Kali Linux Review

Good news! There’s new release of the Kali Linux which is a reincarnation of the BackTrack. If you work in forensic analysis, network security, and penetration testing, then it’s very important to keep your tools updated, so you will be protected from the latest known threats, as well as you will get the latest tools at your control.

Introduction to Kali Linux

Kali Linux is open-source project which is funded and maintained by Offensive Security. Offensive Security is the provider of world-class penetration testing services and information security training. Beside Kali Linux, Offensive Safety maintains also Exploit Database and free on-line program called “Metasploit Unleashed”.

Kali Linux is Debian-based distro that continues where the BackTrack stopped. Kali Linux is installable, but a general concept of Kali is to make use of it from a live session, running all kinds of probes, tests and also investigations against the network targets and the offline local storage. It is geared up with both Linux-oriented and Windows tools. The announcement of the new release provides a brief overview of it and its network security features.

But in short words, what’s new inside the new Kali 2.0?

There is new 4.0 kernel version that is based on the Debian Jessie with a lot of improvements in the hardware and wireless driver coverage, which support for a wide variety of Desktop Environments such as KDE, Gnome3, mate, e17, xfce, i3wm, and lxde that are updated desktop environment and tools. But such bullet-point items are essentially side effects of real changes which have taken place in development backend of the Kali. Are you ready to hear some real news? Then take a deep breath because it is long list. Kali explains particularly that it isn’t necessary to reinstall the new release from scratch. If you are already running Kali on your desktop, you can simply get the latest updates as just-upgrade, and you’re all set.

Also Kali Linux’s download page lists both the 32-bit and the 64-bit ISO images. Along with its standard “Live” images, which are whopping 2.8GB, there’re also “mini” images which are only 25MB or so, which are roughly equivalent to the Debian network installer (netinst) images as well. Kali Linux ISOs are hybrid images that implies that these ISOs can be either burned to DVD media or just dumped directly to any USB stick.

Why Kali 2.0 Is Different From Kali 1.x?

This’s probably one of the most asked question about Kali nowadays. But to answer this, you will have to read all the new features of Kali Linux 2.0 especially that are related to the network security.

Highlights of the New Kali

New Flavors of Kali Linux 2.0

Through Kali Live Build process, now Kali 2.0 natively supports KDE, GNOME3, Xfce, lxde, e17, MATE and i3wm. So to know why Kali is moved on to the GNOME 3 in the new release and marking its end of long abstinence period, you will notice that it’s because finally the team embraced the GNOME 3 and with few custom changes, it is grown to be your favorite desktop environment. The developers’ team also added custom support for the multi-level menus so that user can customize his Items more freely on his desktop as well as the true and beautiful terminal transparency, and other handful useful gnome shell extensions. There’re so many reasons that make Kali the best operating system now comparing to other Linux distros. Minimum RAM requirements for the full GNOME 3 session was increased to be 768 MB, but this isn’t an issue on the modern hardware, but it can be a crush on the lower-end machines. Don’t worry if your machine is a lower-end machines, as developers has released another official minimal version Kali 2.0 ISO image. This light flavor of the Kali includes some useful tools together with lightweight Xfce desktop environment as well as perfect solution for resource-constrained Computers/Laptops.

Support for the ARM Devices and Mobile Platforms

The Kali 2.0 comes up with the Kali Linux 2.0 ARM Images and the NetHunter 2.0. The ARM entire image section was updated across the board with the Kali 2.0 including the Raspberry Pi, Chromebooks, and Odroid. There’re some new images also in the process with the new release like the latest Chromebook Flip. There’s also another important change which they implemented in ARM images which are including kernel sources, for an easier gathering of the new drivers.

In the new official release, NetHunter got also an update to include Kali 2.0 that is, in my opinion, one of the favorite mobile penetration testing platform. They also released complete barrage of the new NetHunter images for the Nexus 5, 6, 7, 9, and 10. Also, the OnePlus One Device NetHunter image has been updated to the Kali 2.0 and now it has much-awaited image for the CM12 as well.

How to Upgrade to Kali 2.0?

Easier Updating and Upgrading

The packages on the Kali maybe up-to-date very easily without any worries about breaking anything. This happens because packages within Kali repositories are Debian Compliant. Kali distro itself can be upgraded to newer versions without a necessity to re-install the distro. User can upgrade his Kali 1.x to Kali 2.0, but to do this, user will need to edit his source.list entries, and also run a dist-upgrade. If there’s any type of errors comes or the user can’t upgrade his Kali, then, In this case, user is better off reinstalling the OS from scratch.

Switching From Ubuntu to Kali

User also can switch from the Ubuntu to the Kali. Kali Linux is based on Debian as we mentioned before, which turned out to be great move by the Offensive-Security. New Kali is more comfortable for making use of than its predecessor.

Updated VirtualBox and VMware Images

There are new VirtualBox and VMware Kali 2.0 images also for users who wanna try Kali in virtual environments. Those images include the 32-bit and the 64-bit flavors of GNOME 3 and also provide the full Kali environment.

Additional Information about Kali

Customizations of Kali ISOs

You can, if you need, also build your own customization of the Kali Linux. ISOs can be directly bootstrapped from the repositories which are maintained by Offensive Security.

Forensics Mode in Kali

While booting up the Kali Linux, there exists an option for the Live Forensic Mode. It’s quite helpful feature if users need to do some world forensic work actually. When you are into the Forensics Mode (FM), be sure that internal HD isn’t touched at all. Developers at the Offensive Security performed a Hash Comparison Test where the Hashes were taken off Hard Drive a bit earlier and after utilizing the Kali in the Forensics Mode and at the end of testing, hashes matched suggesting that there are no adjustments were made during this operation. The Automount of the Removable Media is disabled while in Forensics mode, as an extra note to be mentioned.

Metasploit Framework in Kali

Discussion on the Kali or the BackTrack for that matter can be at all incomplete without mentioning how nicely Metasploit Framework is integrated with this distribution. While the msfconsole brings it up, the msfupdate can update Metasploit framework. Just like in the Backtrack, the PostgreSQL is used for storing the database as described by the individuals in Offensive Security and rapid7 who are also behind Metasploit project.

Somehow the Metasploit Community/Pro No Longer Ships In Kali… Why?

The developers’ team has removed Metasploit Community/Pro package from Kali Linux due to the request of Rapid7 and now they host only the open-source Metasploit-framework package. For all user who require the Community/Pro version, they must download it from the Rapid7 website and then sign up and also submit their personal details in order for getting the Metasploit license.

Tools in Kali Linux

There are tools in Kali which are almost the same as found in the Backtrack. However, In Kali Linux menu, there are 10 safety tools that are highlighted as Top 10. Everybody who has worked on BackTrack would have no problem in guessing which tools could be out there on the Kali and which must be grabbed from repositories. More than 300 tools come packaged with the Kali which are efficient to serve all needs of almost all PenTests. These Top 10 tools are:

  • Burp suite: For Web Applications Pentesting.
  • Wireshark: It’s a Network Protocol Analyzer.
  • Aircrack-ng: For wireless Cracking.
  • Hydra: For on-line Brute-Forcing of Passwords.
  • Maltego: For Intelligence Gathering.
  • John: For offline Password Cracking.
  • Metasploit Framework: For Exploitation.
  • Owasp-zap: For finding vulnerabilities in web applications.
  • Nmap: For Network Scanning.
  • Sqlmap: For exploiting SQL injection Vulnerabilities.

300+ Pentesting Tools

This can be really very big collection, and chances are that we wouldn’t need all of them and we may need some which are not included by default. However, the packages can be grabbed from repositories as well, so that will never an issue.

Final Words

The Kali Linux 2.0 is very serious step forward for all of us, as we improve continuously the distro. Also, we are enjoying its new look, tools, features, as well as the workflow in this Upgrade.

Warning: Don’t trust everything your colleague or guys on the internet say such as if they ask you to hack someone Banking Details, ID password, Site or any other Personal information.

Note: The Kali looks like really a good network security distro. However, just simply by using it, you won’t become a Linux expert. That’s actually the prerequisite.

If you’re already an enthusiast or an expert with interest within the digital security realm, then you might need to give this outstanding operating system its due spin, even though it shall not repair your Wireless magically.