Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.
Kali Linux is preinstalled with over 300 penetration-testing programs, including Armitage (a graphical cyber attack management tool), nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper password cracker, Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP web application security scanners.Kali Linux can run natively when installed on a computer’s hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project’s Metasploit Framework, a tool for developing and executing security exploits.
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Knoppix. The third core developer Raphaël Hertzog joined them as Debian expert.
Kali Linux is based on Debian Testing. Most packages Kali uses are imported from the Debian repositories.
Kali Linux is developed using a secure environment with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom-built kernel that is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.
- Kali Linux requires a minimum of 10GB hard disk space for installation.
- A minimum of 512MB RAM for i386 and AMD64 architectures.
- A bootable CD-DVD drive or a USB stick.
Kali Linux is distributed in 32-bit and 64-bit images for use on hosts based on the x86 instruction set and as an image for the ARM architecture for use on the BeagleBoard computer and on Samsung’s ARM Chromebook.
The developers of Kali Linux aim to make Kali Linux available for ARM devices.
Kali Linux is already available for BeagleBone Black, HP Chromebook, CubieBoard 2, CuBox, CuBox-i, Raspberry Pi, EfikaMX, Odroid U2, Odroid XU, Odroid XU3, Samsung Chromebook, Utilite Pro, Galaxy Note 10.1, and SS808.
With the arrival of Kali NetHunter, Kali Linux is also officially available on smartphones such as the Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, OnePlus One, and some Samsung Galaxy models.
Kali Linux has a dedicated project set aside for compatibility and porting to specific Android devices, called Kali Linux NetHunter.
It is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as Bad USB MITM attacks.
BackTrack (Kali’s predecessor) contained a mode known as forensic mode, which was carried over to Kali via live boot. This mode is very popular for many reasons, partly because many Kali users already have a bootable Kali USB drive or CD, and this option makes it easy to apply Kali to a forensic job. When booted in forensic mode, the system doesn’t touch the internal hard drive or swap space and auto mounting is disabled. However, the developers recommend that users test these features extensively before using Kali for real world forensics.
Kali Linux includes many well known security tools, including:
- Metasploit Framework
- Burp suite
- John the Ripper
- Social Engineering Toolkit
- EttercapOWASP ZAIJURED MAP