Kali Linux is a Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics, and Reverse Engineering.
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack. BackTrack was their previous information security Operating System. The first iteration of Kali Linux was Kali 1.0.0 was introduced in March 2013.
Offensive Security currently funds and supports Kali Linux. If you were to visit Kali's website today (www.kali.org), you would see a large banner stating, "Our Most Advanced Penetration Testing Distribution, Ever." A very bold statement that ironically has yet to be disproven.
Kali Linux has over 600+ preinstalled penetration-testing applications to discover. Each program with its unique flexibility and use case. Kali Linux does an excellent job of separating these useful utilities into the following categories:
- – Information Gathering
- – Vulnerability Analysis
- – Wireless Attacks
- – Web Applications
- – Exploitation Tools
- – Stress Testing
- – Forensics Tools
- – Sniffing & Spoofing
- – Password Attacks
- – Maintaining Access
- – Reverse Engineering
- – Reporting Tools
- – Hardware Hacking
Who uses Kali Linux and Why?
Kali Linux is truly a unique operating system, as it's one of the few platforms openly used by both good guys and bad guys. Security Administrators, and Black Hat Hackers both use this operating system extensively. One to detect and prevent security breaches, and the other to identify and possibly exploit security breaches. The number of tools configured and preinstalled on the operating system makes Kali Linux the Swiss Army knife in any security professional's toolbox.
Professionals that use Kali Linux
- Security Administrators – Security Administrators are responsible for safeguarding their institution's information and data. They use Kali Linux to review their environment(s) and ensure there are no easily discoverable vulnerabilities.
- Network Administrators – Network Administrators are responsible for maintaining an efficient and secure network. They use Kali Linux to audit their network. For example, Kali Linux has the ability to detect rogue access points.
- Network Architects – Network Architects, are responsible for designing secure network environments. They utilize Kali Linux to audit their initial designs and ensure nothing was overlooked or misconfigured.
- Pen Testers – Pen Testers, utilize Kali Linux to audit environments and perform reconnaissance on corporate environments which they have been hired to review.
- CISO – CISO or Chief Information Security Officers, use Kali Linux to internally audit their environment and discover if any new applications or rouge configurations have been put in place.
- Forensic Engineers – Kali Linux possesses a "Forensic Mode", which allows a Forensic Engineer to perform data discovery and recovery in some instances.
- White Hat Hackers – White Hat Hackers, similar to Pen Testers use Kali Linux to audit and discover vulnerabilities that may be present in an environment.
- Black Hat Hackers – Black Hat Hackers, utilize Kali Linux to discover and exploit vulnerabilities. Kali Linux also has numerous social engineering applications, which can be utilized by a Black Hat Hacker to compromise an organization or individual.
- Grey Hat Hackers – Grey Hat Hackers, lie in between White Hat and Black Hat Hackers. They will utilize Kali Linux in the same methods as the two listed above.
- Computer Enthusiast – Computer Enthusiast is a pretty generic term, but anyone interested in learning more about networking or computers, in general, can use Kali Linux to learn more about Information Technology, networking, and common vulnerabilities.
Now, you have a basic idea of what Kali Linux is and why it is used, it’s time to run Kali on our virtual machine, or from Live USB Persistence, and get things going.