Linux & Kali Basics
Almost every security tool in the world runs on Linux, and Kali Linux is the operating system built specifically for security work. In this lesson you'll set up a safe lab, learn to move around the Linux file system, run the essential commands, and understand permissions — the skills you'll use in every lesson that follows.
What is Linux? What is Kali?
Linux is a free, open-source operating system (the base software that runs a computer, like Windows or macOS). Kali Linux is a special version of Linux that comes with hundreds of security tools already installed — Nmap, Wireshark, Metasploit and more — so you don't have to hunt for them.
Build your safe lab (do this first)
The standard beginner lab is two virtual machines: Kali (your attacker/analyst machine) and a deliberately weak practice target like Metasploitable 2 (a computer built to be broken into safely for learning).
- Install free virtualisation software: VirtualBox (works on Windows, macOS, Linux).
- Download the official Kali Linux VirtualBox image from kali.org/get-kali and import it.
- Download Metasploitable 2 (a safe, intentionally-vulnerable target) and import it.
- Set both VMs' network to “Host-Only” or an “Internal Network.” This is the crucial safety step — it keeps your lab sealed off from the real internet and your real network, so nothing can leak out or in.
- Default Kali login is usually kali / kali — change the password immediately.
The Linux file system (everything is a file)
Windows uses drive letters like C:\. Linux instead has one single tree that starts at / (called root). Everything — documents, devices, even settings — hangs off this one tree.
| Folder | What lives there |
|---|---|
| / | The root — the top of everything |
| /home | Personal folders, e.g. /home/kali |
| /etc | System configuration files (settings) |
| /var | Logs and data that change over time |
| /tmp | Temporary files, cleared on reboot |
| /bin, /usr/bin | The actual programs/commands |
| /root | The home folder of the all-powerful admin user |
Essential commands (your daily vocabulary)
Every command below is safe. Learn these and you can operate any Linux machine.
Moving around and looking
Reading files
Creating and managing
Finding and filtering (the power tools)
Being the admin: sudo
sudo (“superuser do”) runs one command with full admin power. It's like borrowing the master key — useful, but handle with care.
Try: pwd, ls -la, whoami, or cat /etc/hostname.
File permissions (who can read, write, run)
Linux controls exactly who can do what to each file. When you run ls -l you see something like:
Read those first ten characters left to right:
- First character — type: - file, d directory.
- Next 3 (rwx) — the owner's rights: read, write, execute.
- Next 3 (r-x) — the group's rights.
- Last 3 (r--) — everyone else's rights.
r = read (view), w = write (change), x = execute (run as a program). A dash means “not allowed.”
Changing permissions with chmod
Those numbers are a shorthand: r=4, w=2, x=1, added up per group. So 644 = owner 6 (4+2 = rw), group 4 (r), others 4 (r). 600 keeps a secret truly private — exactly how you'd protect a private key.
- Make a lab folder and enter it:
$ mkdir ~/lab && cd ~/lab
- Create a small script that prints your network info:
$ cat > myinfo.sh << 'EOF' #!/bin/bash echo "Hostname: $(hostname)" echo "My IP:"; ip -brief a | grep -v lo echo "Default gateway:"; ip route | grep default EOF
- Look at its permissions — note there's no x yet, so it can't run:
$ ls -l myinfo.shYou'll see -rw-r--r-- — readable, but not executable.
- Grant execute permission, then run it:
$ chmod +x myinfo.sh $ ./myinfo.shResult: it prints your hostname, IP, and gateway — you built and ran your first tool, and you controlled its permissions.
- Lock it down so only you can read it: chmod 700 myinfo.sh, then re-check with ls -l.
Key takeaways
- Kali Linux is Linux pre-loaded with security tools; always practise in a sealed Host-Only lab.
- The Linux file system is one tree starting at /; key folders are /home, /etc, /var.
- Core commands: pwd ls cd cat grep find; the pipe | chains them together.
- Permissions rwx apply to owner / group / others; change them with chmod (r=4, w=2, x=1).