Developer | Offensive Security |
---|---|
OS family | Linux (Unix-like) |
Working state | Active |
Source model | Open-source |
Initial release | 13 March 2013 [1] |
Latest release | 2024.4 [2] / 16 December 2024 |
Repository | |
Update method | Rolling release |
Package manager | APT (several front-ends available) |
Platforms | x86, x86-64, armel, armhf |
Kernel type | Monolithic (Linux) |
Default user interface | Xfce, [3] GNOME, [3] KDE [3] |
License | GNU General Public License v3.0 |
Official website | www |
Support status | |
Active |
Kali Linux is a Linux distribution designed for digital forensics and penetration testing. [4] It is maintained and funded by Offensive Security. [5] The software is based on the Debian Testing branch: most packages Kali uses are imported from the Debian repositories. [6] The tagline of Kali Linux and BackTrack is "The quieter you become, the more you are able to hear", which is displayed on some backgrounds, see this example.
Kali Linux has approximately 600 [7] penetration-testing programs (tools), including Armitage (a graphical cyber attack management tool), Nmap (a port scanner), Wireshark (a packet analyzer), metasploit (penetration testing framework), John the Ripper (a password cracker), sqlmap (automatic SQL injection and database takeover tool), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP web application security scanners, [8] [9] etc. [10]
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous information security testing Linux distribution based on Knoppix.[ citation needed ]
Kali Linux's popularity grew when it was featured in multiple episodes of the TV series Mr. Robot . Tools highlighted in the show and provided by Kali Linux include Bluesniff, Bluetooth Scanner (btscanner), John the Ripper, Metasploit Framework, Nmap, Shellshock, and Wget. [11] [12] [13]
Kali Linux has a dedicated project set aside for compatibility and porting to specific Android devices, called Kali NetHunter. [14]
It is the first open source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member "BinkyBear" and Offensive Security. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as Bad USB MITM attacks. [14]
BackTrack (Kali's predecessor) contained a mode known as forensic mode, which was carried over to Kali via live boot. This mode is very popular for many reasons, partly because many Kali users already have a bootable Kali USB drive or CD, and this option makes it easy to apply Kali to a forensic job. When booted in forensic mode, the system doesn't touch the internal hard drive or swap space and auto mounting is disabled. However, the developers recommend that users test these features extensively before using Kali for real world forensics. [15]
The first version, 1.0.0 "moto", was released in March 2013. [1]
With version 2019.4 in November 2019, the default user interface was switched from GNOME to Xfce, with a GNOME version still available. [3]
With version 2020.3 in August 2020, the default shell was switched from Bash to ZSH, with Bash remaining as an option. [16]
With version 2024.4 in December 2024, version 6.11 of the Linux kernel is introduced, official support for 32-bit images is dropped, and DSA keys are deprecated for OpenSSH. [17]
Kali Linux requires: [18]
The recommended hardware specification for a smooth experience are:
Kali Linux is currently distributed as a 64-bit images for use on hosts based on the x86-64 architecture and as an image for the ARM architecture for use on the Beagle Board computer and Samsung's ARM Chromebook. [19] With the release of 2024.4, 32-bit images based on the i386 architecture were officially dropped. [17] [20]
The developers of Kali Linux aim to make Kali Linux available for more ARM devices. [21]
Kali Linux is already available for Asus Chromebook Flip C100P, BeagleBone Black, HP Chromebook, CubieBoard 2, CuBox, CuBox-i, Raspberry Pi, EfikaMX, Odroid U2, Odroid XU, Odroid XU3, Samsung Chromebook, Utilite Pro, Galaxy Note 10.1, and SS808. [22]
With the arrival of Kali NetHunter, Kali Linux is also officially available on Android devices such as the Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, OnePlus One, and some Samsung Galaxy models. It has also been made available for more Android devices through unofficial community builds.
Kali Linux is available on Windows 10, on top of Windows Subsystem for Linux (WSL). The official Kali distribution for Windows can be downloaded from the Microsoft Store. [23]
Kali Linux is developed with a focus towards cyber security experts, penetration testers, and white-hat hackers. There are a few other distributions dedicated to penetration testing, such as Parrot OS, BlackArch, and Wifislax. Kali Linux has stood out against these other distributions for cyber security and penetration testing, [24] as well as having features such as the default user being the superuser in the Kali Live Environment. [25]
Kali Linux includes security tools, such as: [7] [26] [27] [28] [29] [30] [31] [32] [33]
These tools can be used for a number of purposes, most of which involve exploiting a victim network or application, performing network discovery, or scanning a target IP address. Many tools from the previous version (BackTrack) were eliminated to focus on the most popular and effective penetration testing applications.
Offensive Security provides a book, Kali Linux Revealed, [34] and makes it available for free download. [35]
Kali Purple is a flavor of Kali introduced in 2023 specifically designed for defensive security. [36] It features its own suite of tools sorted into categories that correspond to the NIST Cybersecurity Framework. [37]
A Linux distribution is an operating system that includes the Linux kernel for its kernel functionality. Although the name does not imply product distribution per se, a distro, if distributed on its own, is often obtained via a website intended specifically for the purpose. Distros have been designed for a wide variety of systems ranging from personal computers to servers and from embedded devices to supercomputers.
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
A white hat is an ethical security hacker. Ethical hacking is a term meant to imply a broader category than just penetration testing. Under the owner's consent, white-hat hackers aim to identify any vulnerabilities or security issues the current system has. The white hat is contrasted with the black hat, a malicious hacker; this definitional dichotomy comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat, respectively. There is a third kind of hacker known as a grey hat who hacks with good intentions but at times without permission.
Pardus is a Linux distribution developed with support from the government of Turkey. Pardus' main focus is office-related work including use in Turkish government agencies. Despite that, Pardus ships in several languages. Its ease of use and availability free of charge has spawned numerous communities throughout the world.
OpenVAS is the scanner component of Greenbone Vulnerability Management (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management.
BackTrack was a Linux distribution that focused on security, based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribution and released it under the name Kali Linux.
Parsix GNU/Linux was a live-CD Linux distribution based on Debian. The Parsix project's goal was to provide a ready-to-use, easy-to-install, desktop and laptop-optimized operating system based on Debian's testing branch and the latest stable release of GNOME. It was possible to install extra software packages from the project's own APT repositories.
Offensive Security Certified Professional is an ethical hacking certification offered by Offensive Security that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution. The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is considered more technical than other ethical hacking certifications, and is one of the few certifications that requires evidence of practical penetration testing skills.
Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64-bit installable live CD. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched Wi-Fi drivers, GPGPU cracking software, and many tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches - with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.
BackBox is a penetration test and security assessment oriented Ubuntu-based Linux distribution providing a network and informatic systems analysis toolkit. It includes a complete set of tools required for ethical hacking and security testing.
Parrot OS is a Linux distribution based on Debian with a focus on security, privacy, and development.
Offensive Security is an American international company working in information security, penetration testing and digital forensics. Operating from around 2007, the company created open source projects, advanced security courses, the ExploitDB vulnerability database, and the Kali Linux distribution. The company was started by Mati Aharoni, and employs security professionals with experience in security penetration testing and system security evaluation. The company has provided security counseling and training to many technology companies.
Kali NetHunter is a free and open-source mobile penetration testing platform for Android devices, based on Kali Linux. Kali NetHunter is available for non-rooted devices, for rooted devices that have a standard recovery, and for rooted devices with custom recovery for which a NetHunter specific kernel is available (NetHunter). Official images are published by Offensive Security on their download page and are updated every quarter. NetHunter images with custom kernels are published for the most popular supported devices, such as Google Nexus, Samsung Galaxy and OnePlus. Many more models are supported, and images not published by Offensive Security can be generated using NetHunter build scripts. Kali NetHunter is maintained by a community of volunteers, and is funded by Offensive Security.
BlackArch is a penetration testing distribution based on Arch Linux that provides a large number of security tools. It is an open-source distro created specially for penetration testers and security researchers. The repository contains more than 2900 tools that can be installed individually or in groups. BlackArch Linux is compatible with existing Arch Linux installations.
Kon-Boot is a software utility that allows users to bypass Microsoft Windows passwords and Apple macOS passwords without lasting or persistent changes to system on which it is executed. It is also the first reported tool capable of bypassing Windows 10 online (live) passwords and supporting both Windows and macOS systems. It is also a widely used tool in computer security, especially in penetration testing. Since version 3.5 Kon-Boot is also able to bypass SecureBoot feature.
Bootloader unlocking is the process of disabling the bootloader security that makes secure boot possible. It can make advanced customizations possible, such as installing custom firmware. On smartphones, this can be a custom Android distribution or another mobile operating system. Some bootloaders are not locked at all and some are locked, but can be unlocked with a command or with assistance from the manufacturer. Some do not include an unlocking method and can only be unlocked through a software exploit.
ExploitDB, sometimes stylized as Exploit Database or Exploit-Database, is a public and open source vulnerability database maintained by Offensive Security. It is one of the largest and most popular exploit databases in existence. While the database is publicly available via their website, the database can also be used by utilizing the searchsploit command-line tool which is native to Kali Linux.
Mati Aharoni: One of our goals with Kali is to provide images of the operating system for all sorts of exotic hardware—mainly ARM based. This includes everything from Raspberry Pi's to tablets, to Android TV devices, with each piece of hardware having some unique property.