Kali Linux
BackTrack (BT), (www.offensive-security.com) was released to provide an extensive variety of penetration testing and defensive tools that were perfect for auditors and network administrators interested in assessing and securing their networks. The same tools were used by both authorized and unauthorized (hackers) penetration testers.
The final version of BackTrack, BT 5r3, was released in August 2012. Based on the Ubuntu Linux platform, it was widely adopted and supported by the security community. Unfortunately, its file architecture made it difficult to manage the array of tools and their accompanying dependencies.
In BackTrack, all of the tools used for penetration testing were placed in the /pentest directory. Subfolders such as /web or /database helped to further define the location of tools. Finding and executing tools within this hierarchy could be counterintuitive. For example, is sqlninja, which identifies an SQL injection, a web vulnerability assessment tool, a web exploit tool, or a database exploit tool?
In March 2013, BackTrack was superseded by Kali Linux, which uses a new platform architecture based on the Debian GNU/Linux operating system.
Debian adheres to the Filesystem Hierarchy Standard (FHS), which is a significant advantage over BackTrack. Instead of needing to navigate through the /pentest tree, you can call a tool from anywhere on the system because applications are included in the system path.
Other features of Kali include the following:
- Support for multiple desktop environments such as Gnome, KDE, LXDE, and XFCE, and provides multilingual support.
- Debian-compliant tools are synchronized with the Debian repositories at least four times daily, making it easier to update packages and apply security fixes.
- Support for ISO customizations, allowing users to build their own versions of Kali. The bootstrap function also performs enterprise-wide network installs that can be automated using pre-seed files.
- ARMEL and ARMHF support allows Kali to be installed on devices such as Raspberry Pi, ODROID-U2/-X2, and the Samsung Chromebook.
- Over 300 penetration testing data forensics and defensive tools are included. They provide extensive wireless support with kernel patches to permit the packet injection required by some wireless attacks.
- Kali remains an open source project that is free. Most importantly, it is well supported by an active online community.
Throughout this book, we'll be using a VMware virtual machine (VM) of 64-bit Kali (refer to Appendix, Installing Kali Linux for instructions on installing Kali).
A VM is used because it makes it easy to rapidly execute certain applications in other operating systems, such as Microsoft Windows. In addition, a VM can be archived with the results from a penetration test, allowing the archive to be reviewed to determine if a particular vulnerability would have been detected with the toolset that was used for testing.
When Kali is launched, the user will be taken to the default desktop GUI with a menu bar at the top and a few simple icons. By selecting the menu item Applications, and then Kali Linux, the user will gain access to a menu system that contains the Top 10 Security Tools as well as a series of folders, organized in the general order that would be followed during a penetration test, as shown in the following screenshot:
