Kali Linux is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.

It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. The third core developer Raphaël Hertzog joined them as Debian expert.

Kali Linux is based on Debian Wheezy. Most packages Kali uses are imported from the Debian repositories.

Kali Linux is developed in a secure location with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom built kernel tha is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.

More versions:

What's New:

Today we’re pushing out the first Kali Linux release of the year with Kali Linux 2021.1. This edition brings enhancements of existing features, and is ready to be downloaded or upgraded if you have an existing Kali Linux installation.

The summary of the changelog since the 2020.4 release from November 2020 is:

  • Xfce 4.16 - Our preferred and current default desktop environment has been updated and tweaked
  • KDE 5.20 - Plasma also received a version bump
  • Terminals - mate-terminal, terminator and tilix all had various work carried out on them
  • Command Not Found - A helping hand to say if a program needs to be installed
  • Partnership with more tool authors - BC Security & Joohoi have been producing great tools and we want to support them
  • New tools & updates - Multiple new tools have been added to Kali and are ready for you
  • Kali NetHunter - New BusyBox & Rucky version, and boot-animation
  • Kali ARM - Preliminary support for Parallels on Apple Silicon (Apple M1) & Raspberry Pi 400 (WiFi Support)
  • The Kali project itself also has a couple different changes:
  • New Kali website - You may have noticed a few things looking different
  • Kali newsletter - Rather than you coming to us for updates, we can push them to your inbox

Xfce and KDE Updates

How you choose to interact with Kali is completely up to you. You may want to access Kali locally or remotely, either graphically or on the command line. Even when you pick a method, there are still options you can choose from, such as a desktop environment.

By default, Kali uses Xfce, but during the setup process, allows for GNOME, KDE, or no GUI to be selected. After the setup is complete, you can install even more. We have pre-configurations for Enlightenment, i3, LXDE, and MATE as well.

So when a desktop environment gets an update, they often enhance day-to-day activities for their users. It’s best to hear it straight from the authors, for a tour of what’s changed:

  • Xfce 4.16
  • KDE 5.20

Terminals Tweaks

When we use Kali, we spend a significant amount of time using the command line. A lot of the time, we do it using a local terminal (rather than in a console or remote SSH). With the options of desktop environments, there are also choices when it comes to the terminals (same with what shell to use). We have been working away on various terminals (xfce4-terminal, tmux, tilix, konsole, qterminal, and mate-terminal) to “Kali-fy” them.

Finding Commands That Didn’t Want To Be Found

A while ago, we changed the default set of tools installed in Kali. Most users know they can either install a one-off package, or revert back to the old set of defaults (apt install kali-linux-large). But to help communicate our changes (as well as any new tools), we have now included command-not-found by default. This is an “optional” package, which can be removed without removing all of kali-linux-default.

New Tools in Kali

It wouldn’t be a Kali release if there weren’t any new tools added! A quick run down of what’s been added (to the network repositories):

  • Airgeddon - Audit wireless networks
  • AltDNS - Generates permutations, alterations and mutations of subdomains and then resolves them
  • Arjun - HTTP parameter discovery suite
  • Chisel - A fast TCP/UDP tunnel over HTTP
  • DNSGen - Generates combination of domain names from the provided input
  • DumpsterDiver - Search secrets in various filetypes
  • GetAllUrls - Fetch known URLs from AlienVault’s Open Threat Exchange, the Wayback Machine, and Common Crawl
  • GitLeaks - Searches Git repo’s history for secrets and keys
  • HTTProbe - Take a list of domains and probe for working HTTP and HTTPS servers
  • MassDNS - A high-performance DNS stub resolver for bulk lookups and reconnaissance
  • PSKracker - WPA/WPS toolkit for generating default keys/pins
  • WordlistRaider - Preparing existing wordlists