ABSTRACT

Kali Linux is comprised of many powerful tools but you cannot put them to good use if
you don’t master the underlying operating system. This book covers everything you need to know
to be able to effectively use and deploy Kali Linux.
This book will discuss basic Linux usage for beginners, Debian package management and
usage, Kali installation, configuration, security, and advanced Kali usage including how Kali fits
within the enterprise and Kali’s role in various phases of a security assessment.
It will serve as an introduction to Kali for beginners but also to cater to users pursuing Kali
certification and advanced users seeking more in-depth use cases and inspiration.
Kali Linux is the world’s most powerful and popular penetration testing platform, used by
security professionals in a wide range of specializations, including penetration testing, forensics,
reverse engineering, and vulnerability assessment. It is the culmination of years of refinement and
the result of a continuous evolution of the platform, from WHoppiX to WHAX, to BackTrack, and
now to a complete penetration testing framework leveraging many features of Debian GNU/Linux
and the vibrant open source community worldwide.
Kali Linux has not been built to be a simple collection of tools, but rather a flexible
framework that professional penetration testers, security enthusiasts, students, and amateurs can
customize to fit their specific needs.
Contents
 Chapter:-1
Introduction

1.1 About Kali

While its primary audience is professional penetration testers, it provides the tools for
performing password recovery, forensic analysis, and web application testing. Because the tools
are preinstalled, maintained and updated, and configured to work together where appropriate, it is
an ideal situation for people and organizations that need to do security testing without having the
time and resources to maintain their own custom infrastructure. That said, even organizations that
have the time and resources may find that they have little need to maintain a custom infrastructure
with Kali Linux available. For professional penetration testers, Kali Linux includes password
crackers, wireless sniffers, network scanners, and explication tools. For forensic analysis, Kali
Linux provides a mode that does not touch the internal hard drive, does not auto mount any
removable media, and allows a potentially compromised system to be examined in great detail,
along with tools to track the information gathered. For IT departments, Kali Linux has network
scanners, vulnerability analysis frameworks, and password recovery tools.

Even if you don’t fit into any of those groups, Kali Linux can still be very useful. With the
huge number of tools installed, Kali Linux becomes a very nice tool catalog where users can look
through a categorized menu of security tools, making it easy to search for a tool that might meet
their needs. And since they are preinstalled, the tools can be quickly evaluated. Many of the tools
are text-based and run from the command-line, while others have graphical front ends to make
them easier to use. Some provide data intended to be fed into other tools, while others provide
detailed reporting and management capabilities.

The successor to BackTrack Linux, Kali Linux was released at the end of 2012. It is built
on top of Debian Linux, and is distributed in a number different ways. You can download an ISO
for installing from scratch, dual booting with Windows, live USB installs, and hard disk installs.
VMware images are available for bringing up virtual machines quickly. There is an AMI available
for Amazon EC2. Kali can be installed on i386 or x86_64 processors, as well as a whole host of
ARM devices such as Raspberry Pi, HP and Samsung Chrome books, and even the Galaxy Note
tablet.

All of this is designed to make it very easy to start using any of the hundreds of security and pen
testing tools that are part of the Kali Linux distribution.

The Kali Linux is not a general use Linux distribution. It’s designed to be single user, with the
default user of root. It is not recommended for Linux beginners. For starters, because you’re
running as root it is easy to make a mess of your system if you aren’t careful. Even more so, the
pen testing and security tools included making it easy to unintentionally attack your own
organization from within unless you’re very

Kali Linux is an open source project that's maintained and funded by Offensive Security, a
provider of world-class info security training and penetration testing services. In addition to Kali
Linux, Offensive Safety also maintains the Exploit Database and the free on-line
program, Metasploit Unleashed.

Kali linux is an working in network security, forensic analysis, and penetration testing it is
important to keep the tools updated, both so that you're protected from the newest known threats,
and so that you've got the latest tools at your control.

OS family: Unix-Linux

Latest release: 2017.1 / April 25, 2017; 3 months ago

Developer: Offensive Security

Platforms: x86, x86-64, armel, armhf

1.2 What is Kali Linux ?

Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing

and Security Auditing. Kali contains several hundred tools which are geared towards various
information security tasks, such as Penetration Testing, Security research, Computer For Reverse
Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading
information security training company.

Kali Linux was released on the 13th March, 2013 as a complete, top-to-bottom rebuild of
Back Track Linux, adhering completely to Debian development standards.

More than 600 penetration testing tools included: After reviewing every tool that was
included in Back Track, we eliminated a great number of tools that either simply did not work or
which duplicated other tools that provided the same or similar functionality. Details on what’s
included are on the Kali Tools site.

Free (as in beer) and always will be: Kali Linux, like Back Track, is completely free of charge
and always will be. You will never, ever have to pay for Kali Linux.

Open source Git tree: We are committed to the open source development model and our
development tree is available for all to see. All of the source code which goes into Kali Linux is
available for anyone who wants to tweak or rebuild packages to suit their specific needs.
FHScompliant: Kali adheres to the File system Hierarchy Standard, allowing Linux users to
easily locate binaries, support files, libraries, etc.

Wide-ranging wireless device support: A regular sticking point with Linux distributions has
been supported for wireless interfaces. We have built Kali Linux to support as many wireless
devices as we possibly can, allowing it to run properly on a wide variety of hardware and making
it compatible with numerous USB and other wireless devices.

Custom kernel, patched for injection: As penetration testers, the development team often
needs to do wireless assessments, so our kernel has the latest injection patches included.
Multi-language support: Although penetration tools tend to be written in English, we have
ensured that Kali includes true multilingual support, allowing more users to operate in their
native language and locate the tools they need for the job.

Completely customizable: We thoroughly understand that not everyone will agree with our
design decisions, so we have made it as easy as possible for our more adventurous users to
customize Kali Linux to their liking, all the way down to the kernel. ARMEL and ARMHF
support: Since ARM-based single-board systems like the Raspberry Pi and BeagleBone Black,
among others, are becoming more and more prevalent and inexpensive, we knew that Kali’s
ARM support would need to be as robust as we could manage, with fully working installations
for both ARMEL and ARMHF systems. Kali Linux is available on a wide range of ARM devices
and has ARM repositories integrated with the mainline distribution so tools for ARM are updated
in conjunction with the rest of the distribution.

Developed in a secure environment: The Kali Linux team is made up of a small group of
individuals who are the only ones trusted to commit packages and interact with the repositories,
all of which is done using multiple secure protocols.

GPG signed packages and repositories: Every package in Kali Linux is signed by each
individual developer who built and committed it, and the repositories subsequently sign the
packages as well.

1.3 What’s Different About Kali Linux?

Kali Linux is specifically geared to meet the requirements of professional penetration

testing and security auditing. To achieve this, several core changes have been implemented in
Kali Linux which reflect these needs:

1. Single user, root access by design: Due to the nature of security audits, Kali Linux is
designed to be used in a “single, root user” scenario. Many of the tools used in
penetration testing require escalated privileges, and while it’s generally sound policy to
 only enable root privileges when necessary, intheuse cases that Kali Linux is aimed at,
this approach would be a burden.
2. Network services disabled by default: Kali Linux contains systemd hooks thatdisable
network services by default. These hooks allow us to install various services on Kali
Linux, while ensuring that our distribution remains secure by default, no matter what
packages are installed. Additional services such as Bluetooth are also blacklisted by
default.
3. Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless
injection.

1.4 Is Kali Linux Right For You?

As the distribution’s developers, you might expect us to recommend that everyone

should be using Kali Linux. The fact of the matter is, however, that Kali is a Linux
distribution specifically geared towards professional penetration testers and security
specialists, and given its unique nature, it is NOT a recommended distribution if you’re
unfamiliar with Linux or are looking for a general-purpose Linux desktop distribution for
development, web design, gaming, etc.

Even for experienced Linux users, Kali can pose some challenges. Although Kali
is an open source project, it’s not a wide-open source project, for reasons of security. The
development team is small and trusted, packages in the repositories are signed both by the
individual committer and the team, and — importantly — the set of upstream repositories
from which updates and new packages are drawn is very small. Adding repositories to your
software sources which have not been tested by the Kali Linux development team is a good
way to cause problems on your system.

While Kali Linux is architected to be highly customizable, don’t expect to be able

to add random unrelated packages and repositories that are “out of band” of the regular
Kali software sources and have it Just Work. In particular, there is absolutely no support
whatsoever for the apt-add-repository command, Launch Pad, or PPAs. Trying to install
Steam on your Kali Linux desktop is an experiment that will not end well. Even getting a
package as mainstream as Node JS onto a Kali Linux installation can take a little extra
effort and tinkering.

If you are unfamiliar with Linux generally, if you do not have at least a basic level
of competence in administering a system, if you are looking for a Linux distribution to use
as a learning tool to get to know your way around Linux, or if you want a distro that you
can use as a general purpose desktop installation, Kali Linux is probably not what you are
looking for.

In addition, misuse of security and penetration testing tools within a network,

particularly without specific authorization, may cause irreparable damage and result in
significant consequences, personal and / or legal. “Not understanding what you were
doing” is not going to work as an excuse.
 Chapter:-2

Development

It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the
rewrite of BackTrack, their previous information security testing Linux distribution based
on Knoppix. The third core developer, Raphaël Hertzog, joined them as a Debian expert. Kali
Linux is based on the Debian Testing branch. Most packages Kali uses are imported from the
Debian repositories.

The Kali Linux project began quietly in 2012, when Offensive Security decided that they
wanted to replace their venerable BackTrack Linux project, which was manually maintained, with
something that could become a genuine Debian derivative, complete with all of the required
infrastructure and improved packaging techniques. The decision was made to build Kali on top of
the Debian distribution because it is well known for its quality, stability, and wide selection of
available software. The first release (version 1.0) happened one year later, in March 2013, and was
based on Debian 7 “Wheezy”, Debian’s stable distribution at the time. In that first year of
development, they packaged hundreds of pen-testing-related applications and built the
infrastructure. Even though the number of applications is significant, the application list has been
meticulously curated, dropping applications that no longer worked or that duplicated features
already available in better programs.

During the two years following version 1.0, Kali released many incremental updates,
expanding the range of available applications and improving hardware support, thanks to newer
kernel releases. With some investment in continuous integration, they ensured that all important
packages were kept in an installable state and that customized live images (a hallmark of the
distribution) could always be created.

Kali Linux can run natively when installed on a computer's hard disk, can be booted from
a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the
Metasploit Project's Metasploit Framework, a tool for developing and executing security
exploits.
 CHAPTER NO. 3

Eigenschaften

3.1 Kali Linux Accessibility Features

Kali is one of the very few Linux distributions which have a working accessibility system
for blind or visually impaired users through both voice feedback and braille hardware support.
3.2 Automating Kali Linux Deployment
We can automate and customize the Kali Linux installations over the network. We are one
PXE boot away from a fresh, custom Kali installation, or 10,000 of them.
3.3 Kali Linux on a Raspberry Pi and Other ARM Devices
Kali supports over a dozen different ARM devices and common hardware such as
Raspberry Pi, Odroid, Beaglebone, and more. We’re very active in the ARM arena and constantly
add new interesting hardware to our repertoire.
3.4 Kali Linux Forensics Mode
The bootable “Forensics” mode available in Kali makes it perfect for forensics work, as
the forensics Kali live image option does not mount any drives (including swap) with this option.
The wealth of forensics tools on Kali makes Kali a good choice for any forensics work you need.
3.5 Kali Linux NetHunter
Kali is so versatile that creating the “Kali NetHunter” Android was a natural extension to
our distribution. NetHunter is a custom Android ROM overlay for ASOP which brings together
all the toolset of Kali Linux to your Nexus or OnePlus phones.
3.6 Kali Linux Running on Android
Have a recent Android device other than a Nexus or OnePlus phone? Try using the Android
App “Linux Deploy” to get Kali seamlessly installed in a chroot environment.
 CHAPTER NO. 4

Security Tools

4.1 Kali Linux includes security tools, such as:

 Burp suite
 Cisco Global Exploiter, a hacking tool used to find and exploit vulnerabilities in Cisco
Network systems
 John the Ripper
 Kismet
 OWASP ZAP
 Social engineering tools.
 Hydra
 Reverse Engineering tools
 Foremost
 Volatility
 CHAPTER NO. 5

Requirements

5.1 Requirements:

• Kali Linux requires a minimum of 3.8GB hard disk space for installation.

• A minimum of 512MB RAM for i386 and AMD64 architectures.

• A bootable CD-DVD drive or a USB stick.

5.2 Recommended:

• 10.0 GB of Hard Disk Space - SSD preferred

• Minimum of 2048 MB of RAM

 CHAPTER NO. 6

Vorteile

6.1 Advanced Penetration Testing tools:-

In the Kali Linux, more than 600+ super amazing advanced Penetration’
Testing tools are incorporated. The tools of Back Track Linux which are not up to the
mark or repeated in many ways has been replaced in the Kali Linux system with the
advanced Penetration testing tools.

6.2 Ultimate free Linux tool:-

The Kali Linux system is totally free like the Back Track Linux and will
always offer their users the free life time services. This is huge plus factor which
forces people to use this system.

6.3 Open sourced Get tree:-

This Kali Linux is openly sourced system and can be easily accessed by
the users. All the codes in the Kali Linux can be viewed easily by the any one and the
open development tree makes easy to view the development of coding at every step.

6.4 FHS support:-

Kali adheres to the File-system Hierarchy Standard, allowing Linux users
to easily locate binaries, support files, libraries, etc. This is the very important feature
of the Kali Linux that makes it stand out among the other Linux systems.
 CHAPTER NO.7
Advantages & disadvantages

7.1 Advantages

 Kali Linux is the best Penetration Testing OS out there currently. If there are
Blackbuntu, BlackArch, Parrot Security and many more.
 Kali provides the reliable underlying of debian system, which are considered to be
rock solid distroy in Linux world
 Kali being advantageous for Hacking(or Cracking, actually), that’s just a myth, as
OS should not be barrier for any and all the Pen-testers, who means serious business.
 The advantage of Kali is that it is designed for a single purpose. And is there for
every good for that purpose.

7.2 Disadvantages
 Kali in a VM, almost all Wireless Hacking Tools don’t work.
 KALI is not as easy to use, because it penetration oriented, and it doesn’t
even try to hold your hands, or molly coddle a newbie.
 KALI is not exactly the most search (as in research), and training oriented
Linux.
 In the process of using KALI for normal, you may Trash some of KALI’s
specialized settings for its own security.
 The disadvantage of Kali is that it is designed for a single purpose. and is
there for not as good for any other purpose.
 CHAPTER NO. 8
Kali Linux ISO download

Where to Get Official Kali Linux Images

ISO Files for Intel-based PCs

In order to run Kali “Live” from a USB drive on standard Windows and Apple PCs, you’ll
need a Kali Linux bootable ISO image, in either 32-bit or 64-bit format.

If you’re not sure of the architecture of the system you want to run Kali on, on Linux or
OS X, you can run the command

at the command line. If you get the response, “x86_64”, use the 64-bit ISO image (the
one containing “amd64” in the file name); if you get “i386”, use the 32-bit image (the one
containing “i386” in the file name). If you’re on a Windows system, the procedure for
determining whether your architecture is detailed on Microsoft’s website.

The Kali Linux images are available both as directly downloadable “.iso/.img” files or via
“.torrent” files.

 Official Kali ISOs for Intel-based PCs[4]

Building your own Kali Linux ISO, standard or customized, is a very simple process.

VMware Images

If you want to run Kali Linux as a “guest” under VMware, Kali is available as a pre-built
VMware virtual machine with VMware Tools already installed. The VMware image is available
in a 64-bit (amd64), 32-bit (i686), and 32-bit PAE (i486) formats.
  Official Kali Linux VMware Images[5]

ARM Images

The hardware architectures of ARM-based devices vary considerably, so it is not possible

to have a single image that will work across all of them. Pre-built Kali Linux images for the ARM
architecture are available for the wide range of devices.

Scripts for building your own ARM images locally are also available on Git Hub. For
more details see the articles on setting up an ARM cross-compilation environment, and building
a custom Kali Linux ARM chroot.

Verifying Your Downloaded Kali Image

Why do I need to do this?

Before you run Kali Linux Live, or install it to your hard disk, you want to be very sure
that what you’ve got actually is Kali Linux, and not an imposter. Kali Linux is a professional
penetration testing and forensics toolkit. As a professional penetration tester, having absolute
confidence in the integrity of your tools is critical: if your tools aren’t trustworthy, your
investigations won’t be trustworthy, either.

Moreover, as the leading penetration testing distribution, Kali’s strengths mean that a
bogus version of Kali Linux could do a tremendous amount of damage if it were deployed
unwittingly. There are plenty of people with plenty of reason to want to stick very sketchy stuff
into something that looks like Kali, and you absolutely don’t want to find yourself running
something like that.

Avoiding this is simple: only download Kali Linux via the official download pages
at https://www.kali.org/downloads or https://www.offensive-security.com/kali-linux-vmware-
arm-image-download/ — you won’t be able to browse to these pages without SSL: encrypting the
connection makes it much harder for an attacker to use a “man-in-the-middle” attack to modify
your download. There are a few potential weaknesses to even these sources — see the sections
on verifying the download with the SHA256SUMS file and its signature against the official Kali
Development team private key for something much closer to absolute assurance.

 once you’ve downloaded an image, and before you run it, always validate that it
really is what it’s supposed to be by verifying its checksum using one of the procedures
detailed below.

There are several methods for verifying your download. Each provides a certain level of
assurance, and involves a corresponding level of effort on your part.

 You can download an ISO image from an official Kali Linux “Downloads” mirror,
calculate the ISO’s SHA256 hash and compare it by inspection with the value listed on
the Kali Linux site. This is quick and easy, but potentially susceptible to subversion via
a DNS poisoning: it assumes that the site to which, for example, the domain “kali.org”
resolves is in fact the actual Kali Linux site. If it somehow weren’t, an attacker could
present a “loaded” image and a matching SHA256 signature on the fake web page. See
the section “Manually Verify the Signature on the ISO (Direct Download)”, below.

 You can download an ISO image through the torrents, and it will also pull down a file —
unsigned — containing the calculated SHA256 signature. You can then use the shasum
command (on Linux and OS X) or a utility (on Windows) to automatically verify that the
file’s computed signature matches the signature in the secondary file. This is even easier
than the “manual” method, but suffers from the same weakness: if the torrent you pulled
down isn’t really Kali Linux, it could still have a good signature. See the section “Verify
the Signature on the ISO Using the Included Signature File (Torrent Download)”, below.

 To be as close to absolutely certain as possible that the Kali Linux download you’ve
obtained is the real thing, you can download both a cleartext signature file and and
version of the same file that has been signed with the official Kali Linux private key and
use GNU Privacy Guard (GPG) to first, verify that the computed SHA256 signature and
the signature in the cleartext file match and second, verify that the signed version of the
 file containing the SHA256 hash has been correctly signed with the official key.
If you use this more complicated process and successfully validate your downloaded ISO,
you can proceed with pretty complete assurance that what you’ve got is the official image
and that it has not been tampered with in any way. This method, while the most complex,
has the advantage of providing independent assurance of the integrity of the image. The
only way this method can fail is if the official Kali Linux private key is not only
subverted by an attacker, but also not subsequently revoked by the Kali Linux
development team. For this method, see the section on verification using the
SHA256SUMS file.

The official download page for the 64-bit Intel architecture Kali Linux 2016.2 ISO image:
Verify the Signature on the ISO Using the Included Signature File (Torrent Download)

If you downloaded your copy of the Kali Linux ISO image via the torrents, in addition to the ISO
file (e.g. kali-linux-2016.2-amd64.iso), there will be a second file containing the computed
SHA256 signature for the ISO, with the extension “.txt.sha256sum” (e.g. kali-linux-2016.2-
amd64.txt.sha256sum). You can use this file to verify the authenticity of your download on Linux
or OS X with the following command:

grep kali-linux-2016.2-amd64.iso kali-linux-2016.2-amd64.txt.sha256sum | shasum -a 256 -c

If the image is successfully authenticated, the response will look like this:

kali-linux-2016.2-amd64.iso: OK
 CHAPTER NO. 9
References

1) Wikipedia: https://en.wikipedia.org/wiki/Kali_Linux
2) Kali Linux: Reveled Book : https://kali.training/downloads/Kali-Linux-Revealed-
1st-edition.pdf
3) Kali Linux official website: https://www.kali.org/kali-linux-documentation/
4) Official Kali ISOs for Intel-based PCs: https://www.kali.org/downloads/
5) Official Kali Linux VMware Images: https://www.offensive-security.com/kali-linux-
vm-vmware-virtualbox-image-download/
 CHAPTER NO. 10
Conclusion

Linux provides a much more fine grained control over the security of a linux system
compared to the “Unix” standard. Some people claim that the security framework provided
by LSM is not extensive enough.
Several critical security hooks are missing and that linux security relies on the kernel
being bug free. Linux are priority based scheduling. The PCB contains the information about
the state of a process. Rescheduling in linux follows the Two-Halves approach. rescheduling
can occur in process context or kernel context only.