Professional Documents
Culture Documents
Kali Linux Documentation
Kali Linux Documentation
Kali Linux is comprised of many powerful tools but you cannot put them to good use if
you don’t master the underlying operating system. This book covers everything you need to know
to be able to effectively use and deploy Kali Linux.
This book will discuss basic Linux usage for beginners, Debian package management and
usage, Kali installation, configuration, security, and advanced Kali usage including how Kali fits
within the enterprise and Kali’s role in various phases of a security assessment.
It will serve as an introduction to Kali for beginners but also to cater to users pursuing Kali
certification and advanced users seeking more in-depth use cases and inspiration.
Kali Linux is the world’s most powerful and popular penetration testing platform, used by
security professionals in a wide range of specializations, including penetration testing, forensics,
reverse engineering, and vulnerability assessment. It is the culmination of years of refinement and
the result of a continuous evolution of the platform, from WHoppiX to WHAX, to BackTrack, and
now to a complete penetration testing framework leveraging many features of Debian GNU/Linux
and the vibrant open source community worldwide.
Kali Linux has not been built to be a simple collection of tools, but rather a flexible
framework that professional penetration testers, security enthusiasts, students, and amateurs can
customize to fit their specific needs.
Contents
Chapter:-1
Introduction
While its primary audience is professional penetration testers, it provides the tools for
performing password recovery, forensic analysis, and web application testing. Because the tools
are preinstalled, maintained and updated, and configured to work together where appropriate, it is
an ideal situation for people and organizations that need to do security testing without having the
time and resources to maintain their own custom infrastructure. That said, even organizations that
have the time and resources may find that they have little need to maintain a custom infrastructure
with Kali Linux available. For professional penetration testers, Kali Linux includes password
crackers, wireless sniffers, network scanners, and explication tools. For forensic analysis, Kali
Linux provides a mode that does not touch the internal hard drive, does not auto mount any
removable media, and allows a potentially compromised system to be examined in great detail,
along with tools to track the information gathered. For IT departments, Kali Linux has network
scanners, vulnerability analysis frameworks, and password recovery tools.
Even if you don’t fit into any of those groups, Kali Linux can still be very useful. With the
huge number of tools installed, Kali Linux becomes a very nice tool catalog where users can look
through a categorized menu of security tools, making it easy to search for a tool that might meet
their needs. And since they are preinstalled, the tools can be quickly evaluated. Many of the tools
are text-based and run from the command-line, while others have graphical front ends to make
them easier to use. Some provide data intended to be fed into other tools, while others provide
detailed reporting and management capabilities.
The successor to BackTrack Linux, Kali Linux was released at the end of 2012. It is built
on top of Debian Linux, and is distributed in a number different ways. You can download an ISO
for installing from scratch, dual booting with Windows, live USB installs, and hard disk installs.
VMware images are available for bringing up virtual machines quickly. There is an AMI available
for Amazon EC2. Kali can be installed on i386 or x86_64 processors, as well as a whole host of
ARM devices such as Raspberry Pi, HP and Samsung Chrome books, and even the Galaxy Note
tablet.
All of this is designed to make it very easy to start using any of the hundreds of security and pen
testing tools that are part of the Kali Linux distribution.
The Kali Linux is not a general use Linux distribution. It’s designed to be single user, with the
default user of root. It is not recommended for Linux beginners. For starters, because you’re
running as root it is easy to make a mess of your system if you aren’t careful. Even more so, the
pen testing and security tools included making it easy to unintentionally attack your own
organization from within unless you’re very
Kali Linux is an open source project that's maintained and funded by Offensive Security, a
provider of world-class info security training and penetration testing services. In addition to Kali
Linux, Offensive Safety also maintains the Exploit Database and the free on-line
program, Metasploit Unleashed.
Kali linux is an working in network security, forensic analysis, and penetration testing it is
important to keep the tools updated, both so that you're protected from the newest known threats,
and so that you've got the latest tools at your control.
OS family: Unix-Linux
Kali Linux was released on the 13th March, 2013 as a complete, top-to-bottom rebuild of
Back Track Linux, adhering completely to Debian development standards.
More than 600 penetration testing tools included: After reviewing every tool that was
included in Back Track, we eliminated a great number of tools that either simply did not work or
which duplicated other tools that provided the same or similar functionality. Details on what’s
included are on the Kali Tools site.
Free (as in beer) and always will be: Kali Linux, like Back Track, is completely free of charge
and always will be. You will never, ever have to pay for Kali Linux.
Open source Git tree: We are committed to the open source development model and our
development tree is available for all to see. All of the source code which goes into Kali Linux is
available for anyone who wants to tweak or rebuild packages to suit their specific needs.
FHScompliant: Kali adheres to the File system Hierarchy Standard, allowing Linux users to
easily locate binaries, support files, libraries, etc.
Wide-ranging wireless device support: A regular sticking point with Linux distributions has
been supported for wireless interfaces. We have built Kali Linux to support as many wireless
devices as we possibly can, allowing it to run properly on a wide variety of hardware and making
it compatible with numerous USB and other wireless devices.
Custom kernel, patched for injection: As penetration testers, the development team often
needs to do wireless assessments, so our kernel has the latest injection patches included.
Multi-language support: Although penetration tools tend to be written in English, we have
ensured that Kali includes true multilingual support, allowing more users to operate in their
native language and locate the tools they need for the job.
Completely customizable: We thoroughly understand that not everyone will agree with our
design decisions, so we have made it as easy as possible for our more adventurous users to
customize Kali Linux to their liking, all the way down to the kernel. ARMEL and ARMHF
support: Since ARM-based single-board systems like the Raspberry Pi and BeagleBone Black,
among others, are becoming more and more prevalent and inexpensive, we knew that Kali’s
ARM support would need to be as robust as we could manage, with fully working installations
for both ARMEL and ARMHF systems. Kali Linux is available on a wide range of ARM devices
and has ARM repositories integrated with the mainline distribution so tools for ARM are updated
in conjunction with the rest of the distribution.
Developed in a secure environment: The Kali Linux team is made up of a small group of
individuals who are the only ones trusted to commit packages and interact with the repositories,
all of which is done using multiple secure protocols.
GPG signed packages and repositories: Every package in Kali Linux is signed by each
individual developer who built and committed it, and the repositories subsequently sign the
packages as well.
1. Single user, root access by design: Due to the nature of security audits, Kali Linux is
designed to be used in a “single, root user” scenario. Many of the tools used in
penetration testing require escalated privileges, and while it’s generally sound policy to
only enable root privileges when necessary, intheuse cases that Kali Linux is aimed at,
this approach would be a burden.
2. Network services disabled by default: Kali Linux contains systemd hooks thatdisable
network services by default. These hooks allow us to install various services on Kali
Linux, while ensuring that our distribution remains secure by default, no matter what
packages are installed. Additional services such as Bluetooth are also blacklisted by
default.
3. Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless
injection.
Even for experienced Linux users, Kali can pose some challenges. Although Kali
is an open source project, it’s not a wide-open source project, for reasons of security. The
development team is small and trusted, packages in the repositories are signed both by the
individual committer and the team, and — importantly — the set of upstream repositories
from which updates and new packages are drawn is very small. Adding repositories to your
software sources which have not been tested by the Kali Linux development team is a good
way to cause problems on your system.
If you are unfamiliar with Linux generally, if you do not have at least a basic level
of competence in administering a system, if you are looking for a Linux distribution to use
as a learning tool to get to know your way around Linux, or if you want a distro that you
can use as a general purpose desktop installation, Kali Linux is probably not what you are
looking for.
Development
It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the
rewrite of BackTrack, their previous information security testing Linux distribution based
on Knoppix. The third core developer, Raphaël Hertzog, joined them as a Debian expert. Kali
Linux is based on the Debian Testing branch. Most packages Kali uses are imported from the
Debian repositories.
The Kali Linux project began quietly in 2012, when Offensive Security decided that they
wanted to replace their venerable BackTrack Linux project, which was manually maintained, with
something that could become a genuine Debian derivative, complete with all of the required
infrastructure and improved packaging techniques. The decision was made to build Kali on top of
the Debian distribution because it is well known for its quality, stability, and wide selection of
available software. The first release (version 1.0) happened one year later, in March 2013, and was
based on Debian 7 “Wheezy”, Debian’s stable distribution at the time. In that first year of
development, they packaged hundreds of pen-testing-related applications and built the
infrastructure. Even though the number of applications is significant, the application list has been
meticulously curated, dropping applications that no longer worked or that duplicated features
already available in better programs.
During the two years following version 1.0, Kali released many incremental updates,
expanding the range of available applications and improving hardware support, thanks to newer
kernel releases. With some investment in continuous integration, they ensured that all important
packages were kept in an installable state and that customized live images (a hallmark of the
distribution) could always be created.
Kali Linux can run natively when installed on a computer's hard disk, can be booted from
a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the
Metasploit Project's Metasploit Framework, a tool for developing and executing security
exploits.
CHAPTER NO. 3
Eigenschaften
Security Tools
Burp suite
Cisco Global Exploiter, a hacking tool used to find and exploit vulnerabilities in Cisco
Network systems
John the Ripper
Kismet
OWASP ZAP
Social engineering tools.
Hydra
Reverse Engineering tools
Foremost
Volatility
CHAPTER NO. 5
Requirements
5.1 Requirements:
• Kali Linux requires a minimum of 3.8GB hard disk space for installation.
5.2 Recommended:
Vorteile
7.1 Advantages
Kali Linux is the best Penetration Testing OS out there currently. If there are
Blackbuntu, BlackArch, Parrot Security and many more.
Kali provides the reliable underlying of debian system, which are considered to be
rock solid distroy in Linux world
Kali being advantageous for Hacking(or Cracking, actually), that’s just a myth, as
OS should not be barrier for any and all the Pen-testers, who means serious business.
The advantage of Kali is that it is designed for a single purpose. And is there for
every good for that purpose.
7.2 Disadvantages
Kali in a VM, almost all Wireless Hacking Tools don’t work.
KALI is not as easy to use, because it penetration oriented, and it doesn’t
even try to hold your hands, or molly coddle a newbie.
KALI is not exactly the most search (as in research), and training oriented
Linux.
In the process of using KALI for normal, you may Trash some of KALI’s
specialized settings for its own security.
The disadvantage of Kali is that it is designed for a single purpose. and is
there for not as good for any other purpose.
CHAPTER NO. 8
Kali Linux ISO download
In order to run Kali “Live” from a USB drive on standard Windows and Apple PCs, you’ll
need a Kali Linux bootable ISO image, in either 32-bit or 64-bit format.
If you’re not sure of the architecture of the system you want to run Kali on, on Linux or
OS X, you can run the command
at the command line. If you get the response, “x86_64”, use the 64-bit ISO image (the
one containing “amd64” in the file name); if you get “i386”, use the 32-bit image (the one
containing “i386” in the file name). If you’re on a Windows system, the procedure for
determining whether your architecture is detailed on Microsoft’s website.
The Kali Linux images are available both as directly downloadable “.iso/.img” files or via
“.torrent” files.
Building your own Kali Linux ISO, standard or customized, is a very simple process.
VMware Images
If you want to run Kali Linux as a “guest” under VMware, Kali is available as a pre-built
VMware virtual machine with VMware Tools already installed. The VMware image is available
in a 64-bit (amd64), 32-bit (i686), and 32-bit PAE (i486) formats.
Official Kali Linux VMware Images[5]
ARM Images
Scripts for building your own ARM images locally are also available on Git Hub. For
more details see the articles on setting up an ARM cross-compilation environment, and building
a custom Kali Linux ARM chroot.
Before you run Kali Linux Live, or install it to your hard disk, you want to be very sure
that what you’ve got actually is Kali Linux, and not an imposter. Kali Linux is a professional
penetration testing and forensics toolkit. As a professional penetration tester, having absolute
confidence in the integrity of your tools is critical: if your tools aren’t trustworthy, your
investigations won’t be trustworthy, either.
Moreover, as the leading penetration testing distribution, Kali’s strengths mean that a
bogus version of Kali Linux could do a tremendous amount of damage if it were deployed
unwittingly. There are plenty of people with plenty of reason to want to stick very sketchy stuff
into something that looks like Kali, and you absolutely don’t want to find yourself running
something like that.
Avoiding this is simple: only download Kali Linux via the official download pages
at https://www.kali.org/downloads or https://www.offensive-security.com/kali-linux-vmware-
arm-image-download/ — you won’t be able to browse to these pages without SSL: encrypting the
connection makes it much harder for an attacker to use a “man-in-the-middle” attack to modify
your download. There are a few potential weaknesses to even these sources — see the sections
on verifying the download with the SHA256SUMS file and its signature against the official Kali
Development team private key for something much closer to absolute assurance.
once you’ve downloaded an image, and before you run it, always validate that it
really is what it’s supposed to be by verifying its checksum using one of the procedures
detailed below.
There are several methods for verifying your download. Each provides a certain level of
assurance, and involves a corresponding level of effort on your part.
You can download an ISO image from an official Kali Linux “Downloads” mirror,
calculate the ISO’s SHA256 hash and compare it by inspection with the value listed on
the Kali Linux site. This is quick and easy, but potentially susceptible to subversion via
a DNS poisoning: it assumes that the site to which, for example, the domain “kali.org”
resolves is in fact the actual Kali Linux site. If it somehow weren’t, an attacker could
present a “loaded” image and a matching SHA256 signature on the fake web page. See
the section “Manually Verify the Signature on the ISO (Direct Download)”, below.
You can download an ISO image through the torrents, and it will also pull down a file —
unsigned — containing the calculated SHA256 signature. You can then use the shasum
command (on Linux and OS X) or a utility (on Windows) to automatically verify that the
file’s computed signature matches the signature in the secondary file. This is even easier
than the “manual” method, but suffers from the same weakness: if the torrent you pulled
down isn’t really Kali Linux, it could still have a good signature. See the section “Verify
the Signature on the ISO Using the Included Signature File (Torrent Download)”, below.
To be as close to absolutely certain as possible that the Kali Linux download you’ve
obtained is the real thing, you can download both a cleartext signature file and and
version of the same file that has been signed with the official Kali Linux private key and
use GNU Privacy Guard (GPG) to first, verify that the computed SHA256 signature and
the signature in the cleartext file match and second, verify that the signed version of the
file containing the SHA256 hash has been correctly signed with the official key.
If you use this more complicated process and successfully validate your downloaded ISO,
you can proceed with pretty complete assurance that what you’ve got is the official image
and that it has not been tampered with in any way. This method, while the most complex,
has the advantage of providing independent assurance of the integrity of the image. The
only way this method can fail is if the official Kali Linux private key is not only
subverted by an attacker, but also not subsequently revoked by the Kali Linux
development team. For this method, see the section on verification using the
SHA256SUMS file.
The official download page for the 64-bit Intel architecture Kali Linux 2016.2 ISO image:
Verify the Signature on the ISO Using the Included Signature File (Torrent Download)
If you downloaded your copy of the Kali Linux ISO image via the torrents, in addition to the ISO
file (e.g. kali-linux-2016.2-amd64.iso), there will be a second file containing the computed
SHA256 signature for the ISO, with the extension “.txt.sha256sum” (e.g. kali-linux-2016.2-
amd64.txt.sha256sum). You can use this file to verify the authenticity of your download on Linux
or OS X with the following command:
If the image is successfully authenticated, the response will look like this:
kali-linux-2016.2-amd64.iso: OK
CHAPTER NO. 9
References
1) Wikipedia: https://en.wikipedia.org/wiki/Kali_Linux
2) Kali Linux: Reveled Book : https://kali.training/downloads/Kali-Linux-Revealed-
1st-edition.pdf
3) Kali Linux official website: https://www.kali.org/kali-linux-documentation/
4) Official Kali ISOs for Intel-based PCs: https://www.kali.org/downloads/
5) Official Kali Linux VMware Images: https://www.offensive-security.com/kali-linux-
vm-vmware-virtualbox-image-download/
CHAPTER NO. 10
Conclusion
Linux provides a much more fine grained control over the security of a linux system
compared to the “Unix” standard. Some people claim that the security framework provided
by LSM is not extensive enough.
Several critical security hooks are missing and that linux security relies on the kernel
being bug free. Linux are priority based scheduling. The PCB contains the information about
the state of a process. Rescheduling in linux follows the Two-Halves approach. rescheduling
can occur in process context or kernel context only.