Kali Linux is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. The third core developer Raphaël Hertzog joined them as Debian expert.
Kali Linux is based on Debian Wheezy. Most packages Kali uses are imported from the Debian repositories.
Kali Linux is developed in a secure location with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom built kernel tha is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.
Kali 2019.3 Release
We are pleased to announce that our third release of 2019, Kali Linux 2019.3, is available immediately for download. This release brings our kernel up to version 5.2.9, and includes various new features across the board with NetHunter, ARM and packages (plus the normal bugs fixes and updates).
As promised in our roadmap blog post, there are both user facing and backend updates.
The NetHunter crew has been adding in features left, right, and center to their project. One thing to note is package management is done through the F-Droid compatible NetHunter store, so you can even choose to have a NetHunter device without any Google Play.
The proxmark3 client supports RDV4 out of the box and NetHunter now also works with Android’s new partition layouts (A/B partitions no longer have one boot partition and one recovery partition. They are all the same, but twice! A few paths have also changed, such as /system now actually being under /system/system), which allows it to be built for the latest generation of devices.
Plus, there are new apps in the NetHunter app store, thanks to @mayank_metha for Rucky and the Termux team for Termux.
There are 4 additional images for you to try NetHunter on (some may look familiar, as they are back due to community demand):
- LG V20 International Edition
- Nexus 5X
- Nexus 10
- OnePlus 7 (Our new flagship device!)
With this announcement, the OnePlus 7 is now the phone we recommend for Kali NetHunter. It is the latest and greatest flagship device for half the price of other devices. The specifications are as follows:
- Snapdragon 855
- 8GB RAM
- 256GB storage
- Still cheaper than Google pixel 3a (mid-range phone!) ;)
And here is a sneaky peak at the new boot animation, across all devices:
Kali Linux is Open Source, and Cloudflare hearts Open Source – so it’s a perfect match! As a result, CloudFlare has graciously allowed us to use their content delivery network (CDN) to mirror our repository, allowing us to now distribute our content through them. A more technical breakdown can be found on their blog.
We are currently running the CloudFlare services side by side with our standard and community mirrors.
If you notice the kali.download domain appearing on screen when you run apt update, this means you’re using CloudFlare’s services.
We now have a status page – status.kali.org. This provides an overview of all public facing domains and allows you to check if they are responding correctly. We have included all the sites we control, as well as the community mirrors for the repositories, allowing you to see everything you could possibly use (even if you are unaware)!
Note: Our load balancer on http.kali.org should automatically detect when a mirror is not responding and redirect you to one that is. As such, apt should always work (even if slow at times).
We already announced the changes to metapackages in a previous blog post, and the Kali tool listing page goes into more detail on it. However, to recap, the default toolset going forward has changed. To help with this transition, for this release only (Kali 2019.3), there is a one-off, extra image called kali-linux-large-2019.3-amd64.iso, that contains all previous default tools.
Going forward, during our release cycle, we will be evaluating which tools belong to each group:
- Kali-linux-default – tools we believe are essential to a penetration tester
- Kali-linux-large – for penetration testers who have a wider set of non standard/common situations
- Kali-linux-everything – for those who want it all (and without Internet access during the assessment)
With the switchover to GitLab (read more here), we will soon begin accepting community package submissions. This means that anyone can directly submit improvements to us–anything from minor fixes and patches to complete tool packages is encouraged. We’re currently working through the documentation on how to create a package, making it easier for folks to get started and help out. More details to come later this year.
We also noticed some packages failed to build on certain ARM architectures, which has now been fixed (allowing for more tools to be used on different platforms!).
There’s a wide range of tools in Kali. Some tools are designed to be used on Linux, some are designed for Windows (and we can still use them with WINE), and some are static resources. During our recent metapackage refresh, we took the time to create a few “helper scripts”.
You may have installed a package, gone ahead and typed in the package name to run it, and the response back was command not found. Not any more!
We understood it may not have been obvious how to use them straight away. As a result, all of our static resources should now be easy to find. Just type in the package name (Such as PayloadsAllTheThings, SecLists, WebShells and Wordlists to a name a few), you’ll see a brief description, a directory listing, and then be moved to the folder.
Tool Updates & New Packages
As always, we have our updates for all our tools, including (but not limited to):
- Burp Suite
There is a new tool (and it is included by default), amass, that has been well received in the bug bounty world.
If you use the default Kali image, it is (currently) using GNOME for the desktop environment. If you used the command line for a period of time, chances are you noticed it was refreshing the repositories in the background. This has now been disabled.
For ARM devices this release, we have added support for the PINEBOOK as well as the Gateworks Ventana machines.
The RaspberryPi kernel has been bumped to version 4.19.66, which includes support for all of the RAM on 64-bit versions of the RaspberryPi 4. The RaspberryPi Zero W has seen improvements as well.
Bluetooth firmware that was accidentally dropped has been added back in, and the rc.local file has been fixed to properly stop dmesg spam from showing up on the first console.
All of the RaspberryPi images have had their /boot partition increased, which is required due to the size of the new kernel packages.
The ODROID-C2 has been bumped to the 3.16.72 for its kernel.
All images now run dpkg-reconfigure xfonts-base on their first boot – this will cause a bit of a slow down for the first boot, but the result is that if you use VNC to any of them, they will no longer show a blank screen.
On the WSL front, we have added WSL ARM64 support, which you can find in the Windows store today.
Official Kali Linux LXD Container Image Released
LXD is a next generation system container manager. It offers a user experience similar to virtual machines but using Linux containers instead.
It is image based with pre-made images available for a wide number of Linux distributions and we are excited to announce that Kali Linux is now one of them. We are working on the documentation but would like to share the excellent article from Simos Xenitellis in which he details how to install and run Kismet in a LXD Kali container.
A couple of notes when installing Kali. If you choose to install Kali in a VM (rather than downloading our pre-made image), during the setup process, it should now detect if its running in VMware or VirtualBox and install the necessary packages to give you the best experience possible. However, if you have upgraded Kali rather than doing a fresh install, and never got around to installing these packages, the process has been automated by just running kali-setup. This program will have more functionally at a later date.
If you use Kali in a VirtualBox, please ensure you allocate 32 MB or more video memory to the VM, otherwise you may now run into some “interesting” issues where the screen is frozen after login through the graphical greeter, as if the computer had crashed, except that it’s working (you could confirm it by switching to another virtual terminal). If you are affected by this problem, you might see the following message from the kernel: [drm] Error -12 pinnning new fb, out of video mem?.
If you are using Kali Linux via Vagrant, the path has now changed. It can now be found here: kalilinux/rolling.
Apps similar to Kali Linux 4
Download the latest version of the Linux operating system.
Arch Linux is an independently developed, i686/x86-64 general purpose GNU/Linux distribution versatile enough to suit any role.
The Kali Linux NetHunter project is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security.