> 00:04:49.040 more advanced target. It's built on Windows Server incorporates capture 93 00:04:49.040 --> 00:04:51.519 the flag elements, which can be a great learning experience 94 00:04:51.560 --> 00:04:55.399 for maybe more seasoned users. However, it's noted that the 95 00:04:55.439 --> 00:04:58.639 setup is more involved and the included Windows Server license 96 00:04:58.680 --> 00:05:01.600 has a time limit, so maybe less ideal for general 97 00:05:01.639 --> 00:05:02.879 introduction purposes. 98 00:05:03.279 --> 00:05:06.800 Okay, so for getting started, metasplatable two sounds like the 99 00:05:06.839 --> 00:05:11.439 more accessible option we've established our secure virtual lab. Now, 100 00:05:11.519 --> 00:05:15.240 let's turn our attention to the main event, the Raspberry 101 00:05:15.279 --> 00:05:18.680 Pie itself. What are the initial steps to get the 102 00:05:18.720 --> 00:05:20.279 Pie ready for action? 103 00:05:21.000 --> 00:05:24.639 Right the pie? The guide provides general best practices for 104 00:05:24.800 --> 00:05:29.920 Raspberry pios installation. This typically involves downloading the OS image 105 00:05:29.959 --> 00:05:32.720 you want, writing it to a micro sd card using 106 00:05:32.759 --> 00:05:35.560 a tool like bailin etri, which they specifically highlight for 107 00:05:35.639 --> 00:05:39.040 being easy to use. ET's good, then connecting your essential 108 00:05:39.079 --> 00:05:42.040 peripherals like keyboard and mouse before you power on the pie, 109 00:05:42.480 --> 00:05:45.199 and then finally connecting the power. That order can actually 110 00:05:45.240 --> 00:05:46.680 matter sometimes for the initial boat. 111 00:05:46.800 --> 00:05:49.480 Good tip. It also includes the quick rundown of the 112 00:05:49.519 --> 00:05:53.120 standard Rasbian installation, covering the initial config for things like 113 00:05:53.160 --> 00:05:57.480 your location, setting a strong password definitely non negotiable, absolutely, 114 00:05:57.519 --> 00:06:00.360 configuring video output, connecting to Wi Fi if you Pie 115 00:06:00.399 --> 00:06:03.040 has it seems like a pretty standard computer setup. 116 00:06:03.079 --> 00:06:07.600 Really it is mostly, However, The guide then delves into 117 00:06:07.600 --> 00:06:10.920 a particularly useful scenario setting up Wi Fi on a 118 00:06:10.959 --> 00:06:14.079 Pie zero W before its very first boot. 119 00:06:14.199 --> 00:06:17.040 Ah, that's key for the zero, isn't it no Ethernet port? 120 00:06:17.439 --> 00:06:21.360 Exactly? It's critical. The book even provides a sample w 121 00:06:21.680 --> 00:06:25.639 paysupplicant dot com configuration block. You just edit it with 122 00:06:25.720 --> 00:06:30.079 your specific Wi Fi network name, the SSID and your password. 123 00:06:30.160 --> 00:06:30.480 Okay. 124 00:06:30.759 --> 00:06:33.639 This lets the Pie automatically connect to your wireless network 125 00:06:33.680 --> 00:06:35.759 as soon as it's powered on, even if you don't 126 00:06:35.759 --> 00:06:38.720 have a screen or keyboard attached a true headless setup. 127 00:06:38.879 --> 00:06:43.959 That's incredibly practical for discrete deployments or just convenience. So 128 00:06:44.120 --> 00:06:46.759 the Pie is now connected to the network, how do 129 00:06:46.839 --> 00:06:49.439 we go about finding its assigned IP address? 130 00:06:49.639 --> 00:06:51.480 The guide outlines a couple of common methods. If you 131 00:06:51.480 --> 00:06:53.319 have a monitor and keyboard hooked up, you can just 132 00:06:53.319 --> 00:06:56.040 open a terminal and use the familiar if can fig command, 133 00:06:56.160 --> 00:06:58.759 same as incollie. Right, But for those headless setups, it 134 00:06:58.839 --> 00:07:02.040 suggests checking your router web interface. Usually there's a list 135 00:07:02.040 --> 00:07:03.720 of connected devices and their IPS. 136 00:07:03.800 --> 00:07:05.439 Okay, check the router logs. 137 00:07:05.439 --> 00:07:09.560 Or alternatively, you can use network scanning tools from another 138 00:07:09.560 --> 00:07:12.319 computer on your network to discover the Pie's IP address. 139 00:07:12.399 --> 00:07:15.439 That way, it makes perfect sense. Now, what if we 140 00:07:15.480 --> 00:07:17.959 want a more interactive way to work with the Pie remotely, 141 00:07:18.199 --> 00:07:20.360 especially if it's in that headless configuration. 142 00:07:20.439 --> 00:07:23.720 Yeah, that's where tools like xamming and putty become really valuable, 143 00:07:23.839 --> 00:07:25.560 particularly if you're using a Windows machine. 144 00:07:25.639 --> 00:07:27.680 Right. Putty for SSH, what's xming? 145 00:07:28.040 --> 00:07:31.319 Ximing acts as an x server for Windows. Basically, it 146 00:07:31.399 --> 00:07:34.519 lets you run graphical applications from a Linux system like 147 00:07:34.560 --> 00:07:38.519 your Pie and display them right on your Windows desktop. Putty, 148 00:07:38.600 --> 00:07:41.199 as you said, is the SSH client for the command 149 00:07:41.199 --> 00:07:41.800 line connection. 150 00:07:42.160 --> 00:07:43.000 Oh I say. 151 00:07:43.199 --> 00:07:45.519 The guide even mentions the command start X to Pie, 152 00:07:45.800 --> 00:07:48.800 which can launch the full Raspberry Pie desktop environment within 153 00:07:48.839 --> 00:07:52.399 an examing window. Gives you a complete remote graphical interface. 154 00:07:52.439 --> 00:07:55.240 Wow, a full remote desktop for our tiny computer. And 155 00:07:55.279 --> 00:07:58.199 it also points out that Colli Pie, the specific Collie 156 00:07:58.240 --> 00:08:01.120 version for the Pie, includes its own one config utility 157 00:08:01.160 --> 00:08:04.800 called Calipike and fig sounds like the Pie's standard Brastpit 158 00:08:04.879 --> 00:08:05.600 config tool. 159 00:08:05.879 --> 00:08:09.480 It's exactly. It provides a similar way to configure system settings, 160 00:08:09.720 --> 00:08:13.879 just specific to the Callipie distribution. So we've established our foundation, 161 00:08:14.079 --> 00:08:18.160 secure lab configured Pie, remote access sorted. Now let's move 162 00:08:18.160 --> 00:08:21.639 on to the really engaging part, using ethical hacking tools 163 00:08:21.680 --> 00:08:24.959 in action on the Pie. The guide starts by introducing 164 00:08:25.000 --> 00:08:29.160 the pen Tester's Framework or PTF on Rasbian. What's the 165 00:08:29.160 --> 00:08:29.839 idea behind this? 166 00:08:30.079 --> 00:08:33.360 Okay, the pen Tester's Framework sounds like a really efficient 167 00:08:33.360 --> 00:08:35.279 way to get a lot of tools in one place. 168 00:08:35.320 --> 00:08:38.279 It's basically a Python script, right, designed to install a 169 00:08:38.279 --> 00:08:41.759 whole bunch of common pen testing tools on Debian based systems. 170 00:08:41.879 --> 00:08:44.240 That's it, and since Rasbian is built on Debian, it 171 00:08:44.279 --> 00:08:46.399 works on the PI three, D plus and four models. 172 00:08:46.799 --> 00:08:50.240 The guide highlights that PTF can essentially transform your rasbean 173 00:08:50.240 --> 00:08:53.080 install into something very similar to Callie Linux. 174 00:08:52.799 --> 00:08:54.919 Tool wise, that's a concise way to put it. Yeah, 175 00:08:55.399 --> 00:08:58.399 These tools typically get installed within the pendus directory and 176 00:08:58.440 --> 00:09:00.559 you can access and run them directly for the Rasbian 177 00:09:00.559 --> 00:09:04.000 command line. However, the book does caution that a full 178 00:09:04.000 --> 00:09:07.120 PTF install can be quite time consuming, like potentially several 179 00:09:07.120 --> 00:09:09.759 hours and you a decent sized st card for all. 180 00:09:09.639 --> 00:09:10.720 The tools right. 181 00:09:11.000 --> 00:09:14.639 It also notes that compatibility with newer Rasbian versions might 182 00:09:14.799 --> 00:09:17.679 vary for some of the maybe older tools in the 183 00:09:17.679 --> 00:09:19.279 framework to somebody to be aware of. 184 00:09:19.879 --> 00:09:22.679 So a powerful option for beefing up Rasbian, but maybe 185 00:09:22.759 --> 00:09:24.519 something to set running when you have some time to 186 00:09:24.559 --> 00:09:27.320 spare the guide. It then transitions to a very well 187 00:09:27.320 --> 00:09:31.120 known tool, enmap. How does this perform on the Raspberry Pie. 188 00:09:31.639 --> 00:09:34.679 NMAP is Well, it's the industry standard for network scanning, 189 00:09:34.720 --> 00:09:36.559 isn't it? And it runs on the Pie much like 190 00:09:36.600 --> 00:09:38.679 it does on any other Linux system. You can perform 191 00:09:38.720 --> 00:09:42.480 basic port scams, find active hosts, see what services they're 192 00:09:42.519 --> 00:09:44.200 offering on open ports. 193 00:09:44.120 --> 00:09:44.919 The basics. 194 00:09:45.159 --> 00:09:49.120 Yeah. The guide illustrates this with example scanning that metasploitable 195 00:09:49.120 --> 00:09:52.480 two VM we talked about, including using the ATA flag 196 00:09:52.519 --> 00:09:55.759 to gather service version info and scanning specific ports with 197 00:09:55.799 --> 00:09:58.879 the FP option. It lets you understand what potential entry 198 00:09:58.879 --> 00:10:00.039 points the system might have. 199 00:10:00.080 --> 00:10:02.840 And it even demonstrates using an n map script to 200 00:10:02.879 --> 00:10:06.080 attempt a brute force attack against the FTP service running 201 00:10:06.120 --> 00:10:10.120 on Metasploitable two. Remarkably, it says it even succeeded in 202 00:10:10.159 --> 00:10:13.360 finding credentials using the default user dot user combo. 203 00:10:13.679 --> 00:10:17.360 Yeah, it's a stark, practical demonstration of the risks of 204 00:10:17.480 --> 00:10:20.279 leaving default credentials enabled. It really happens. 205 00:10:20.399 --> 00:10:20.720 Wow. 206 00:10:20.759 --> 00:10:24.000 The guide does emphasize though, that while brute force attacks 207 00:10:24.000 --> 00:10:26.559 can work, they also generate a lot of network noise 208 00:10:26.799 --> 00:10:30.320 and are often detected by security monitoring systems. So maybe 209 00:10:30.399 --> 00:10:31.480 not the most subtle approach. 210 00:10:31.559 --> 00:10:36.039 Good points, stealth matters, So n MAP gives us network intelligence. 211 00:10:36.200 --> 00:10:40.679 What about more specialized capabilities. The guide then introduces Metasploit's 212 00:10:40.720 --> 00:10:41.919 auxiliary scanners. 213 00:10:42.200 --> 00:10:47.559 Yes, metasploid, the incredibly versatile exploitation framework, includes a huge 214 00:10:47.639 --> 00:10:51.039 range of auxiliary modules, including powerful scanners. The guide shows 215 00:10:51.080 --> 00:10:54.840 how to access metasploits console using UPS console and then 216 00:10:54.919 --> 00:10:58.799 navigate to the scanner modules. It specifically demonstrates using the 217 00:10:58.879 --> 00:11:03.080 FTP version in IF plugin scanners to IDFTP servers on 218 00:11:03.080 --> 00:11:07.120 the network and then try to authenticate using known credentials. Ah, 219 00:11:07.120 --> 00:11:10.120 so it goes beyond just identifying open ports. It actively 220 00:11:10.159 --> 00:11:14.240 prodes the services on those ports for specific info and vulnerabilities. 221 00:11:14.440 --> 00:11:17.480 So instead of just seeing an open door, we're actually 222 00:11:17.799 --> 00:11:20.919 like trying the handle to see if it's unlocked. The 223 00:11:21.000 --> 00:11:24.480 guide then introduces a tool called Brutex. What does that offer? 224 00:11:24.799 --> 00:11:29.000 Brewtex is described as an automated brute force tool. It's 225 00:11:29.039 --> 00:11:32.000 designed to target all open ports on a given system 226 00:11:32.360 --> 00:11:34.799 using a provided list of usernames and passwords. 227 00:11:34.840 --> 00:11:36.240 Oh ports, wow. 228 00:11:36.399 --> 00:11:38.919 Yeah. The guide shows an example using it against the 229 00:11:38.960 --> 00:11:42.399 SMP port four forty five on metasc cloidable two and 230 00:11:42.480 --> 00:11:46.120 also against multiple common service ports like SSH and telnet. 231 00:11:46.320 --> 00:11:50.159 It's another approach to attempting unauthorized access by just systematically 232 00:11:50.200 --> 00:11:53.679 trying different credential combinations across a range of potential entry points. 233 00:11:53.759 --> 00:11:55.480 And then there's s and wimper, which sounds like a 234 00:11:55.519 --> 00:11:57.879 really comprehensive reconnaissance and attack tool. 235 00:11:58.039 --> 00:12:00.840 That's an accurate description. The author of the guide clearly 236 00:12:00.840 --> 00:12:03.000 holds as in one for in high regard calls it 237 00:12:03.000 --> 00:12:06.600 one of their preferred tools. It's another automated solution, but 238 00:12:06.679 --> 00:12:10.240 it covers a broader spectrum of features, both information gathering 239 00:12:10.399 --> 00:12:14.200 and active attack capabilities. The guide showcases a basic scan 240 00:12:14.639 --> 00:12:17.399 and highlights that it even achieved a remote shell on 241 00:12:17.480 --> 00:12:20.600 a vulnerable service during the demo. Impressive it is, but 242 00:12:20.679 --> 00:12:23.879 it also provides a sensible recommendation against using a Raspberry 243 00:12:23.879 --> 00:12:28.480 Pie for intensive password cracking tasks due to its inherent 244 00:12:28.519 --> 00:12:29.960 limitations in GPU power. 245 00:12:30.039 --> 00:12:33.799 That makes sense. Cracking complex passwords needs serious horsepower. Now, 246 00:12:33.799 --> 00:12:38.240 the guide pivots to demonstrating specific exploits, mentioning an elastic 247 00:12:38.279 --> 00:12:40.159 search attack using metasploid. 248 00:12:40.600 --> 00:12:43.720 Yes, this section provides a concrete example of exploiting a 249 00:12:43.840 --> 00:12:47.759 known security vulnerability in elastic search. It was running on 250 00:12:47.799 --> 00:12:51.840 metasploitable three in the guide's demo. Actually, it details the 251 00:12:51.879 --> 00:12:55.039 specific metasploit module to use and how to configure it 252 00:12:55.080 --> 00:12:57.840 to gain a system level shell on the targeted machine. 253 00:12:57.919 --> 00:13:00.279 It's a powerful illustration of how these tools can be 254 00:13:00.360 --> 00:13:04.080 leveraged to directly compromise vulnerable systems if the right weaknesses 255 00:13:04.080 --> 00:13:04.519 are present. 256 00:13:04.679 --> 00:13:07.480 And following that, we delve into the realm of post 257 00:13:07.519 --> 00:13:11.159 exploitation with a framework called empire PS. What's the purpose 258 00:13:11.159 --> 00:13:11.360 of that? 259 00:13:12.080 --> 00:13:16.320 Empire ps is a PowerShell based post exploitation framework. Its 260 00:13:16.360 --> 00:13:18.879 main function is to let you execute attack modules and 261 00:13:18.960 --> 00:13:22.600 maintain a persistent presence on compromised Windows hosts using a 262 00:13:22.639 --> 00:13:23.879 PowerShell agent. 263 00:13:23.840 --> 00:13:25.639 H PowerShell still relevant. 264 00:13:26.480 --> 00:13:29.440 The guide walks through setting up a listener, an HGTP 265 00:13:29.559 --> 00:13:33.080 listener is the example, and then generating a payload, which 266 00:13:33.080 --> 00:13:35.799 in this case is a Windows Launcher batch file. The 267 00:13:35.840 --> 00:13:38.960 idea is to get this payload executed on a Windows target, 268 00:13:39.279 --> 00:13:41.799 which then connects back to your Raspberry Pie, granting you 269 00:13:41.840 --> 00:13:42.519 remote control. 270 00:13:42.679 --> 00:13:45.159 It sounds like a very sophisticated way to interact with 271 00:13:45.200 --> 00:13:48.960 a compromised Windows machine. Although the guide does note the 272 00:13:49.039 --> 00:13:52.720 increasing effectiveness of Windows Defender and other endpoint security in 273 00:13:52.799 --> 00:13:54.600 blocking these types of PowerShell threats. 274 00:13:54.759 --> 00:13:57.840 That's a crucial point to consider. Yeah, the security landscape 275 00:13:57.879 --> 00:14:02.039 is constantly evolving. Defenses are allways is improving. Finally, within 276 00:14:02.120 --> 00:14:05.159 this section on tools on Rasbian, the guide just reminds 277 00:14:05.200 --> 00:14:08.360 you to explore the usher share and pentis directories to 278 00:14:08.360 --> 00:14:11.120 find all the other tools installed by PTF loads of 279 00:14:11.120 --> 00:14:13.879 stuff in there, right, and it mentions using xpiming again 280 00:14:13.960 --> 00:14:16.039 to remotely run graphical tools if needed. 281 00:14:16.240 --> 00:14:20.159 So, even starting with a seemingly minimal Rasbian install, by 282 00:14:20.200 --> 00:14:23.480 leveraging the pent tester's framework, we've essentially built a pretty 283 00:14:23.480 --> 00:14:27.519 capable ethical hacking platform. Now the guide shifts focus to 284 00:14:27.639 --> 00:14:31.559 running Collie Linux directly on the Raspberry Pie. What are 285 00:14:31.600 --> 00:14:32.919 the key advantages of doing that? 286 00:14:33.600 --> 00:14:36.480 Well? Running Collie Linux as the primary OS on the 287 00:14:36.519 --> 00:14:39.960 Pie offers the big advantage of having direct access to 288 00:14:40.039 --> 00:14:44.279 Collie's huge curated collection of pre installed security. 289 00:14:43.840 --> 00:14:46.200 Tools already baked in Exactly, you. 290 00:14:46.159 --> 00:14:48.879 Don't need to install a separate framework like PTF on 291 00:14:48.919 --> 00:14:52.039 top of Rasbian. The guide walks you through downloading and 292 00:14:52.080 --> 00:14:56.759 installing the official Collie Linux ARM image, specifically providing download 293 00:14:56.759 --> 00:14:58.559 links for both the PI three and PI. 294 00:14:58.320 --> 00:15:00.759 Four models, and the first crucial up just like with 295 00:15:00.799 --> 00:15:03.799 the VM setup, is performing a full system update using 296 00:15:03.840 --> 00:15:07.240 apped update and apped upgrade. The guide does warn though, 297 00:15:07.320 --> 00:15:10.360 that updating the exploitdb database can take a long time. 298 00:15:10.480 --> 00:15:13.000 That's absolutely correct. It can indeed take a significant amount 299 00:15:13.000 --> 00:15:15.559 of time, depends on your Internet speed and the database size. 300 00:15:15.960 --> 00:15:19.200 The guide then introduces the concept of metapackages within Collie. 301 00:15:19.279 --> 00:15:20.440 Can you explain what those are? 302 00:15:20.639 --> 00:15:25.879 Sure? Metapackages in Collie are essentially logical groupings of security 303 00:15:25.919 --> 00:15:28.559 tools based on what they do, so instead of installing 304 00:15:28.600 --> 00:15:31.639 each tool one by one, you can install entire categories 305 00:15:31.679 --> 00:15:35.639 at once. Examples include the Collie Linux Full Meta package, 306 00:15:35.639 --> 00:15:39.039 which installs pretty much everything or more targeted ones like 307 00:15:39.120 --> 00:15:42.919 Collie Linux Wireless. If you're just focused on wireless testing precisely. 308 00:15:43.320 --> 00:15:46.840 This gives you flexibility to tailor your Collie installation on 309 00:15:46.879 --> 00:15:51.120 the Pie to your specific needs and importantly the storage 310 00:15:51.159 --> 00:15:55.279 capacity of your sd card. Now, let's discuss some specific 311 00:15:55.320 --> 00:15:57.960 tools in action when running Collie directly on the Pie. 312 00:15:58.120 --> 00:16:00.600 First one mentioned is Responder. How does that play? 313 00:16:00.720 --> 00:16:05.720 Responder is described as a poisoning tool for lmn R, NBTNS, 314 00:16:05.759 --> 00:16:09.200 and mDNS. Those are network protocols for a name resolution 315 00:16:09.279 --> 00:16:09.960 on local. 316 00:16:09.679 --> 00:16:11.279 Networks, right yeah, Local name resolution. 317 00:16:11.440 --> 00:16:15.279 Responder basically listens for requests for non existent network resources 318 00:16:15.279 --> 00:16:18.039 and pretends to be that resource. This can trick systems 319 00:16:18.039 --> 00:16:21.519 into sending it authentication info like password hashes, potentially lets 320 00:16:21.519 --> 00:16:25.240 an attacker capture credentials passively. The guide highlights its utility 321 00:16:25.279 --> 00:16:28.080 for pen testers, maybe leaving it running on a target 322 00:16:28.120 --> 00:16:29.799 network to gather info quietly. 323 00:16:30.480 --> 00:16:34.360 It's a subtle but potentially effective way to harvest credentials locally. 324 00:16:34.879 --> 00:16:36.519 The guide then moves on to impack it. 325 00:16:36.759 --> 00:16:40.080 Impack it. That's a powerful collection of Python scripts mostly 326 00:16:40.200 --> 00:16:44.039 used for network recon and post exploitation tasks on Windows systems. 327 00:16:44.360 --> 00:16:47.519 The guide gives an example using the impact netview script 328 00:16:47.559 --> 00:16:50.559 with captured credentials to see who's logged onto a target 329 00:16:50.600 --> 00:16:51.320 machine and. 330 00:16:51.320 --> 00:16:54.440 Having those user credentials can then open up further avenues 331 00:16:54.559 --> 00:16:58.879 like lateral movement deeper into the network. Following this, the 332 00:16:58.919 --> 00:17:02.320 guide touches upon cracking password hashes using the well known 333 00:17:02.360 --> 00:17:03.080 tool John the. 334 00:17:03.039 --> 00:17:06.839 Ripper ah John a classic. It's a very popular and 335 00:17:06.960 --> 00:17:10.839 versatile password cracker. The guide shows basic usage directly on 336 00:17:10.880 --> 00:17:15.400 the Raspberry Pie, but wisely recommends using more powerful hardware 337 00:17:15.480 --> 00:17:18.880 with a dedicated GPU like a Windows machine running hashcat 338 00:17:18.920 --> 00:17:22.319 for more extensive or time sensitive cracking. Definitely, it does 339 00:17:22.359 --> 00:17:26.079 provide an example hashcat commands specifically for cracking nt hashes, 340 00:17:26.119 --> 00:17:28.200 which are common in Windows environments. 341 00:17:28.359 --> 00:17:31.400 The Pie can certainly handle some basic cracking yeah, but 342 00:17:31.559 --> 00:17:35.240 for large volumes of complex hashes, the speed difference with 343 00:17:35.319 --> 00:17:39.599 dedicated GPUs is just huge. Next up, better Cap two 344 00:17:39.839 --> 00:17:41.160 What are its main capabilities? 345 00:17:41.200 --> 00:17:43.960 BETACAP two is presented as a versatile network sniffing and 346 00:17:44.039 --> 00:17:47.039 man in the middle attack tool. The guide shows performing 347 00:17:47.039 --> 00:17:50.240 both quick and more in depth active network scams using 348 00:17:50.480 --> 00:17:53.599 ARP spoofing to intercept traffic between a target and the router. 349 00:17:53.559 --> 00:17:55.599 The classic midam setup, yeah. 350 00:17:55.440 --> 00:17:58.519 And even using caplets, which are basically pre written scripts 351 00:17:58.559 --> 00:18:02.240 to automate various better caps functions. It also briefly touches 352 00:18:02.279 --> 00:18:05.920 on Wi Fi recon and capturing handshakes, plus detecting Bluetooth 353 00:18:05.960 --> 00:18:10.359 Low energy bl devices. Interestingly, it mentions an upcoming GUI 354 00:18:10.480 --> 00:18:11.519 code named Hydra. 355 00:18:11.960 --> 00:18:15.759 Better cap is indeed a powerful multifaceted tool for network 356 00:18:15.799 --> 00:18:19.119 analysis and attack simulation. The guide then shifts focus to 357 00:18:19.119 --> 00:18:22.160 web application security testing with oas. 358 00:18:21.759 --> 00:18:26.680 Bztz yeah z attack proxy. It's a widely used open 359 00:18:26.720 --> 00:18:29.880 source tool for finding security vulnerabilities and web apps. The 360 00:18:29.920 --> 00:18:32.160 guide shows its capabilities by running a quick scan and 361 00:18:32.160 --> 00:18:35.599 attack against a deliberately vulnerable web app called Mutilidae running 362 00:18:35.599 --> 00:18:37.119 on metasplatable too Okay. 363 00:18:37.240 --> 00:18:40.920 It demonstrates how zap can automatically find various folms like 364 00:18:40.960 --> 00:18:44.720 path traversal and even provide the specific URL needed to 365 00:18:44.799 --> 00:18:45.880 exploit the weakness. 366 00:18:45.960 --> 00:18:48.720 It's a very effective tool for automating the hunt for 367 00:18:48.799 --> 00:18:52.519 common web app flaws. The guide then briefly mentions adding 368 00:18:52.559 --> 00:18:55.960 third party tools to your Cali Pie install, but includes 369 00:18:55.960 --> 00:18:59.000 a word of caution about potential compatibility issues with the 370 00:18:59.039 --> 00:19:00.799 piz arm architecture. 371 00:19:01.079 --> 00:19:03.960 Right, so, while Colleague comes packed with tools, extending it 372 00:19:04.039 --> 00:19:07.079 further on a PI might need some troubleshooting due to 373 00:19:07.119 --> 00:19:10.680 the hardware differences. The guide then covers setting up SSH 374 00:19:10.759 --> 00:19:13.920 in a remote graphical display for Collie Pie, which sounds 375 00:19:14.079 --> 00:19:16.279 pretty similar to the process for standard. 376 00:19:15.960 --> 00:19:17.880 Rasbian mm HM similar process. 377 00:19:17.960 --> 00:19:21.000 It also emphasizes the security best practice of creating a 378 00:19:21.039 --> 00:19:23.920 new non route user account for day to day use. 379 00:19:24.200 --> 00:19:27.160 Using SSH for command line and x eleven forwarding for 380 00:19:27.240 --> 00:19:32.039 graphics significantly improves usability, especially when headless. Finally, in this 381 00:19:32.119 --> 00:19:35.079 Collie Pie section, the guide explores the Collie PI button 382 00:19:35.160 --> 00:19:38.960 touchscreen interface. This is a specific feature of Reforcen's custom 383 00:19:39.039 --> 00:19:42.480 Collipie distribution rate. Yeah, this sounds really neat for portability. 384 00:19:43.039 --> 00:19:46.640 It's a touchscreen optimized menu system designed for small TFT 385 00:19:46.720 --> 00:19:49.759 displays connected directly to the pie. Okay, to use it, 386 00:19:49.799 --> 00:19:52.119 you can figure Collie to boot to a text console 387 00:19:52.160 --> 00:19:55.279 with autolog in, and then this button menu launches automatically. 388 00:19:55.759 --> 00:19:59.039 It offers menus for quickly starting stopping services like apatche 389 00:19:59.119 --> 00:20:03.400 FTP sequel, and gives access to network monitoring like darkstaff. 390 00:20:03.799 --> 00:20:06.319 It does note the man a toolkit for ROGUATEPS is 391 00:20:06.359 --> 00:20:07.880 deprecated now though it's. 392 00:20:07.759 --> 00:20:10.799 A clever way to provide a more tactile direct interface 393 00:20:10.839 --> 00:20:14.440 for Collie on a small portable device, quick access to 394 00:20:14.480 --> 00:20:18.079 common functions. So we've explored tools on RASBI and running 395 00:20:18.079 --> 00:20:21.480 colleague directly. The guide then transitions to more specialized tools 396 00:20:21.480 --> 00:20:23.960 and projects. Yeah, what are some of the interesting ones here? 397 00:20:24.039 --> 00:20:26.359 This is where we see some really innovative Pie applications 398 00:20:26.400 --> 00:20:29.720 for security. It covers tools like Reconoiter and vanquished designed 399 00:20:29.720 --> 00:20:33.680 for comprehensive info gathering and vulnerability ID. It also introduces 400 00:20:33.759 --> 00:20:37.839 Warbury Pie, described as a dropbox device. A dropbox Yeah, 401 00:20:37.920 --> 00:20:40.599 basically a Pie configured to be discreetly placed on a 402 00:20:40.640 --> 00:20:44.160 target network to gather intel and maybe launch attacks. The 403 00:20:44.200 --> 00:20:48.640 guide strongly emphasizes ethical use here only in authorized, isolated 404 00:20:48.680 --> 00:20:49.599 test environments. 405 00:20:49.720 --> 00:20:52.839 That emphasis on ethics is absolutely critical with these tools. 406 00:20:53.240 --> 00:20:56.440 The guide then delves into reforces DVPI. 407 00:20:56.880 --> 00:21:01.599 What exactly is that DVPIE stands for vulnerable Pie. It's 408 00:21:01.640 --> 00:21:05.680 a specially crafted PIOS image intentionally filled with security holes. 409 00:21:05.839 --> 00:21:07.720 AH, another practice target. 410 00:21:07.599 --> 00:21:11.839 Exactly designed for safe legal practice. The guide walks through 411 00:21:11.880 --> 00:21:16.119 basic setup and then demonstrates exploiting a WordPress vulnerability on it. 412 00:21:16.119 --> 00:21:19.400 It involves using n map for recon, then WP span 413 00:21:19.519 --> 00:21:22.680 to aggressively find plug ins, which leads to discovering an 414 00:21:22.759 --> 00:21:26.359 arbitrary file upload VON right. Finally, it covers uploading a 415 00:21:26.400 --> 00:21:28.480 remote shell to get command line access. 416 00:21:28.160 --> 00:21:30.240 And an invaluable resource for hands on learning in a 417 00:21:30.240 --> 00:21:33.880 controlled setting. Following that, the guide introduces raspos. 418 00:21:33.480 --> 00:21:37.160 RASSPENOS is another deliberately vulnerable OS for the Pie. It 419 00:21:37.160 --> 00:21:40.680 comes preloaded with various outdated vulnerable web apps and services 420 00:21:41.000 --> 00:21:43.960 lots of targets. The guide demonstrates scanning it with a 421 00:21:44.039 --> 00:21:47.720 range of tools os panneticker s N one per WP 422 00:21:47.799 --> 00:21:53.039 scan for wordpressjomscan for joomla, os bzapp. It even shows 423 00:21:53.079 --> 00:21:56.200 exploiting a file upload VON using weavey three to get 424 00:21:56.200 --> 00:21:59.200 a remote shell and then pivoting to interpreter for more 425 00:21:59.240 --> 00:22:00.000 advanced posts. 426 00:22:00.160 --> 00:22:03.799 Exploitation sounds like an extremely comprehensive target for practicing web 427 00:22:03.799 --> 00:22:08.200 app pen testing techniques. Okay, next, P four wnp one aloa. 428 00:22:09.039 --> 00:22:09.839 That's quite a name. 429 00:22:09.960 --> 00:22:13.000 P four wnp one aloa. Yeah. It's described as a 430 00:22:13.119 --> 00:22:18.039 very powerful HID human interface device attack framework specifically for 431 00:22:18.079 --> 00:22:19.640 the Pi zero w AH. 432 00:22:19.720 --> 00:22:20.880 Because it is zero connect like a. 433 00:22:20.960 --> 00:22:24.039 Keyboard exactly, it can emulate a USB keyboard or mouse, 434 00:22:24.319 --> 00:22:27.160 So this framework lets you automate keystrokes and mouse movements 435 00:22:27.160 --> 00:22:29.160 on a target computer just by plugging the Pie. In. 436 00:22:29.519 --> 00:22:34.039 The guide covers installation connection methods WI FI, USBR and DIIS, Bluetooth, 437 00:22:34.039 --> 00:22:36.599 and its web based control panel. It shows creating and 438 00:22:36.680 --> 00:22:39.640 running ducky script like scripts. Sequences of commands seen as 439 00:22:39.720 --> 00:22:43.680 keyboard input. Examples include opening notepad, controlling the mouse, even 440 00:22:43.680 --> 00:22:46.759 more sophisticated stuff like a rickroll by silently opening a browser, 441 00:22:46.880 --> 00:22:49.920 or making the computer talk using PowerShell. The live nature 442 00:22:49.960 --> 00:22:52.440 of the control panel letting you modify scripts on the 443 00:22:52.480 --> 00:22:55.400 fly is highlighted as a key advantage. 444 00:22:55.559 --> 00:22:59.480 That's a remarkably potent tool for physical pen testing scenarios. 445 00:23:00.000 --> 00:23:04.160 It really showcases the Pie zero w's unique capabilities. Finally, 446 00:23:04.200 --> 00:23:07.839 in this section, the guide explores physical security applications and 447 00:23:07.920 --> 00:23:09.720 other interesting Pie possibilities. 448 00:23:09.920 --> 00:23:12.000 Yeah, this part delves into using the Pie as a 449 00:23:12.039 --> 00:23:15.240 discrete surveillance camera with things like motion iOS or the 450 00:23:15.359 --> 00:23:19.039 rpikam web interface. It also covers command line tools like 451 00:23:19.079 --> 00:23:22.279 rest vivid for low latency video streaming and resc but 452 00:23:22.319 --> 00:23:26.680 still for stills. It even explores capturing video using Python 453 00:23:26.759 --> 00:23:29.440 with the PI camera library and setting up remote streaming. 454 00:23:29.839 --> 00:23:32.440 On a more unusual note, it mentions using an rtl 455 00:23:32.480 --> 00:23:36.039 SDR software defined radio and a tool called Salamandra to 456 00:23:36.079 --> 00:23:39.920 potentially detect hidden spybugs by analyzing radio frequencies. 457 00:23:40.000 --> 00:23:40.480 Interesting. 458 00:23:40.519 --> 00:23:42.640 It also touches on the fun non security use of 459 00:23:42.720 --> 00:23:46.279 tracking airplanes with an RTLSDR and software like dump ten ninety, 460 00:23:46.279 --> 00:23:48.839 and finally setting up pie hole on a Pie to 461 00:23:48.880 --> 00:23:51.559 act as a network wide ad and malware blocker. The 462 00:23:51.640 --> 00:23:54.720 sheer versatility of this little device is just astounding. 463 00:23:54.960 --> 00:23:58.799 It truly is, from advanced security testing to practical everyday 464 00:23:58.920 --> 00:24:02.599 uses and even some hobbyist projects. Now. Having spent a 465 00:24:02.599 --> 00:24:05.279 lot of time exploring the offensive capabilities of the Pie, 466 00:24:05.599 --> 00:24:08.720 the guide importantly concludes with a chapter on Pie defense. 467 00:24:09.799 --> 00:24:11.960 Why is this perspectives so critical? 468 00:24:12.400 --> 00:24:15.640 This is a really crucial point. Yeah. The guide opens 469 00:24:15.680 --> 00:24:19.480 the section by referencing that well publicized NASO JPL hack 470 00:24:19.759 --> 00:24:22.920 which happened because of an unauthorized Raspberry Pie connected to 471 00:24:22.920 --> 00:24:23.480 their network. 472 00:24:23.559 --> 00:24:25.000 Right. I remember that it. 473 00:24:25.000 --> 00:24:27.640 Underscores the fact that despite its size and low cost. 474 00:24:28.000 --> 00:24:31.079 A pie is a fully functional computer and can introduce 475 00:24:31.160 --> 00:24:36.599 significant security vulnerabilities if not properly secured. It strongly emphasizes 476 00:24:36.640 --> 00:24:40.279 the absolute necessity of following standard security best practices for 477 00:24:40.359 --> 00:24:42.160 any pie connected to a network. 478 00:24:41.920 --> 00:24:44.880 Absolutely non negotiable. The guide then discusses how you can 479 00:24:44.920 --> 00:24:48.319 even scan for publicly exposed pies using showdam, the search 480 00:24:48.319 --> 00:24:51.519 engine for Internet connected devices. It gives an example search. 481 00:24:51.359 --> 00:24:54.119 Term motion, I find those camera setups exactly. 482 00:24:54.440 --> 00:24:57.359 It also mentions setting up automatic alerts using showden network 483 00:24:57.400 --> 00:24:59.960 monitor to detect changes or new vulnerabilities on your own 484 00:25:00.160 --> 00:25:01.839 network proactive monitoring. 485 00:25:02.079 --> 00:25:04.279 So just as we can use these tools to assess 486 00:25:04.319 --> 00:25:07.839 others with permission, we can use similar techniques to monitor 487 00:25:07.880 --> 00:25:11.359 and secure our own devices. The guide then just reiterates 488 00:25:11.440 --> 00:25:16.359 essential security procedures for any computer, including pies. Apply patches 489 00:25:16.400 --> 00:25:20.279 and updates promptly basic hygiene, isolate them on private lands 490 00:25:20.359 --> 00:25:26.759 behind firewalls, limit running services, minimize privileges, use strong unique passwords. 491 00:25:27.559 --> 00:25:30.039 It even shares an anecdote about a client using their 492 00:25:30.079 --> 00:25:33.359 first name as an admin password. Oh dear, implement network 493 00:25:33.400 --> 00:25:38.319 security monitoring, maintain detailed logs, and importantly educate users about 494 00:25:38.319 --> 00:25:40.400 the risks of connecting unauthorized devices. 495 00:25:40.680 --> 00:25:43.720 These are foundational security principles. Yeah, just as vital for 496 00:25:43.759 --> 00:25:46.400 a little pie is for a big corporate server, and 497 00:25:46.440 --> 00:25:50.119 that human factor like the NASA JPL breach, is always critical. 498 00:25:50.400 --> 00:25:53.119 Okay, so we've taken a really comprehensive deep dive into 499 00:25:53.160 --> 00:25:56.599 security testing with Raspberry Pie. What are your key takeaways 500 00:25:56.599 --> 00:25:58.039 from exploring this guide? 501 00:25:58.119 --> 00:26:00.640 Well, the most significant takeaway for me is just remarkable 502 00:26:00.680 --> 00:26:03.359 versatility of the Raspberry Pie offers and this whole realm 503 00:26:03.359 --> 00:26:06.880 of ethical hacking and security testing. From being a portable 504 00:26:06.920 --> 00:26:11.240 attack platform running Collie or PTF to acting as a 505 00:26:11.279 --> 00:26:15.920 defensive tool like pie hole or a basic camera, this small, 506 00:26:16.079 --> 00:26:20.640 inexpensive device demonstrates capabilities far exceeding what its size and 507 00:26:20.720 --> 00:26:23.240 price might suggest. It's really quite something. 508 00:26:23.519 --> 00:26:26.240 I think the real aha moment for me is realizing 509 00:26:26.400 --> 00:26:29.960 just how much power and potential is now readily accessible 510 00:26:30.079 --> 00:26:34.559 in such an affordable and approachable package. It really democratizes 511 00:26:34.599 --> 00:26:37.720 access to these types of security tools and the chance 512 00:26:37.799 --> 00:26:40.359 to learn about and understand them better exactly. 513 00:26:40.680 --> 00:26:43.240 And this leads to a thought provoking final point for 514 00:26:43.319 --> 00:26:46.799 you everyone listening. Consider the implications of having such potent 515 00:26:46.839 --> 00:26:51.039 security testing capabilities readily available on a small portable device 516 00:26:51.160 --> 00:26:55.200 like this. This has significant ramifications both for understanding and 517 00:26:55.240 --> 00:26:58.960 strengthening your own security defenses, and also for the potential 518 00:26:58.960 --> 00:27:02.279 misuse these tools fall into the wrong hands. It makes 519 00:27:02.279 --> 00:27:05.759 you wonder what other seemingly ordinary devices in our environment 520 00:27:05.839 --> 00:27:09.400 might harbor unexpected capabilities. It really encourages us to think 521 00:27:09.440 --> 00:27:11.759 more critically about the security of all the connected devices 522 00:27:11.759 --> 00:27:12.640 in our lives, doesn't it. 523 00:27:12.799 --> 00:27:15.880 That's a really compelling point to consider. If anything we've 524 00:27:15.880 --> 00:27:19.200 discussed today has sparked your interest, I highly recommend checking 525 00:27:19.240 --> 00:27:22.119 out security testing with Raspberry Pie for a much more 526 00:27:22.160 --> 00:27:26.000 detailed exploration. It's a fantastic resource, and we hope this 527 00:27:26.079 --> 00:27:28.759 deep dive has provided you with a valuable overview of 528 00:27:28.799 --> 00:27:30.960 its key insights. Thanks for joining us.