Introduction to Kali Linux features
Kali Linux (Kali) is the successor to the BackTrack penetration testing platform that is generally regarded as the de facto standard package of tools used to facilitate penetration testing to secure data and voice networks. It was developed by Mati Aharoni and Devon Kearns of Offensive Security. This distribution is mainly meant for penetration testing and digital forensics.
In 2021, Kali had four updates. The latest rolling version was released on December 9, 2021 with kernel 5.14.0 and the Xfce 4.16.3 desktop environment. Additionally, there was a minor update on December 23, 2021 with version Kali 2021.4a.
Some features of this latest version of Kali include the following:
Over 500 advanced penetration testing, data forensics, and defensive tools. The majority of the older pre-installed tools are eliminated and replaced by similar tools. They provide extensive wireless support with multiple hardware and kernel patches to permit the packet injection required by some wireless attacks. Table 1.2 provides a breakdown of the tools with respect to their specific task as of December 2021:
Tool Sections |
No. of Tools |
---|---|
Information Gathering |
67 |
Vulnerability Analysis |
27 |
Wireless Attacks |
54 |
Web Applications |
43 |
Exploitation Tools |
21 |
Forensics Tools |
23 |
Sniffing & Spoofing |
33 |
Password Attacks |
39 |
Maintaining Access |
17 |
Reverse Engineering |
11 |
Hardware Hacking |
6 |
Reporting Tools |
10 |
Table 1.2: The number of tools available, listed with respect to the specific tasks for which they are used
Some of the key features of Kali Linux 2021.4 include:
- Support for multiple desktop environments such as KDE, GNOME3, Xfce, MATE, e17, lxde, and i3wm.021.
- By default, Kali Linux has Debian-compliant tools that are synchronized with the Debian repositories at least four times daily, making it easier to update packages and apply security fixes.
- There are secure development environments and GPG-signed packages and repositories.
- There is support for ISO customization, allowing users to build their own versions of customized Kali with a limited set of tools to make it lightweight. The bootstrap function also performs enterprise-wide network installs that can be automated using pre-seed files.
- Since ARM-based systems have become more prevalent and less expensive, support for ARMEL and ARMHF in Kali Linux can be installed on devices such as rk3306 mk/ss808, Raspberry Pi, ODROID U2/X2, Samsung Chromebook, EfikaMX, Beaglebone Black, CuBox, and Galaxy Note 10.1.
- Kali remains a free open-source project. Most importantly, it is well supported by an active online community.
The role of Kali in red team tactics
While pentesters might prefer any type of operating system to perform their desired activity, usage of Kali Linux saves significant time and prevents the need to search for packages that aren’t typically available in other operating systems. Some of the advantages that are not noticed with Kali Linux during a red team exercise include the following:
- One single source to attack various platforms.
- It’s quick to add sources and install packages and supporting libraries (especially those that are not available for Windows).
- It’s even possible to install RPM packages with the usage of alien.
The purpose of Kali Linux is to secure network, cloud, and application infrastructure and bundle all of the tools to provide a single platform for penetration testers and forensic analysts.