七，加速以后的开发
如果你准备以后经常定制iso 那么你可能需要在本地缓存Kali的软件包，节省一些下载时间。首先下载apt-cacher-ng
apt-get install apt-cacher-ng
当你以后要开发时，先打开cacher
/etc/init.d/apt-cacher-ng start
export http_proxy=http://localhost:3142
lb config --apt-http-proxy http://127.0.0.1:3142
lb build

接下来几篇讲Kali的安装，多系统并存等，直接上我的教程

1 kali与windows双系统共存
其实安装起来很容易，无脑下一步，我这里懒得上图，说几个重点
如何确定你要安在哪个盘，windows下对盘的命名为c d e而linux下是sda1 sda2等等
新手往往无法相对应起来，有两种方法区分，都在windows下进行，一种是把一个盘分得特别大或者特别小
，安装时更容易区分，或者直接删除一个分区，留一个空白区域 （右键计算机 管理 磁盘，选分区删除）
安装时常见问题解决 提示找不到cd驱动器，是否手动加载 否 刷新几次就行 实在不行就手动输入位置/dev/sdb
这是U盘的问题，不要真去检查光驱
如何分区 按前文方法 找到你想要的那个区 使他变为空白（已经空白就不必了）
新建分区 用于ext4日志文件 挂载为/ （警告 不要把所有空白区域都分满，留一点空白，否则容易导致grub安不上） （再次警告 不要把空白区分满）
efi和gpt怎么办，参见这位楼主 http://tieba.baidu.com/p/3600996065

2 关于os x系统与kali的并存，或在os x下安装kali 官方都讲了，但是我没有设备，实验不了
坐等大神填坑
3 网络安装法 适用于linux端服务器等

mkdir -p /tftpboot
cd /tftpboot
# for 64 bit systems:
wget http://repo.kali.org/kali/dists/kali/main/installer-amd64/current/images/netboot/netboot.tar.gz
# for 32 bit systems:
wget http://repo.kali.org/kali/dists/kali/main/installer-i386/current/images/netboot/netboot.tar.gz
tar zxpf netboot.tar.gz
rm netboot.tar.gz
然后设置启动，大神们应该自己懂的，我无力解释

今天开始讲kali在arm上的应用了
The Raspberry Pi is a low-cost, credit-card-sized ARM computer. Despite being a good bit less powerful than a laptop or desktop PC, its affordability makes it an excellent option for a tiny Linux system and it can do far more than act as a media hub.
The Raspberry Pi provides a SD card slot for mass storage and will attempt to boot off that device when the board is powered on.
By default, the Kali Linux Raspberry Pi image has been streamlined with the minimum tools, similar to all the other ARM images. If you wish to upgrade the installation to a standard desktop installation, you can include the extra tools by installing the kali-linux-full metapackage. For more information on metapackages, please refer to our tools page.
Kali Linux on Raspberry Pi — Pre-built Version
If you’re unfamiliar with the details of downloading and validating a Kali Linux image, or for using that image to create a bootable device, it’s strongly recommended that you refer to the more detailed procedures described in the specific articles on those subjects.
To install a prebuilt image of the standard build of Kali Linux on your Raspberry Pi, the general process goes as follows:
Get a fast SD card with at least 8 GB capacity. Class 10 cards are highly recommended.
Download and validate the Kali Linux Raspberry Pi image from the Offensive Security downloads area. The process for validating an image is described in more detail in the article on “Downloading Kali Linux”.
Use the dd utility to image this file to your SD card. The full process for creating a bootable USB or SD device is described in the article on “Making a Kali Live USB Drive”. In the following example, we assume that the image is named “kali-1.0.9-rpi.img”, that it’s is in your current working directory, and that the SD card is located at /dev/sdb. Do not simply copy these value, change this to the correct drive path corresponding to your SD card.
WARNING! This command will overwrite any existing data on your SD card. If you specify the wrong device path, you could wipe out your computer’s hard disk!
root@kali:~ dd if=kali-1.0.9-rpi.img of=/dev/sdb bs=512k
This process can take a while depending on your SD card’s device speed and image size. Once the dd operation is complete, insert the SD card into the Raspberry Pi and power it on.
You should be able to log into Kali (as user root, using the password toor) and execute the startx command at the shell prompt to start up the XFCE desktop environment.
IMPORTANT! Please change your SSH host keys as soon as possible as all ARM images are pre-configured the same keys. You should also change the root password to something more secure, especially if this machine will be publicly accessible!
Changing the SSH host keys can be accomplished by doing the following:
root@kali:~ rm /etc/ssh/ssh_host_*
root@kali:~ dpkg-reconfigure openssh-server
root@kali:~ service ssh restart
Kali Linux on Raspberry Pi — Custom Build
If you are a developer and want to tinker with the Kali Raspberry Pi image, including changing the kernel configuration, customizing the packages included, or making other modifications, you can work with the rpi.sh script in the kali-arm-build-scripts repository on github, and follow the README.md file’s instructions.
You will need to set up an ARM cross-compilation environment before you can build a Raspberry Pi image of Kali Linux. A general overview of the build process for ARM devices can be found in the article on “Preparing a Kali Linux ARM chroot”.
原文

树莓派是一种低功耗，信用卡大小的arm电脑，尽管比掌上电脑的功耗更低，，但它强大的承载能力使他成为迷你Linux系统的最佳选择，它能做的也不仅仅是媒体中心
树莓派提供了SD卡代替硬盘，并且它开机后先尝试从SD卡启动
默认情况下 ，树莓派的img和其他arm的img一样只拥有最精简的工具，如果你想要标准化的桌面安装，你可以通过安装kali-linux-full软件包来获得其他工具，更多信息请查看我们的工具列表

接下来讲了kali在BeagleBone Black板子上的安装，步骤完全一样，不在累述

开始介绍kali 取证模式了（forensic boot mode）
When booted into the forensic boot mode, there are a few very important changes to the regular operation of the system:
First, the internal hard disk is never touched. If there is a swap partition it will not be used and no internal disk will be auto mounted. We verified this by first taking a standard system and removing the hard drive. A hash was taken of the drive using a commercial forensic package. We then reattached the drive to the computer and booted Kali Linux “Live” in forensic mode. After using Kali for a period of time, we then shut the system down, removed the hard drive, and took the hash again. These hashes matched, indicating that at no point was anything changed on the drive in any way.
The other, equally important, change is that auto-mounting of removable media is disabled. USB thumb drives, CDs, and the like will not be auto-mounted when inserted. The idea behind this is simple: in forensic mode, nothing should happen to any media without direct user action. Anything that you do as a user is on you.
If you plan on using Kali for real world forensics of any type, we recommend that you don’t just take our word for any of this. All forensic tools should always be validated to ensure that you know how they will behave in any circumstance in which you are going to be using them.
Finally, while Kali continues to focus on providing the best collection of open source penetration testing tools available, it is always possible that we may have missed your favorite open source forensic tool. If so, let us know! We are always on the lookout of high quality open source tools that we can add to Kali to make it even better.

当你进入到kali的取证模式（live系统才有）时，系统的寻常操作都有一些重要的变化
首先，内部的硬盘完全不会使用，如果有swap分区，它也不会被挂载，我们通过以下实验证实，在硬盘上安装了一个标准系统，移除硬盘通过商业取证工具取得hash值，放回硬盘并通过kali取证模式再次启动电脑，使用一段时间后，再次去下硬盘取得hash值，发现并没有改变，也就是说硬盘并没有改变
另外，同样重要的是，可移动媒体是不会自动运行的，其背后的思想很简单，在取证模式中，所有不是用户直接的行为都应该被禁止，所有的动作都应该是用户自己执行
如果你在现实生活中使用kali进行任何种类的取证，我们建议你不要只相信我们的话，你应该熟悉每个取证工具在各个环境下的使用
最后，当kali持续专注于提供最好的开源渗透测试工具集合，我们可能已经错过了你最喜欢的开源取证工具。如果是这样的话，让我们知道！我们一直在寻找高质量的开放源代码工具，我们可以把他加入kali使kali更好

计算机取证的说明（摘自百度百科）
http://baike.baidu.com/link?url=qRAkhzH35147QgJfLaER8cZ5zuMjUSthfUoSnLHTy8vE9PkWOK5w5jr1htvk3ifz7aER0FAXYaY_rVkemG7RQK

断更好久啦，再次开始

metasploit 框架服务
在kali的网络服务策略中，没有网络服务在启动后默认运行（包括数据库服务），所有这里有相匹配的步骤需要我们做为了让metasploit在数据库的支持下启动
打开kali的postgresql服务
sevice postgresql start（命令）
你可以通过ss-ant命令来判断postgresql是否运行并且确认5432端口是否在监听
打开metasploit
打开了postgresql，我们就可以打开meta，我们第一次运行时，sql的默认用户名是msf3
service metasploit start(命令）
启动msfconsole
现在前两个服务打开了，你可以启动msfconsole并且确认数据库和命令db_status是否连接
msfconsole（。。）
设置服务开机启动
update-rc.d postgresql enable
update-rc.d metasploit enable

n卡福利，官方关于驱动的一些说明（我a卡为什么没有）

接下来讲的是kali虚拟机安装增强功能，这个我就略过，因为新版本的kali貌似对自动运行支持不错
vbox就点设备 安装增强功能 然后坐等，（先切换到root用户）
vm可以直接apt-get install open-vm-toolbox
重点要讲的是这个定制桌面
打开config/package-lists/kali.list.chroot这个地址（先看前文说的定制iso）
找到以下位置
gnome-core
gnome-brave-icon-theme
gnome-shell-extensions
nautilus-open-terminal
gnome-orca
xfce改为
xfce4
network-manager-gnome
network-manager
kde改为
kde-plasma-desktop
kdm
lxde改为lxde
然后按之前步骤生成iso，就可以安装包含你喜爱桌面的kali啦

重编译软件源和内核太复杂，还是重点讲下两篇，arm平台交叉编译和chroot 不过重编译的图我也发一下