Why Kali Linux is loved by penetration testers [Q&A]
Penetration testing is an essential tool for organizations to make sure their systems are safe and secure. It probes systems by attacking them in the way that a hacker would.
But for many, the concept of pentesting is something of a dark art, and the tools used to carry it out shaded in obscurity. One of the most popular tools among testers is Kali Linux but you could be forgiven for never having heard of it.
We spoke to Jim O'Gorman of testing training specialist Offensive Security, which maintains the Kali Linux project, to discover more about what Kali Linux is and why pen testers love it so much.
BN: What is Kali Linux?
JO'G: Kali Linux is a Linux distribution that is focused on penetration tests, red teaming, and other forms of security assessments.
Every Linux distribution has its niche, and what they focus on is whatever they can do better than any other distro. Red Hat wants to be the enterprise distribution, Ubuntu wants to be your desktop OS, and so on. What we do is focus on security assessments. Our goal is to make it the standard platform for security assessments, and we do that in various ways through the tools that we include, the ease of customization, the basic structure of the OS, and so on.
BN: How and where would you use it?
JO'G: Kali is used on a variety of platforms, from high-end servers to low-end ARM devices. We have some of the best ARM support of any Linux distribution, which makes sense considering the places that you can often find a use for Kali.
The fact is, there is no real typical use for Kali. Some people run it on large high-end servers, others on laptops, some on small ARM devices that can be hidden easily, and others on their phone. On top of that there are docker images, WSL installs, VM images, cloud images, and so on. Pretty much anywhere you are, if you want to test someone's defenses you can find a version of Kali that will work for you.
BN: Can you get off-the-shelf images?
JO'G: Yes, we prepackage Kali for as many platforms and systems as we can. ISO with easy installs, pre-made VMs, docker images, pre-configured cloud images, WSL installs, and so on. And we also make it easy to roll custom versions of Kali so its pre-configured to a user’s specific needs.
BN: How will Kali Linux develop going forward?
JO'G: There is a ton happening at moment with Kali. Starting in 2019 and continuing into 2020 we have been going through every aspect of the project and evaluating if the current solution is the one we want to continue with going forward, or of it needs to be changed. This has lead to changes in how we manage our git repository, how our mirrors and distribution are done, the way we package releases, what tools get packaged and distributed with Kali, and so on. We are in the middle of making major UI changes to Kali, an overhaul of how our documentation is handled, and about to deploy out a solution that will allow us to still be able to run old unsupported attack tools that are still useful but don’t run on modern Linux. Plus, we have docs hitting now that walk users through how they can package tools up for distribution in Kali. Soon we will be looking at our forums, bug tracker, real time chat, and so on. That's not even to mention the forthcoming public roadmap, new live events, and so much more.
It's a very exciting time with Kali. The team is engaged and growing, and we are getting more and more community contributions. This is awesome, and since we don’t know what people will contribute so this could take us in unexpected and new directions.
BN: is it possible to get involved in the developer community?
JO'G: Yes! Just join the bug tracker, read our docs, and get involved in the Kali Forums. There are a ton of ways to get involved.