I’ll show you how to set up a Kali Linux virtual private sever(VPS) on Digital Ocean for ethical hacking, how to use a browser though your VPS, get a free domain name for your VPS, make a local backup and more!
When doing ethical hacking challenges or on pen-testing lab platforms like Hack the Box(HTB), Try Hack Me(THM) or Cyber Sec Labs(CSL), you’re likely hacking from a virtual machine. This works great but I’ve found setting up a VPS to launch my ethical hacking endeavors from has a few important benefits.
First off, you have persistence in your hacking session. I jump between a few different laptops in my day to day activities. Rather than working on a different virtual machine individually, with its own files, on each laptop, I can log into a VPS from any computer and picked up from where I left off on another computer. This point is extremely handy if you work between multiple computers. You can also log in to the VPS though you phone with SSH apps too.
Second, it takes the load off of your local machine in terms of RAM and CPU usage during your hacking actives. Most virtual machines are usually pretty slow to deal with as well. Using SSH on your VPS is much faster and more responsive than using a virtual machine. If you’re sick of laggy VM’s, hop on to a VPS.
Third, you aren’t limited by your local network. I currently live on a college campus, and the firewall here blocks my reverse shell connections when I’m trying to hack something on HTB or CSL. This is a very big problem to have. Logging in to a VPS, away from you local network, fixes this. If you happen to be on a restrictive network, a hacking VPS is for you!
Lets get started on how to build a hacking VPS!
Building a Kali Linux image for Digital Ocean
If you don’t have a Digital Ocean account yet, click here to get started! Once you create an account, you have a couple of options to create a Kali Linux Digital Ocean Droplet(VPS).
You could build your own Kali Linux image from the standard ISO up. Offensive Security’s documentation is pretty good on this, the website even has a dark mode!
DigitalOcean is a cloud provider similar to AWS, Microsoft Azure, Google Cloud Platform, and many others. They offer…
Or you could launch a standard Debian VPS from the Digital Ocean web GUI and modify it to be a Kali Linux equivelant. This is a faster route than building your own image:
How to install Kali Linux on DigitalOcean
Unfortunately, DigitalOcean does not support ISO images to install custom Linux distribution. Therefore, if ones need…
The fastest route is you can use the Kali Linux image that I’ve already built for you! Download it here:
Once you downloaded and unziped the file:
- Click on “Images” in your Digital Ocean control panel.
- Then click “Custom Images”
- Then “Upload Image” and find the .vmdk you downloaded to upload.
The image is pretty large, even though it’s a minimalist and headless installation of Kali Linux. It may take some time to upload. Once it’s done, click “More” then “Start a droplet” to begin the process of spawning the VPS.
You’ll have to create SSH keys to connect to your hacking VPS, Digital Ocean has pretty good documentation on how to create one:
How to Create SSH Keys with OpenSSH on MacOS or Linux | DigitalOcean Product Documentation
Validated on 28 August 2019 • Posted on 19 June 2018 DigitalOcean Droplets are Linux-based virtual machines…
If you want to connect to your Hacking VPS from multiple computers, here is a great article on how to distribute your SSH key:
How to Upload an SSH Public Key to an Existing Droplet | DigitalOcean Product Documentation
Validated on 15 April 2019 • Posted on 19 June 2018 DigitalOcean Droplets are Linux-based virtual machines (VMs)…
Using Burp Suite with Proxy
You’re still going to need to use a browser when hacking stuff on pen-testing labs. It’s difficult to browse the internet though an SSH terminal. Luckily you can use port forwarding with SSH to use a browser on your local machine as if you were browsing directly on your Hacking VPS.
- Install the Burp Suite CA certificate:
Installing Burp's CA certificate
Note: These steps are only necessary if you want to use an external browser for manual testing with Burp. If you…
2. Install Foxy-Proxy to your browser:
FoxyProxy Basic - Get this Extension for 🦊 Firefox (en-US)
FoxyProxy Basic is a Firefox extension that switches an internet connection across one or more proxy servers based with…
3. Configure SOCKS proxy in Burp Suite under “User Options”:
4. Set a Foxy Proxy to HTTP port 8080 on local host to start sending traffic though the burp suite SOCK proxy:
5. Whenever you want to browse though your VPS, set foxy-proxy to your burp suite VPS browsing configuration:
Tmux for persistence
Tmux is a popular terminal manager, allowing you to easily create many windows and panels within a terminal’s Tmux session. This Tmux session can also be saved if you detach the session or even if you accidentally disconnect. This is extremely useful because you can re-attach the session from any computer as well.
To installing Tmux:
apt install tmux
There are hundreds of guides on how to use it you can find on your favorite search engine. Tmux out of the box is a bit hard to use, so I recommend following this article to make some important configurations:
Making tmux Pretty and Usable - A Guide to Customizing your tmux.conf
In my previous blog post I gave a quick and easy introduction to tmux and explained how to use tmux with a basic…
Copy pasting in Tmux
One more tip when it comes to Tmux: when you want to copy something, hold down shift before you highlight text, then you can copy it with shift-ctrl-c like normal.
Creating Local Backup of your VPS image
Creating backups using Digital Ocean’s servers costs money. However you can download a copy of your whole VPS image with a few commands:
- Figure out the name of your disk:
Then download the image of that disk with SSH and DD:
ssh email@example.com "dd if=/dev/vda | gzip -1 -" | dd of=kali_digital_ocean_image.gz
Creating a cool domain name
Usually a domain name costs the big bucks too. With this website though you can quickly get a domain to use with your VPS or any other of your projects for free!
FreeDNS - Free DNS - Dynamic DNS - Static DNS subdomain and domain hosting
Free DNS hosting, lets you fully manage your own domain. Dynamic DNS and Static DNS services available. You may also…
- Create an Account:
2. Once logged in, click “Subdomains” then “add”:
3. Pick a subdomain, pick a domain, set your VPS’s IP address, do the human verification challenge then click “Save!”:
You now have a registered domain.
4. You should now be able to ssh into your machine using this slick domain name rather than an ugly IP address.
That’s the gist of my personal setup. If you have any ideas to add to it, spot any flaws in my post or have an criticism of my writing, please email me at firstname.lastname@example.org