The Linux operating system is free to acquire and use. It is available in many different versions called “distros” and Kali Linux is one of them. Kali Linux has a graphical user interface to host point-and-click software packages, and it offers an experience similar to Windows.
This distro is unique because it doesn’t just offer an operating system. Many operating systems have utilities built-in and are delivered for free. One example of this phenomenon is the Windows Defender firewall, a handy feature that is not traditionally thought of as a regular part of an operating system. In addition, Kali Linux includes a package of penetration testing tools.
There are about 300 tools included with Kali Linux in addition to the utilities usually found within any Linux distro. Although there are so many tools, they don’t all offer different functions. For example, in the world of penetration testing tools, a number of the systems included with Kali Linux compete against each other. So, there are groups of tools, with all of the members of each group offering very similar functionality.
It is unlikely that anyone will ever use all 300 tools. This is because it would be impossible to acquire familiarity with and work knowledge of so many tools. All of the tools included with the Kali bundle are available independently. Some tools are available in free and paid versions from their source, while others are just free. In all instances, the free versions are included in the Kali package – you don’t get any tools for free that are usually offered for a price by their original suppliers.
- 1 About Kali Linux
- 2 What does Kali do?
- 3 Kali Linux Tools
- 4 Kali Linux system requirements
- 5 Installing Kali Linux
- 6 Kali Linux Pros and Cons
- 7 Alternatives to Kali Linux
About Kali Linux
Kali Linux was first released on 13 March 2013. The history of Kali’s creation is complicated. It dates back to 2006 when Mati Aharoni created a package called BackTrack. This was a bundle of penetration testing tools packaged in with a version of Linux, called Whoppix, which was based on a distro called Knoppix, which, in turn, was a derivative of Debian.
Knoppix and Whoppix ran the operating system off a CD ROM. Aharoni later altered this Linux implementation to a system called WHAX, which was based on Slax, another CDROM-based system that was a version of Debian.
The tools package was called the Auditor Security Collection. This was a package of 300 free tools that Max Moser had selected. Although many descriptions of Kali Linux state that the bundle now includes 600 tools, the Kali Linux site only lists 300.
Around the time that Aharoni was creating BackTrack, he set up a cybersecurity consultancy called Offensive Security. This enterprise was registered as Offensive Security LLC in 2008. The business took over responsibility for managing BackTrack. The company changed its name to Offensive Security Services, LLC in 2012. The firm offers penetration testing services, security consultancy, and training for pen testers.
Offensive Security runs its certification program, called Offensive Security Certified Professional (OSCP). Unfortunately, this is one of the toughest accreditations to get because it requires the participant to pass an exam that includes a real-world hacking challenge, requiring the applicant to break into a test system maintained by Offensive Security.
Mati Aharoni led an Offensive Security team in a redevelopment project for BackTrack. This resulted in the creation of Kali Linux. Since its launch in 2013, Kali has been updated with new versions in 2019 and 2020. The original version is Kali 1.0.0 moto; the second version is Kali 2019.4; the latest version is Kali 2020.3.
What does Kali do?
Kali Linux is an operating system, just like Debian. It has its logo and a tagline:
“The quieter you become, the more you can hear.”
Users of Kali Linux don’t need to be working in cybersecurity. It is possible to just use the operating system through its graphical user interface or the command line.
Kali Linux Tools
There are two listings of the tools contained in Kali Linux available on the Kali project website. The first is a summary of each tool, with the list of tools grouped by type. The second is a list of tools, ordered alphabetically. In each list, the name of the tool is a link through to a description page. Thus, the two systems present the same information but in a different format.
Lack of space prevents all tools from being described here in this review. However, you can get more details about Kali Linux and its tools package in the Kali Linux Cheat Sheet.
Here are some of the most essential tools in the package:
1. Metasploit Framework
Metasploit is available as a paid product, called Metasploit Pro, and a free system called Metasploit Framework. Metasploit Pro’s features that aren’t available in the free version are geared toward automated vulnerability scanning. Metasploit is an open-source project, but it is sponsored by Rapid7, which provides the extra features in Metasploit Pro.
Metasploit Framework gives you penetration tools to perform intel gathering and attacks that you launch in the Metasploit Console, which is a customized command line window.
2. Burp Suite
The Burp Suite version included in Kali Linux is the Community Edition. This shows all the essential commands available to the full, paid Professional version, but they won’t work. However, the tools that you are left with are still pretty useful. Burp Suite operates by intercepting traffic, analyzing it, generating traffic, and inserting it. This tool is also a good choice for brute force credentials guessing.
Burp Suite provides both a graphical user interface and a command-line interface. You can read more about Burp Suite in the Burp Suite Cheat Sheet.
Wireshark is a packet sniffer already part of any network administrator’s toolkit and is widely used by hackers. This traffic interceptor can operate on wireless systems as well as LANs. As a result, Thus, Wireshark is an excellent tool for conducting research, and its output can be exported for analysis in other utilities.
The free Wireshark service in Kali Linux offers both a GUI and a command-line interface.
4. OWASP ZAP
The Open Web Application Security Project is a non-profit research authority on Web applications vulnerabilities. Its OWASP Top 10 is the industry touchstone for hacker strategies. In addition, the organization produces the Zed Attack Proxy, which is the OWASP ZAP that is included in Kali Linux.
The ZAP service is accessed through its own GUI window, and it offers a traffic interceptor, a Web crawler, a URL fuzzer. There is also a vulnerability scanner function in the package to automate research.
Nmap is the Network Mapper, and it provides an excellent research facility for hackers and pen testers who have broken into a network and need to see all of the attached devices. This is a command-line tool, and its functions are easier to access through Zenmap, its GUI companion, which is also included in Kali Linux. The Nmap system works on examining packet headers, and so it also provides a packet capture service.
Ettercap is a free packet capture tool that includes utilities to facilitate a man-in-the-middle attack, and it can also be used for deep packet inspection. This is a command-line utility. A GUI interface is available for it, but this is little more than a customized command-line access window. The Ettercap service works through ARP poisoning to trick all endpoints into believing that the Ettercap host is a gateway to the internet. You read more about Ettercap in our Ettercap Cheat Sheet.
Sqlmap is a powerful hacker tool that discovers and manipulates the databases that serve websites. It will give you a rundown of database instances and then help you break into them. Attacks can be performed, leaving no trace or altering values in targeted databases.
This is a command-line utility with only one command but thousands of uses thanks to an extensive list of switches and options. Find out more about sqlmap in the sqlmap Cheat Sheet.
Maltego is a flexible tool that can be put to many uses. It links together research to produce maps of relationships between data instances. An excellent example of how Maltego can help research is mapping the connections between many users on a social media platform. The system can also be used to map networks and spot software dependencies.
Kali Linux system requirements
Kali Linux installs on a bare-metal computer – a computer that doesn’t already have an operating system. The computer needs the following minimum hardware:
- 20 GB hard disk (50 GB recommended)
- 2 GB RAM
- A bootable CD-DVD drive or a USB stick
- An Intel Core i3 or an AMD E1 processor
Installing Kali Linux
The software for the Kali Linux installation is available from the Kali project website. Find the Kali Linux download page to locate the installer.
Apart from installing the system on a bare-metal computer, there are seven other configurations available. These include the opportunity to install Kali Linux on a VM or an Android device. It is also possible to run Kali Linux on containers. An installation guide is available at the Kali project site that explains the installation steps for each option.
Kali Linux Pros and Cons
Kali Linux is highly respected and used by many penetration testing operations. Despite being acclaimed, it isn’t perfect, so here is our assessment of the package:
- Many deployment options, including operations over VMs and containers
- A vast library of useful tools
- Completely free to use
- A Windows-style Desktop environment
- A large user community in the cybersecurity sector
- Many of the tools are out of date
- The free tools bundled into Kali are often just enticers to the paid versions
- A Kali Windows would be nice
Alternatives to Kali Linux
Kali Linux is unique in that it combines an operating system and penetration tools. You aren’t going to get such an excellent package for free anywhere else. The apparent alternative to Kali Linux is Debian Linux. If you don’t want the overhead of 300 tools, you will never use, just install Debian for free, look through the Kali Linux tools list, select the few you need, and install those.
Here is our list of the five best alternatives to Kali Linux:
- Netsparker (ACCESS FREE DEMO) This is a vulnerability scanner that can also be used by penetration testers as a research tool. This is a Web application scanner that looks for exploits in Web pages by operating a scanner through a browser. It is possible to let the tool perform a complete scan or limit its functions to one vulnerability and keep rerunning it with different operating values to test a specific weakness. This is a SaaS platform, but you can also get the software for installation on Windows Server. Access a demo system for assessment.
- Acunetix (ACCESS FREE DEMO) This system is available in three editions, and the lowest offers a penetration testing research tools package. This system scans for weaknesses both from an external perspective and from within the network. Deployment options include a cloud-based hosted service or a software package for Windows, macOS, or Linux installation. Access a demo system for an assessment.
- Bugcrowd Asset Inventory This penetration testing system researches all of the supportive services integrated into the software that businesses use. Although a system administrator might loo into the security of the software that the company acquires, few think to look at the underlying services that those packages rely on. Bugcrowd crawls through application dependencies to identify underlying weaknesses. You can request a demo of the service.
- CrowdStrike Penetration Testing Services This consultancy service provides a team of penetration tests rather than a tool. Hiring a team to perform your security tests for you is more effective than providing tools to some of your IT staff who won’t be trained explicitly in white hat hacking.
- Indusface Penetration Testing Services An alternative to CrowdStrike’s team, the Indusface white hat hackers can be contracted to test your system’s protection against attack. Watch as the attack proceeds and check whether your security service spots the hacker’s actions. They can also test APIs and mobile apps.