Kali Linux is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. The third core developer Raphaël Hertzog joined them as Debian expert.
Kali Linux is based on Debian Wheezy. Most packages Kali uses are imported from the Debian repositories.
Kali Linux is developed in a secure location with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom built kernel tha is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.
Kali NetHunter 2019.2 Release
Thanks to the tireless contributions from the vibrant NetHunter community led by re4son, binkybear, fattire, jmingov, jcadduono, kimocoder, and PaulWebSec, NetHunter now supports over 50 devices running all the latest Android versions, from KitKat through to Pie.
To celebrate this milestone, we have released 13 new NetHunter images for the latest Android versions of our favourite devices, including:
- Nexus 6 running Pie
- Nexus 6P, Oreo
- OnePlus2, Pie
- Galaxy Tab S4 LTE & WiFi, Oreo
These and many more can be downloaded from our NetHunter page. If you cannot find an image for your favourite device and you are interested in porting NetHunter, we would love for you to join our community and give it a crack. More information can be found at our new home on GitLab.
This release largely features various tweaks and bug fixes but there are still many updated tools including seclists, msfpc, and exe2hex.
For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.
For our ARM users, be aware that the first boot will take a bit longer than usual, as it requires the reinstallation of a few packages on the hardware. This manifests as the login manager crashing a few times until the packages finish reinstalling and is expected behaviour.
Previous release notes:
Welcome to our first release of 2019, Kali Linux 2019.1, which is available for immediate download. This release brings our kernel up to version 4.19.13, fixes numerous bugs, and includes many updated packages.
The big marquee update of this release is the update of Metasploit to version 5.0, which is their first major release since version 4.0 came out in 2011.
Metasploit 5.0 is a massive update that includes database and automation APIs, new evasion capabilities, and usability improvements throughout. Check out their in-progress release notes to learn about all the new goodness
Kali Linux 2019.1 also includes updated packages for theHarvester, DBeaver, and more. For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.
The 2019.1 Kali release for ARM includes the return of Banana Pi and Banana Pro, both of which are on the 4.19 kernel. Veyron has been moved to a 4.19 kernel and the Raspberry Pi images have been simplified so it is easier to figure out which one to use. There are no longer separate Raspberry Pi images for users with TFT LCDs because we now include re4son’s kalipi-tft-config script on all of them, so if you want to set up a board with a TFT, run ‘kalipi-tft-config’ and follow the prompts.
If you would like to check out this latest and greatest Kali release, you can find download links for ISOs and Torrents on the Kali Downloads page along with links to the Offensive Security virtual machine and ARM images, which have also been updated to 2019.1. If you already have a Kali installation you’re happy with, you can easily upgrade in place as follows.
Welcome to our fourth and final release of 2018, Kali Linux 2018.4, which is available for immediate download. This release brings our kernel up to version 4.18.10, fixes numerous bugs, includes many updated packages, and a very experimental 64-bit Raspberry Pi 3 image.
New Tools and Tool Upgrades
We have only added one new tool to the distribution in this release cycle but it’s a great one. Wireguard is a powerful and easy to configure VPN solution that eliminates many of the headaches one typically encounters setting up VPNs. Check out our Wireguard post for more details on this great addition.
Kali Linux 2018.4 also includes updated packages for Burp Suite, Patator, Gobuster, Binwalk, Faraday, Fern-Wifi-Cracker, RSMangler, theHarvester, wpscan, and more. For the complete list of updates, fixes, and additions, please refer to the Kali Bug Tracker Changelog.
64-bit Raspberry Pi 3
We have created a very experimental Raspberry Pi 3 image that supports 64-bit mode. Please note that this is a beta image, so if you discover anything that isn’t working, please alert us on our bug tracker.
This Kali release is the first to include the Linux 4.15 kernel, which includes the x86 and x64 fixes for the much-hyped Spectre and Meltdown vulnerabilities. It also includes much better support for AMD GPUs and support for AMD Secure Encrypted Virtualization, which allows for encrypting virtual machine memory such that even the hypervisor can’t access it.
Easier Metasploit Script Access
If you spend any significant amount of time writing exploits, you are undoubtedly familiar with the various Metasploit scripts that are available, such as pattern_create, pattern_offset, nasm_shell, etc. You are likely also aware that all of these helpful scripts are tucked away under /usr/share/metasploit-framework/tools/exploit/, which makes them more than a little difficult to make use of. Fortunately, as of metasploit-framework_4.16.34-0kali2, you can now make use of all these scripts directly as we have included links to all of them in the PATH, each of them prepended with msf-.
In addition to the above changes, there have been updates to a number of applications including Bloodhound, Reaver, PixieWPS, Burp Suite, Hashcat, and more. Since there are far too many packages to include in a default ISO, to see the full list of changes, we encourage you to review the Kali Changelog. Complete release notes here.