Tuesday, April 4, 2017

Set up your own web application pentesting lab

Without any preface, let me get straight to the point. In this tutorial, we will be installing Damn Vulnerable Web Application (DVWA) on a Ubuntu virtual machine. Our attacker machine would be Kali Linux, which is also installed as a virtual machine (or virtual box). The host can be any OS, and doesn't matter since we won't be using it at all. An alternate configuration is when your host is either Kali or Ubuntu, in which case you need only one VM, to install their the other OS. Alternatively, you could just use a single Kali machine both as attacker as well as victim (running the vulnerable application). However, that makes things less realistic.

Contents

  1. Pre-requisites
  2. Installing DVWA
Disclaimer : No cool stuff in this tutorial, just straightforward installation.

Pre-requisites

You need to have Kali Linux (rolling release) and Ubuntu (I'm using 16.04) up and running. If you aren't familiar with virtual machines and stuff, then take a break of a few days, get familiar with them, install and run a few Linux (any flavour) VMs, drink some coffee, etc. Once you're comfortable with virtual machines (and have Kali & Ubuntu up nd running), proceed onward.

You also need some minimal knowledge of linux, networking, and web applications. As an exercise, you could try getting some free web host (a pathetic one will suffice, since you are only doing this for learning and won't need anyone to use your website), and deploy a wordpress site. Tinker around the website, install themes and stuff to get a feel for it. Then, go one step further and deploy a wordpress instance on your linux virtual machine. This time, don't use the wordpress UI to do things, but instead try and figure out stuff manually. Install themes, modules, etc. on your own by placing them in the correct directory. Just tinker away, in short, till you have some level of familiarity with web applications.

Now, you are familiar with web apps, virtual machines, and linux (not networking though). The task above were pretty simple but for now you can move ahead with the tutorial with the given amount of expertise. Also, the pre-reqs listed above are for the entire web pentesting series, and most probably you'll be able to follow this tutorial without completing some of them, since this is the first and very basic installation tutorial.

Important: Make sure you use the same version of stuff as me. This will avoid scenarios where our systems behave differently (in which case you'll have to use google-fu to figure our how to deal with unexpected stuff happening).

Ubuntu Version - 16.04.1 LTS
XAMPP Version - 7.1.1 (you'll install this later in the tut)

Installing DVWA

This is a fairly simple procedure.  Below are screenshots with explanation. At the end of the tutorial, I have listed commands that you need to type to get all this done (you can simply copy paste the commands). The unnecessary steps are not present in list of commands (in screenshots they are there to enhance your understanding oh what's going on).

Overview-

  1. First we will download DVWA.
  2. Then we read it's doc and find out what to do.
  3. After reading doc, we realize we need to install XAMPP, we do that.
  4. After installing XAMPP, we test if it works by starting it and opening localhost on our machine.
  5. Once we're sure that XAMPP works, we will proceed and copy DVWA files to htdocs folder of XAMPP.
  6. Now we check if localhost/DVWA-master leads us to the vulnerable app. If it does, then we did everything right.

Open Damn Vulnerable Web App website in your browser. Click on download. You'll get an archive, extract it.
Navigate to the extracted archive. Get a lay of the land. You'll find that there is documentation available in docs folder.
Here is the relevant section of the documentation. We need to install XAMPP. You can get it to work
with any other equivalent software bundle, but for ease, let's stick to the recommended way.
Proceed to download the XAMPP bundle. I went with the latest version (going with latest version
poses a slight problem for us, while DVWA is flawed, our PHP version is perfectly patched. For now, let's
ignore this. If this cause hinderance at a later stage, then we'll deal with it)
Navigate to downloads directory and run the installer for XAMPP
Realise that you forgot to run the installer as root! (kudos if you ran as root and didn't make the
same mistake as me)
Run installer as root
It's a simple installer. You'd know what to do.

Wait for it to finish.
Start the XAMPP server (note that the directory is lampp in linux systems)
Check if your server is running by typing 127.0.0.1 or localhost on your browser. XAMPP is now up
and running properly. Let's run our vulnerable app on XAMPP now.
As suggested by the documentation, we simply move our folder into the htdocs directory.
Open the localhost/DVWA-master URL and you'll see that everything works as expected. Our initial
setup is successfully done.
There is still further configuration to be done, but I don't want to extend the tutorial any further. After the next section, there is link to part 2 of this series.

Commands

For below commands to work, ensure the following-

  • xampp-linux-x64-VERSION-installer.run - this file downloaded and is located in Downloads folder
  • DWVA-master directory is located in home folder (the archive to be downloaded and extracted to obtain this directory).
  • Replace VERSION with the version you have downloaded (7.1.1.0 in my case)
Here are the commands-


  1. cd ~/Downloads
  2. chmod a+x xampp-linux-x64-VERSION-installer.run
  3. cd ~
  4. sudo ./xampp-linux-x64-VERSION-installer.run
  5. sudo mv ~/DWVA-master/ /opt/lampp/htdocs/

Part 2 : fixing the problems and finishing the configuration. Here's the link -

Configuring DVWA


Extras


  1. Read about localhost (what does this URL signify - 127.0.0.1)
  2. Commands used - ls, cd, mv, sudo. Use man pages to find out what these mean (eg. type man mv into the terminal)


73 comments:

  1. I never knew it was possible until a friend of my who is studying computer science in Massachusetts Institute of Technology told me about these Chinese computer geniuses he knew Soft tech geeks. They helped me clone a credit card to my dad's account and now I can spend Dad's money without him knowing. Contact them for any tech job you need. softtechgeeks@gmail.com

    ReplyDelete
    Replies
    1. Need The To Hire A Hacker❓ Then contact PYTHONAX✅

      The really amazing deal about contacting PYTHONAX is that the Hack done by us can’t get traced to you, as every Hacking job we do is strongly protected by our Firewall. It’s like saying if anyone tries to trace the Hack, it will lead them to us and we block whatever actions they are doing.

      We have been Invisible to Authorities for almost a decade now and if you google PYTHONAX, not really about us comes out, you can only see comments made by us or about us.

      Another Amazing thing to you benefit from Hiring our Hackers is that you get a Legit and the best Hacking service, As we provide you with Professional Hackers who have their Hacking Areas of specialization.
      We perform every Hack there is, using special Hacking tools we get from the dark web.

      Some list of Hacking Services we provide are-:
      ▪️Phone Hacking & Cloning ✅
      ▪️Computer Hacking ✅
      ▪️Emails & Social Media Account Hacking✅
      ▪️Recovering Deleted Files✅
      ▪️Tracking & Finding People ✅
      ▪️Hunting Down Scammers✅
      ▪️Hack detecting ✅
      ▪️Stealing/Copying Files & Documents From Restricted Networks and Servers ✅
      ▪️Credit Score Manipulation ✅
      ▪️ Deleting Criminal Records✅
      ▪️Bitcoin Multiplication✅
      ▪️Binary Option Money Recovery ✅
      ▪️Scam Money Recovery✅ And lots more......

      ✳️ SPECIAL HACKING SERVICES-: we also specialize in Scam Bounty, as we chase down SCAMMERS and help individuals RECOVER Money stolen from them by this online SCAMMERS. Please be watchful about this SCAMMERS. They post ❌ENTICING TESTIMONIES and it quite Convincing.


      Whatever Hacking service you require, just give us an Email to the Emails Address provided below.
      pythonaxhacks@gmail.com
      pythonaxservices@gmail.com

      PYTHONAX.
      2020 © All Right Reserved.

      Delete
    2. **FULLZ WITH HIGH CREDIT SCORES AVAILABLE**
      **HACKING TOOLS WITH TUTORIALS AVAILABLE**
      (High Quality, Genuine Seller)

      =>Contact 24/7<=
      Telegram> @killhacks
      ICQ> 752822040

      Fullz info included
      NAME+SSN+DOB+DL+DL-STATE+ADDRESS
      Employee & Bank details included
      High credit fullz with DL 700+
      (bulk order negotiable)
      **Payment in all crypto currencies will be accepted**

      ->You can buy few for testing
      ->Invalid or wrong info will be replaced
      ->Serious buyers needed for long term

      TOOLS & TUTORIALS AVAILABLE:

      "SPAMMING" "HACKING" "CARDING" "CASH OUT"
      "KALI LINUX" "BLOCKCHAIN BLUE PRINTS"

      **TOOLS & TUTORIALS LIST**

      ->Ethical Hacking Tools & Tutorials
      ->Kali Linux
      ->Keylogger & Keystroke Logger
      ->Facebook & Google Hacking
      ->Bitcoin Flasher
      ->SQL Injector
      ->Paypal Logins
      ->Bitcoin Cracker
      ->SMTP Linux Root
      ->DUMPS with pins track 1 and 2
      ->SMTP's, Safe Socks, Rdp's brute, VPN
      ->Php mailer
      ->SMS Sender & Email Blaster
      ->Cpanel
      ->Server I.P's & Proxies
      ->Viruses
      ->Premium Accounts (netflix cracker, paypal logins, pornhub, amazon)
      ->HQ Email Combo

      If you are searching for a valid vendor, I'm here for you.
      You'll never be disappointed.
      **You should try at least once**

      Contact 24/7
      Telegram> @killhacks
      ICQ> 752822040

      Delete
    3. I'm not able to configure it.

      Delete
  2. Are you looking for Web Application Development Company in India? Kanhasoft is providing custom Web Application Development services globally to boost your business. Get custom web application solution with professionals.

    ReplyDelete
  3. It would take time to set up... but once all settled it will proved to be very beneficial..
    https://torrent-mac.com/loopback-audio-crack-mac/

    ReplyDelete
  4. Thanks for the post. Very interesting post. This is my first-time visit here. I found so much interesting stuff in your blog.


    IB KEYGEN

    ccleaner pro crack

    ReplyDelete
  5. The world of the internet has matured rapidly in a very short time, and standards of web design have matured along with it. Less than twenty years ago, "accessibility" revolved around making sure that your web pages could be read on all three of the major web browsers - Internet Explorer, Netscape and Mozilla. Within a few years, the concept of accessibility had expanded to include making sure that web sites remained accessible to those using older browsers. Web Design Company UK

    ReplyDelete
  6. Here is a list of HACKING SERVICES we can offer to you-:
    ▪️Giving Financial support 💵💶through our Bitcoin Mining ⛏ ⚒process and funding it to a paypal account if need be.
    ▪️Phone 📲 & Computer💻 Hacks
    ▪️Email 📧 & Social Media Account💝 Hacks
    ▪️Changing of Grades🗞& Credit Score💰
    ▪️Detection of weakness and upgrade of FireWall and lots more.
    Our Hacks are Suberb and always ready to hack for you, any day, anytime.

    If you ever need help or Hacking Services, please contact us trough our Secure line. Our services to you will be Concealed and for no reason be revealed to others. You have our word on that.
    Calls, voicemails and text are all accepted.
    Contact us at:
    www.alienmanhackers.xyz
    ALIENMANH4CCK@PROTONMAIL.com
    TELEGRAM: ALIENM4NHACKERS
    CALL OR TEXT: +13603603875
    SIGNAL : +16469229088

    ReplyDelete
  7. If You Are Trying To Catch Your Cheating Spouse In The Act, I Strongly Recommend You Contact This Awesome Hacker That Helped Me Monitor My Husband’s Phone When I Was Gathering Evidence During The Divorce. I Got Virtually Every Information She Has Been Hiding Over The Months Easily On My Own Phone: The Spy App Diverted All Her Whatsapp, Facebook, Text Messages, Sent And Received Through The Phone: I Also Got Her Phone Calls And Deleted Messages. She Could Not Believe Her Eyes When She Saw The Evidence Because She Had No Idea She Was Hacked, I Didn’t Need To Touch Her Phone At all,.I Certainly Recommend Contact: “Whitehatspytech@cyberservices.com”

    ReplyDelete
  8. Since you are only doing this for learning and won't need anyone to use your website), and deploy a wordpress site. Tinker around the website, install themes and stuff to get a feel for it.

    ReplyDelete
  9. Great blog,thank you for your efforts.quickbooks update error 15241 is one of the common payroll error which might occur when we try to update quickbooks ,to know how it affects and how can we fix this error visit the site.

    ReplyDelete
  10. I like what you guys tend to be up too. This kind of clever work and reporting! Keep up the very good works guys I’ve added you guys to our blogroll.

    Try to check my blog: 부산달리기

    ReplyDelete
  11. In computer system, a web application is a client-side and server-side software application in which the client runs or request in a web browser. Common web applications include email, online retail sales, online auctions, wikis, instant messaging services and more.

    ReplyDelete
  12. Is that good for us and we have assignment expert if you have any problems for how to creat assigments essay contact us thank you.

    ReplyDelete
  13. Thank you for the post , well There are many causes of quickbooks error 12031 like blocking of firewall in functioning of QuickBooks , weak internet connection , third party antivirus , error in SSL settings.

    ReplyDelete
  14. You get the Quickbooks error 6000 when you try to open the company file with your accounting software. The 6000 error is actually a series of status numbers dependent on the issue you ran into while trying to open the corporate file.

    ReplyDelete
  15. Very informative post. I am an accountant and a blogger as well. I suggest you to read my blog on download quickbooks tool hub which will guide you through quickbooks repair tool

    ReplyDelete
  16. A Web application (Web app) is an application program that is stored on a remote server and delivered over the Internet through a browser interface. Web services are Web apps by definition and many, although not all, websites contain Web apps.

    ReplyDelete
  17. Such a informative article anyone want any help about Quickbooks error code h202

    ReplyDelete
  18. ema, thanks for sharing this informative blog keep on sharing. for more info visit our site.
    Quickbooks unrecoverable error

    ReplyDelete
  19. great post! and have so much information in it, I am student of Computer science and on the month basis professor gives us assignments, I am used to get Do My Assignment Cheap help to complete my task and now I find out your blogs are relevant to my topics so I don't have enough need of them. Thank you for sharing this blog.

    ReplyDelete
  20. The QBFD tool can be used to fix errors and issues. However, if the program becomes unresponsive or freezes due to incorrect installation or other issues then you must know the steps to uninstall it quickbooks file doctor

    ReplyDelete
  21. **FULLZ WITH HIGH CREDIT SCORES AVAILABLE**
    **HACKING TOOLS WITH TUTORIALS AVAILABLE**
    (High Quality, Genuine Seller)

    =>Contact 24/7<=
    Telegram> @killhacks
    ICQ> 752822040

    Fullz info included
    NAME+SSN+DOB+DL+DL-STATE+ADDRESS
    Employee & Bank details included
    High credit fullz with DL 700+
    (bulk order negotiable)
    **Payment in all crypto currencies will be accepted**

    ->You can buy few for testing
    ->Invalid or wrong info will be replaced
    ->Serious buyers needed for long term

    TOOLS & TUTORIALS AVAILABLE:

    "SPAMMING" "HACKING" "CARDING" "CASH OUT"
    "KALI LINUX" "BLOCKCHAIN BLUE PRINTS"

    **TOOLS & TUTORIALS LIST**

    ->Ethical Hacking Tools & Tutorials
    ->Kali Linux
    ->Keylogger & Keystroke Logger
    ->Facebook & Google Hacking
    ->Bitcoin Flasher
    ->SQL Injector
    ->Paypal Logins
    ->Bitcoin Cracker
    ->SMTP Linux Root
    ->DUMPS with pins track 1 and 2
    ->SMTP's, Safe Socks, Rdp's brute, VPN
    ->Php mailer
    ->SMS Sender & Email Blaster
    ->Cpanel
    ->Server I.P's & Proxies
    ->Viruses
    ->Premium Accounts (netflix cracker, paypal logins, pornhub, amazon)
    ->HQ Email Combo

    If you are searching for a valid vendor, I'm here for you.
    You'll never be disappointed.
    **You should try at least once**

    Contact 24/7
    Telegram> @killhacks
    ICQ> 752822040

    ReplyDelete
  22. The Cacti training covers concepts from the Basic level to the advanced level. Whether you are an individual or corporate client we can customize training course content as per your requirement. And can arrange this Cacti training as per your pace.
    Cacti is an open-source network monitoring tool based on RRDtool’s data logging and graphing system.It is a web-based network monitoring and graphing tool especially designed as a front-end application for the open-source, industry-standard data logging tool called RRDtool.
    Complete Customization of Cacti training’s course content is possible for Individual students and for Corporate. Cacti certification training is available for individuals and for corporate we may arrange the classroom as well. For more information on Cacti training do connect us.
    Email: contact@maxmunus.com
    Call / WhatsApp: +919035888988

    ReplyDelete
  23. PentesterLab is an awesome resource to get hands-on, especially for newbies in web penetration testing or pentesting in general. It gives insights to possible web security flaws, their behavior and approaches that can be taken to exploit them. More of, it does help in developing a hacker-like mindset.

    ReplyDelete
  24. PentesterLab is an awesome resource to get hands-on, especially for newbies in web penetration testing or pentesting in general. special event jackets It gives insights to possible web security flaws, their behavior and approaches that can be taken to exploit them. More of, it does help in developing a hacker-like mindset.

    ReplyDelete
  25. Thank you for sharing your blog with us; it contains a great deal of useful information.

    when did the ps4 come out
    4029357733

    ReplyDelete
  26. Very helpful content. I like it.

    Scott D Cook,
    cofounder of Accounting Def

    ReplyDelete
  27. Thanks for the great post you posted. I like the way you describe the unique content. The points you raise are valid and reasonable. I am a tech support expert telling you about.
    kraken login
    phantom wallet

    ReplyDelete
  28. Go to Slope Wallet official website and select from Android or iOS for mobile application and select Chrome for desktop. You can also go directly to the Chrome Store, Google Play, or App Store. Then, search "Slope Wallet" and install.
    Atomic Wallet |

    ReplyDelete
  29. This one is perfect article. I appreciated your efforts and really like the way of writing, really impressive. Thanks for sharing this article and good article. Now it's time to avail african gowns for ladies for more information.

    ReplyDelete
  30. Thanks for such an awesome guide about DVWA. Keep sharing awesome stuff like that. Now repair your mobile in Baltimore from https://www.vfixphonesandtech.com/ check out for more information.

    ReplyDelete
  31. Very good initiative. You helped me in my project. Keep it up and share more. Now it's time to avail Hi Vis Traffic Jacket for more information.

    ReplyDelete
  32. I was having a poblem in setting up your own web application pentesting lab but I can set thi up. Now it's time to avail taxi Manchester Airport for more information.

    ReplyDelete
  33. I read this article. I think You put a lot of effort to create this article. I appreciate your work.
    CardRecovery license key

    ReplyDelete
  34. We are the best one in the CEMENT TREATED BASEstate houston , texas . Do visit hastencontracting .

    ReplyDelete
  35. The depth of TACB's experience Financial Instruments in Dubaiwith numerous financial instruments ensures a smooth completion of the deal.

    ReplyDelete
  36. . It should be obvious that this404 esports in Dubai is a significant event

    ReplyDelete
  37. Thanks for sharing beautiful content. I got information from your blog.Keep sharing
    strangulation charge in virginia

    ReplyDelete
  38. Setting up your own web application pentesting lab is a great way to learn about web security and hone your skills. By following the instructions in this article, you can create a safe and effective lab environment. To get started, use the Bluehost coupon code to get a discount on your hosting plan.

    ReplyDelete
  39. Great post. I appreciated your efforts and really like the way of writing, really impressive. Thanks for sharing this amazing article

    ReplyDelete
  40. Thanks for the post. Very interesting post. This is my first-time visit here. I found so much interesting stuff in your blog. Now it's time to avail Siding Services In Alachua County FL for more information.

    ReplyDelete
  41. Yes, I have read your blog with carefully I really like it very much. You are such a amazing. Now it's time to avail taxi milwaukee for more information. information providing. Thank you for this I will share this site with others.

    ReplyDelete
  42. Thanks for sharing an informative blog.It was really nice.Keep sharing.
    Virginia Reckless Driving Penalty

    ReplyDelete
  43. Thanks for sharing an informarive blog.It was really nice.Keep sharing
    York Traffic Lawyer

    ReplyDelete
  44. Great article to know more about DVWA. Thanks for sharing this beautiful article. Keep sharing more blogs. Alexandria DUI Lawyer Virginia

    ReplyDelete
  45. I am especially happy with your article because it is very valuable to me and contains new knowledge.
    digital marketing services gold coast

    ReplyDelete
  46. Nice informative post. Thanks for sharing this post. Keep sharing more blogs like this
    domestic electrician gold coast

    ReplyDelete

  47. I have read your post and i am here to thank you for sharing this post
    Virginia Protective Orderare available to individuals who have experienced an act of violence, force, or threat that caused them to fear for their safety or resulted in physical injury.

    ReplyDelete
  48. Good initiative. This one is very good. I read your blog deeply. Keep up writing a good article. Appreciation. Now it's time to avail Car Services in Orlando for more information.

    ReplyDelete
  49. Looking for solutions to fix QuickBooks Error H202? Connect with experts at toll- free number +1(855)-955-1942 and get the error resolved.

    ReplyDelete
  50. Exploring the rich tapestry of theater history with 'Great Moments in the Theatre' is akin to the meticulous care given during Mobile Car Wash Ottawa. Both experiences reveal a commitment to detail, ensuring every moment, whether on stage or in your car, is a masterpiece

    ReplyDelete
  51. This straightforward tutorial for installing Damn Vulnerable Web Application (DVWA) on a Ubuntu virtual machine is incredibly helpful for those new to web application security testing. The step-by-step guidance and pre-requisite tips are invaluable. Thanks for simplifying the process.
    How to File an Uncontested Divorce in New York
    How to File Divorce Papers in New York

    ReplyDelete
  52. Diving into the world of web application pentesting? Create your own secure environment for testing and honing your skills. Just like safeguarding your virtual space, ensure your car gleams with excellence. Discover Ottawa Car Detailing services to keep your ride as polished as your pentesting techniques.

    ReplyDelete
  53. En Botetourt, VA, un cargo de DUI es un asunto grave. Puede resultar en sanciones severas y la pérdida de privilegios de conducción. La asistencia de un abogado especializado en DUI en Botetourt es esencial para brindar defensa legal efectiva y buscar soluciones que minimicen las consecuencias, protegiendo su historial y licencia. Botetourt DUI VA

    ReplyDelete
  54. There are a few things that I find very interesting. Thank you for your explanation. very good content. cargos de dui retirados

    ReplyDelete
  55. Creating a web application pentesting lab is a great way to improve your cybersecurity knowledge. If you want to keep participants motivated and focused during these crucial learning events, think about usingTraining session catering services in midland Texaswhere knowledge truly is power. In the same way that the lab gives you cybersecurity know-how, studying effectively requires a full mind. Cheers to training and pentesting!

    ReplyDelete
  56. This article is increasing the interest to learn more about this topic. Continue the sharing your new updates. abogado dui prince edward virginia

    ReplyDelete
  57. This is very interesting topic I enjoy it.
    Saloniyaapa

    ReplyDelete
  58. I check your blog every day and also know something from your blog site. Thank you and waiting for your new article.abogado delitos sexuales

    ReplyDelete
  59. WhatsApp works on Windows 11, 10, 8, and 7. Better keyboard shortcuts and native desktop alerts are available because the program runs directly on your desktop. Like the Web app, the New Desktop App lets you communicate with friends and family while your phone is in your pocket. WhatsApp 2024 For Windows 32-bit, you have to install the application on your phone and it can also be Windows 64-bit which is supported by this program.

    ReplyDelete
  60. In need of a free QR code? Our platform offers a straightforward solution, allowing you to generate QR codes without any financial investment.

    ReplyDelete
  61. I really enjoyed reading this article. It was well-written and informative. It's a great resource to learn more about eid sale 2024. Speaking of shopping, are you having any sales for Eid this year?

    ReplyDelete
  62. The tutorial on setting up a web application is incredibly informative and well-structured. It provides step-by-step guidance, making it accessible even for beginners in web development. The blog effectively breaks down complex concepts into manageable tasks, facilitating a smooth learning experience. The clear explanations and screenshots accompanying each step enhance comprehension and ease of implementation. This tutorial is a valuable resource for anyone looking to dive into web development and create their own applications. Kudos to the author for sharing their expertise in such a concise and user-friendly manner!
    Reckless Driving Lawyer Monmouth County




    ReplyDelete
  63. "Set up your own web application pentesting lab" offers detailed instructions for creating a secure and effective testing environment. It is accessible to beginners and includes various tools and techniques for hands-on experience. The step-by-step approach ensures easy replication and experimentation. This guide is highly recommended for individuals seeking to enhance their skills in web application penetration testing through hands-on practice.
    Driving Without Proof Of License New Jersey

    ReplyDelete
  64. Time is of the essence in medical emergencies, and Air Ambulance Services in Raipur understand the urgency. They offer rapid response times, ensuring that patients receive timely medical attention and transport to appropriate healthcare facilities. Air Ambulance Services In Raipur

    ReplyDelete

© Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.