Kali Linux is a

Linux distribution A Linux distribution, often abbreviated as distro, is an operating system that includes the Linux kernel for its kernel functionality. Although the name does not imply product distribution per se, a distro—if distributed on its own—is oft ...

designed for

digital forensics Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery, investigation, examination, and analysis of material found in digital devices, often in relation to mobile devices and com ...

and

penetration test A penetration test, colloquially known as a pentest, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is perform ...

ing. It is maintained and funded by Offensive Security. The software is based on the

Debian Debian () is a free and open-source software, free and open source Linux distribution, developed by the Debian Project, which was established by Ian Murdock in August 1993. Debian is one of the oldest operating systems based on the Linux kerne ...

''Testing'' branch: most packages Kali uses are imported from the Debian repositories. The tagline of Kali Linux and BackTrack is "The quieter you become, the more you are able to hear", which is displayed on some backgrounds, see this example. Kali Linux has gained immense popularity in the cybersecurity community due to its comprehensive set of tools designed for penetration testing, vulnerability analysis, and reverse engineering. Kali Linux has approximately 600 penetration-testing programs (tools), including Armitage (a graphical cyber attack management tool), Nmap (a port scanner),

Wireshark Wireshark is a Free and open-source software, free and open-source packet analyzer. It is used for computer network, network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, ...

packet analyzer A packet analyzer (also packet sniffer or network analyzer) is a computer program or computer hardware such as a packet capture appliance that can analyze and log traffic that passes over a computer network or part of a network. Packet capt ...

), metasploit (penetration testing framework), John the Ripper (a password cracker), sqlmap (automatic SQL injection and

database In computing, a database is an organized collection of data or a type of data store based on the use of a database management system (DBMS), the software that interacts with end users, applications, and the database itself to capture and a ...

takeover tool), Aircrack-ng (a

software suite A software suite (also known as an application suite) is a collection of computer programs (application software, or programming software) of related functionality, sharing a similar user interface and the ability to easily exchange data with eac ...

for penetration-testing

wireless LAN A wireless LAN (WLAN) is a wireless computer network that links two or more devices using wireless communication to form a local area network (LAN) within a limited area such as a home, school, computer laboratory, campus, or office building ...

s), Burp Suite, and OWASP ZAP web application security scanners, etc. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous information security testing Linux distribution based on Knoppix. Kali Linux's popularity grew when it was featured in multiple episodes of the TV series ''

Mr. Robot ''Mr. Robot'' is an American drama thriller television series created by Sam Esmail for USA Network. It stars Rami Malek as Elliot Alderson, a cybersecurity engineer and hacker with social anxiety disorder, clinical depression, and dissoci ...

''. Tools highlighted in the show and provided by Kali Linux include Bluesniff,

Bluetooth Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is li ...

Scanner (btscanner), John the Ripper, Metasploit Framework, Nmap, Shellshock, and Wget.

Version history

The first version, 1.0.0 "moto", was released in March 2013. With version 2019.4 in November 2019, the default user interface was switched from

GNOME A gnome () is a mythological creature and diminutive spirit in Renaissance magic and alchemy, introduced by Paracelsus in the 16th century and widely adopted by authors, including those of modern fantasy literature. They are typically depict ...

Xfce Xfce or XFCE (pronounced as four individual letters, ) is a Free and open-source software, free and open-source desktop environment for Linux and other Unix-like operating systems. Xfce aims to be fast and Lightweight software, lightweight whil ...

, with a GNOME version still available. With version 2020.3 in August 2020, the default

shell Shell may refer to: Architecture and design * Shell (structure), a thin structure ** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses Science Biology * Seashell, a hard outer layer of a marine ani ...

was switched from Bash to ZSH, with Bash remaining as an option. With version 2024.4 in December 2024, version 6.11 of the Linux kernel is introduced, official support for 32-bit images is dropped, and DSA keys are deprecated for OpenSSH. Kali Linux is based on the teachings in ''Kali Linux Revealed: Mastering the Penetration Testing Distribution'' by Mati Aharoni and Devon Kearns. The book provides detailed insights into how to use Kali Linux for penetration testing, providing a comprehensive guide to its features and tools.

Forensic mode

BackTrack (Kali's predecessor) contained a mode known as forensic mode, which was carried over to Kali via live boot. This mode is very popular for many reasons, partly because many Kali users already have a bootable Kali USB drive or CD, and this option makes it easy to apply Kali to a forensic job. When booted in forensic mode, the system doesn't touch the internal hard drive or swap space and auto mounting is disabled. However, the developers recommend that users test these features extensively before using Kali for real world forensics.

Requirements

Kali Linux requires: *A minimum of 20GB hard disk space for installation, depending on the version. Version 2020.2 requires at least 20GB. *A minimum of 2GB RAM for i386 and AMD64 architectures. *A CD-DVD drive, USB stick or other bootable media. *A minimum of an Intel Core i3 or an AMD E1 processor for good performance. The recommended hardware specification for a smooth experience are: * 50 GB of hard disk space,

SSD A solid-state drive (SSD) is a type of solid-state storage device that uses Integrated circuit, integrated circuits to store data persistence (computer science), persistently. It is sometimes called semiconductor storage device, solid-stat ...

preferred. *At least 2GB of RAM.

Supported platforms

Kali Linux is currently distributed as a

64-bit In computer architecture, 64-bit integers, memory addresses, or other data units are those that are 64 bits wide. Also, 64-bit central processing units (CPU) and arithmetic logic units (ALU) are those that are based on processor registers, a ...

images for use on hosts based on the x86-64 architecture and as an image for the

ARM architecture ARM (stylised in lowercase as arm, formerly an acronym for Advanced RISC Machines and originally Acorn RISC Machine) is a family of reduced instruction set computer, RISC instruction set architectures (ISAs) for central processing unit, com ...

for use on the Beagle Board computer and Samsung's ARM

Chromebook Chromebook (sometimes stylized in lowercase as chromebook) is a line of laptops, desktops, tablets and all-in-one computers that run ChromeOS, a proprietary operating system developed by Google. Chromebooks are optimised for web access. They al ...

. With the release of 2024.4,

32-bit In computer architecture, 32-bit computing refers to computer systems with a processor, memory, and other major system components that operate on data in a maximum of 32- bit units. Compared to smaller bit widths, 32-bit computers can perform la ...

images based on the i386 architecture were officially dropped. The developers of Kali Linux aim to make Kali Linux available for more ARM devices. Kali Linux is already available for Asus Chromebook Flip C100P, BeagleBone Black, HP

, CubieBoard 2,

CuBox CuBox and CuBox-i are series of small and fanless nettop-class computers manufactured by the Israeli company SolidRun Ltd. They are all cube-shaped and sized at approximately 2 × 2 × 2 inches (5 cm) and weigh 91 grams (0.2 lb, or 3 ...

-i,

Raspberry Pi Raspberry Pi ( ) is a series of small single-board computers (SBCs) developed in the United Kingdom by the Raspberry Pi Foundation in collaboration with Broadcom Inc., Broadcom. To commercialize the product and support its growing demand, the ...

, EfikaMX, Odroid U2, Odroid XU, Odroid XU3, Samsung Chromebook, Utilite Pro, Galaxy Note 10.1, and SS808. With the arrival of Kali NetHunter, Kali Linux is also officially available on Android devices such as the Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, OnePlus One, and some Samsung Galaxy models. It has also been made available for more Android devices through unofficial community builds. Kali Linux is available on

Windows 10 Windows 10 is a major release of Microsoft's Windows NT operating system. The successor to Windows 8.1, it was Software release cycle#Release to manufacturing (RTM), released to manufacturing on July 15, 2015, and later to retail on July 2 ...

, on top of Windows Subsystem for Linux (WSL). The official Kali distribution for Windows can be downloaded from the

Microsoft Store The Microsoft Store (formerly known as the Windows Store) is a digital distribution platform operated by Microsoft. It was created as an app store for Windows 8 as the primary means of distributing Universal Windows Platform apps. With ...

Comparison with other Linux distributions

Kali Linux is developed with a focus towards cyber security experts, penetration testers, and white-hat hackers. There are a few other distributions dedicated to penetration testing, such as Parrot OS, BlackArch, and Wifislax. Kali Linux has stood out against these other distributions for cyber security and penetration testing, as well as having features such as the default user being the

superuser In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of the ...

in the Kali Live Environment.

Tools

Kali Linux includes security tools, such as: * Aircrack-ng *

Autopsy An autopsy (also referred to as post-mortem examination, obduction, necropsy, or autopsia cadaverum) is a surgical procedure that consists of a thorough examination of a corpse by dissection to determine the cause, mode, and manner of deat ...

* Armitage * Burp Suite * BeEF * Cisco Global Exploiter * Ettercap * Foremost * Hydra * Hashcat * John the Ripper * Kismet * Lynis * Maltego * Metasploit framework * Nmap * Nikto * OWASP ZAP * Reverse engineering toolkit * Social engineering tools * Sqlmap * Volatility * VulnHub *

* WPScan These tools can be used for a number of purposes, most of which involve exploiting a victim network or application, performing network discovery, or scanning a target IP address. Many tools from the previous version ( BackTrack) were eliminated to focus on the most popular and effective penetration testing applications. Offensive Security provides a book, ''Kali Linux Revealed'', and makes it available to download with a subscription. Official documentation from Offensive Security offers extensive details about Kali Linux’s installation process, security tools, and use cases for penetration testing and network auditing. Research conducted by cybersecurity professionals on Kali Linux tools such as Metasploit, Burp Suite, and Nmap has shown their effectiveness in penetration testing scenarios. Kali Linux is designed for use by security professionals, and tools like Metasploit, Wireshark, and Aircrack-ng are available to users for tasks such as network penetration testing and vulnerability assessments.

Kali Purple

Kali Purple is a flavor of Kali introduced in 2023 specifically designed for defensive security. It features its own suite of tools sorted into categories that correspond to the

NIST The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical s ...

Cybersecurity Framework.

Kali NetHunter

Kali NetHunter, an official Android-based penetration testing platform, expands Kali’s capabilities, allowing penetration testing from Android devices, providing features like wireless frame injection and MITM attacks. It was the first open source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member "BinkyBear" and Offensive Security. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as Bad USB MITM attacks.

References

External links

* {{Authority control ARM operating systems Debian-based distributions Digital forensics software Linux distributions Operating system distributions bootable from read-only media Pentesting software toolkits Rolling release Linux distributions X86-64 Linux distributions