Kali Linux is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. The third core developer Raphaël Hertzog joined them as Debian expert.
Kali Linux is based on Debian Wheezy. Most packages Kali uses are imported from the Debian repositories.
Kali Linux is developed in a secure location with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom built kernel tha is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.
Welcome to our fourth and final release of 2018, Kali Linux 2018.4, which is available for immediate download. This release brings our kernel up to version 4.18.10, fixes numerous bugs, includes many updated packages, and a very experimental 64-bit Raspberry Pi 3 image.
New Tools and Tool Upgrades
We have only added one new tool to the distribution in this release cycle but it’s a great one. Wireguard is a powerful and easy to configure VPN solution that eliminates many of the headaches one typically encounters setting up VPNs. Check out our Wireguard post for more details on this great addition.
Kali Linux 2018.4 also includes updated packages for Burp Suite, Patator, Gobuster, Binwalk, Faraday, Fern-Wifi-Cracker, RSMangler, theHarvester, wpscan, and more. For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.
64-bit Raspberry Pi 3
We have created a very experimental Raspberry Pi 3 image that supports 64-bit mode. Please note that this is a beta image, so if you discover anything that isn’t working, please alert us on our bug tracker.
Previous release notes:
This Kali release is the first to include the Linux 4.15 kernel, which includes the x86 and x64 fixes for the much-hyped Spectre and Meltdown vulnerabilities. It also includes much better support for AMD GPUs and support for AMD Secure Encrypted Virtualization, which allows for encrypting virtual machine memory such that even the hypervisor can’t access it.
Easier Metasploit Script Access
If you spend any significant amount of time writing exploits, you are undoubtedly familiar with the various Metasploit scripts that are available, such as pattern_create, pattern_offset, nasm_shell, etc. You are likely also aware that all of these helpful scripts are tucked away under /usr/share/metasploit-framework/tools/exploit/, which makes them more than a little difficult to make use of. Fortunately, as of metasploit-framework_4.16.34-0kali2, you can now make use of all these scripts directly as we have included links to all of them in the PATH, each of them prepended with msf-.
In addition to the above changes, there have been updates to a number of applications including Bloodhound, Reaver, PixieWPS, Burp Suite, Hashcat, and more. Since there are far too many packages to include in a default ISO, to see the full list of changes, we encourage you to review the Kali Changelog. Complete release notes here.