Kali Linux is a

Debian Debian (), also known as Debian GNU/Linux, is a Linux distribution composed of free and open-source software, developed by the community-supported Debian Project, which was established by Ian Murdock on August 16, 1993. The first version of D ...

-derived

Linux distribution A Linux distribution (often abbreviated as distro) is an operating system made from a software collection that includes the Linux kernel and, often, a package management system. Linux users usually obtain their operating system by downloading one ...

designed for

digital forensics Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery, investigation, examination and analysis of material found in digital devices, often in relation to mobile devices and co ...

and

penetration test A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. T ...

ing. It is maintained and funded by

Offensive Security Offensive Security is an American international company working in information security, penetration testing and digital forensics. Operating from around 2007, the company created open source projects, advanced security courses, the ExploitDB v ...

. Kali Linux has around 600 penetration-testing programs (tools), including

Armitage Armitage is a village in Staffordshire, England on the south side of the Trent and Mersey Canal south just outside of the market town of Rugeley and north of the city of Lichfield, and noteworthy for the Armitage Shanks sanitary porcelain factor ...

(a graphical cyber attack management tool),

Nmap Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym ''Fyodor Vaskovich''). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides ...

port scanner A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host ...

Wireshark Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 d ...

packet analyzer A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or p ...

metasploit The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7. It ...

(penetration testing framework),

John the Ripper John the Ripper is a free password cracking software tool. Originally developed for the Unix operating system, it can run on fifteen different platforms (eleven of which are architecture-specific versions of Unix, DOS, Win32, BeOS, and OpenVMS) ...

(a password cracker), sqlmap (automatic

SQL injection In computing, SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL inj ...

and

database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases sp ...

takeover tool),

Aircrack-ng Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monito ...

software suite A software suite (also known as an application suite) is a collection of computer programs (application software, or programming software) of related functionality, sharing a similar user interface and the ability to easily exchange data with each ...

for penetration-testing

wireless LAN A wireless LAN (WLAN) is a wireless computer network A wireless network is a computer network that uses wireless data connections between network nodes. Wireless networking is a method by which homes, telecommunications networks and bus ...

s), Burp suite and

OWASP ZAP OWASP ZAP (short for Zed Attack Proxy) is an open-source web application security scanner. It is intended to be used by both those new to application security as well as professional penetration testers. It is one of the most active Open Web App ...

web application security scanner A dynamic application security testing (DAST) is a non functional testing process where one can assess an application using certain techniques and the end result of such testing process covers security weaknesses and vulnerabilities present in an ap ...

s, etc. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of

BackTrack BackTrack was a Linux distribution that focused on security, based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distr ...

, their previous information security testing Linux distribution based on Knoppix. The name was inspired by the Hindu goddess

Kali Kali (; sa, काली, ), also referred to as Mahakali, Bhadrakali, and Kalika ( sa, कालिका), is a Hinduism, Hindu goddess who is considered to be the goddess of ultimate power, time, destruction and change in Shaktism. In t ...

. Kali Linux is based on the Debian ''Testing'' branch. Most packages Kali uses are imported from the Debian repositories. Kali Linux's popularity grew when it was featured in multiple episodes of the TV series ''

Mr. Robot ''Mr. Robot'' is an American drama thriller television series created by Sam Esmail for USA Network. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker with social anxiety disorder, clinical depression and dissociati ...

''. Tools highlighted in the show and provided by Kali Linux include Bluesniff, Bluetooth Scanner (btscanner), John the Ripper, Metasploit Framework, Nmap, Shellshock, and Wget. The tagline of Kali Linux and BackTrack is "the quieter you become, the more you are able to hear", which is displayed on some backgrounds.

Version history

The first version, 1.0.0 "moto", was released in March 2013. With version 2019.4 in November 2019, the default user interface was switched from

GNOME A gnome is a mythological creature and diminutive spirit in Renaissance magic and alchemy, first introduced by Paracelsus in the 16th century and later adopted by more recent authors including those of modern fantasy literature. Its characte ...

to Xfce, with a GNOME version still available. With version 2020.3 in August 2020, the default

shell Shell may refer to: Architecture and design * Shell (structure), a thin structure ** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses ** Thin-shell structure Science Biology * Seashell, a hard o ...

was switched from

Bash Bash or BASH may refer to: Arts and entertainment * ''Bash!'' (Rockapella album), 1992 * ''Bash!'' (Dave Bailey album), 1961 * '' Bash: Latter-Day Plays'', a dramatic triptych * ''BASH!'' (role-playing game), a 2005 superhero game * "Bash" ('' ...

ZSH The Z shell (Zsh) is a Unix shell that can be used as an interactive login shell (computing), shell and as a command line interpreter, command interpreter for shell scripting. Zsh is an extended Bourne shell with many improvements, including som ...

, with Bash remaining as an option.

Requirements

Kali Linux requires: *A minimum of 20GB hard disk space for installation depending on the version, Version 2020.2 requires at least 20GB. *A minimum of 2GB RAM for i386 and AMD64 architectures. *A bootable CD-DVD drive or a USB stick. *A minimum of an

Intel Core i3 The following is a list of Intel Core i3 brand microprocessors. These processors are designed with cheap price points, while still retaining the power of the Intel Core line. As such they (along with Intel's i5 series) are often found in laptop ...

or an

AMD E1 Advanced Micro Devices, Inc. (AMD) is an American multinational semiconductor company based in Santa Clara, California, that develops computer processors and related technologies for business and consumer markets. While it initially manufactu ...

processor for good performance. The recommended hardware specification for a smooth experience are: * 50 GB of hard disk space, SSD preferred *At least 2GB of

RAM Ram, ram, or RAM may refer to: Animals * A male sheep * Ram cichlid, a freshwater tropical fish People * Ram (given name) * Ram (surname) * Ram (director) (Ramsubramaniam), an Indian Tamil film director * RAM (musician) (born 1974), Dutch * ...

Supported platforms

Kali Linux is distributed in

32-bit In computer architecture, 32-bit computing refers to computer systems with a processor, memory, and other major system components that operate on data in 32-bit units. Compared to smaller bit widths, 32-bit computers can perform large calculation ...

and

64-bit In computer architecture, 64-bit Integer (computer science), integers, memory addresses, or other Data (computing), data units are those that are 64 bits wide. Also, 64-bit central processing unit, CPUs and arithmetic logic unit, ALUs are those ...

images for use on hosts based on the

x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel based on the Intel 8086 microprocessor and its 8088 variant. The 8086 was introd ...

instruction set In computer science, an instruction set architecture (ISA), also called computer architecture, is an abstract model of a computer. A device that executes instructions described by that ISA, such as a central processing unit (CPU), is called an ' ...

and as an image for the

ARM architecture ARM (stylised in lowercase as arm, formerly an acronym for Advanced RISC Machines and originally Acorn RISC Machine) is a family of reduced instruction set computer (RISC) instruction set architectures for computer processors, configured ...

for use on the

Beagle Board The BeagleBoard is a low-power open-source single-board computer produced by Texas Instruments in association with Digi-Key and Newark element14. The BeagleBoard was also designed with open source software development in mind, and as a way of ...

computer and Samsung's ARM

Chromebook A Chromebook (sometimes stylized in lowercase as chromebook) is a laptop or tablet running the Linux-based ChromeOS as its operating system. Initially designed to heavily rely on web applications for tasks using the Google Chrome browser, Chromeb ...

. The developers of Kali Linux aim to make Kali Linux available for even more ARM devices. Kali Linux is already available for Asus Chromebook Flip C100P,

BeagleBone Black The BeagleBoard is a low-power open-source single-board computer produced by Texas Instruments in association with Digi-Key and Newark element14. The BeagleBoard was also designed with open source software development in mind, and as a way of de ...

, HP

, CubieBoard 2,

CuBox CuBox and CuBox-i are series of small and fanless nettop-class computers manufactured by the Israeli company SolidRun Ltd. They are all cube-shaped and sized at approximately 2 × 2 × 2 inches (5 cm) and weigh 91 grams (0.2 lb, or 3. ...

-i,

Raspberry Pi Raspberry Pi () is a series of small single-board computers (SBCs) developed in the United Kingdom by the Raspberry Pi Foundation in association with Broadcom. The Raspberry Pi project originally leaned towards the promotion of teaching basic ...

, EfikaMX, Odroid U2, Odroid XU, Odroid XU3,

Samsung Chromebook A Chromebook (sometimes stylized in lowercase as chromebook) is a laptop or tablet running the Linux-based ChromeOS as its operating system. Initially designed to heavily rely on web applications for tasks using the Google Chrome browser, Chromeb ...

, Utilite Pro, Galaxy Note 10.1, and SS808. With the arrival of

Kali NetHunter Kali NetHunter is a free and open-source mobile penetration testing platform for Android devices, based on Kali Linux. Kali NetHunter is available for un-rooted devices (NetHunter Rootless), for rooted devices that have a standard recovery (NetHu ...

, Kali Linux is also officially available on Android devices such as the Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, OnePlus One, and some Samsung Galaxy models. It has also been made available for more Android devices through unofficial community builds. Kali Linux is available on

Windows 10 Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on J ...

, on top of

Windows Subsystem for Linux Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...

(WSL). The official Kali distribution for Windows can be downloaded from the

Microsoft Store Microsoft Store (formerly known as Windows Store) is a digital distribution platform operated by Microsoft. It started as an app store for Windows 8 and Windows Server 2012 as the primary means of distributing Universal Windows Platform apps ...

Features

Kali Linux has a dedicated project set aside for compatibility and porting to specific Android devices, called

. It is the first open source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member "BinkyBear" and Offensive Security. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as Bad USB MITM attacks.

(Kali's predecessor) contained a mode known as forensic mode, which was carried over to Kali via live boot. This mode is very popular for many reasons, partly because many Kali users already have a bootable Kali USB drive or CD, and this option makes it easy to apply Kali to a forensic job. When booted in forensic mode, the system doesn't touch the internal hard drive or swap space and auto mounting is disabled. However, the developers recommend that users test these features extensively before using Kali for real world forensics.

Comparison with other Linux distributions

Kali Linux is developed with a focus towards cyber security experts, penetration testers, and white-hat hackers. There are a few other distributions dedicated to penetration testing, such as

Parrot OS Parrot OS is a Linux distribution based on Debian with a focus on security, privacy, and development. Core Parrot is based on Debian's "testing" branch, with a Linux 5.10 kernel. It follows a rolling release development model. The desktop en ...

, BlackArch, an
Wifislax
. Kali Linux has stood out against these other distributions for cyber security and penetration testing, as well as having features such as the default user being the

superuser In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of t ...

in the Kali Live Environment.

Tools

Kali Linux includes security tools, such as: *

Autopsy An autopsy (post-mortem examination, obduction, necropsy, or autopsia cadaverum) is a surgical procedure that consists of a thorough examination of a corpse by dissection to determine the cause, mode, and manner of death or to evaluate any di ...

* Burp suite * BeEF * Cisco Global Exploiter * Ettercap *

Hashcat Hashcat is a password recovery tool. It had a proprietary code base until 2015, but was then released as open source software. Versions are available for Linux, OS X, and Windows. Examples of hashcat-supported hashing algorithms are LM hashes, MD4, ...

* Kismet *

Lynis Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security de ...

Maltego Maltego is software used for open-source intelligence and forensics, developed by Paterva from Pretoria, Pretoria, South Africa. Maltego focuses on providing a library of transforms for discovery of data from open sources, and visualizing that inf ...

Metasploit The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7. It ...

framework *

* Nikto *

* Social engineering tools *Sqlmap *

* WPScan * Nessus *

Zenmap Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym ''Fyodor Vaskovich''). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provide ...

* Hydra * Reverse engineering toolkit * Foremost * Volatility * VulnHub These tools can be used for a number of purposes, most of which involve exploiting a victim network or application, performing network discovery, or scanning a target IP address. Many tools from the previous version (

) were eliminated to focus on the most popular and effective penetration testing applications. Offensive Security provides a book, ''Kali Linux Revealed'', and makes it available for free download.

References

External links

* * * {{Authority control ARM operating systems Debian-based distributions Digital forensics software Linux distributions Operating system distributions bootable from read-only media Pentesting software toolkits Rolling Release Linux distributions X86-64 Linux distributions