Created and managed by the group Offensive Security, Kali Linux is a distribution designed for penetration testing and activities related to IT security. Kali Linux is derived from Debianone of the most stable and popular Linux distributions, known for its robustness, its large community, and its rigorous release process.
Unlike other products, however, Kali Linux integrates a wide range of useful tools and resources to put it to the test security of computer systems, networks and applications. For years it has therefore been a real point of reference for ethical hackers and professionals in the field of cybersecurity.
Kali Linux 2023.4: the desktop environment GNOME 45
GNOME 45known by the code name “Riga“, is the latest version of the free and open source desktop environment for Linux and other Unix-like operating systems. The latest release focuses on refining everyday interactions, improving performance and making the overall experience smoother and more efficient. One of the most noticeable changes is the new one activities buttonwhich now serves as a dynamic workspace indicator.
Among the innovations introduced by GNOME 45 that the Kali Linux team wanted to highlight, there are new ones sidebar that develop vertically and offer an improved user experience, regardless of the application in use.
Il file manager Nautilus it proves to be much faster when it comes to the search function; the management of system settings it is more efficient and intuitive; GNOME shell extensions are updated to optimize integration with the desktop.
The 15 software tools added in the latest version
With the publication of the final version of Kali Linux 2023.4, 15 software tools make their debut which further expand the distribution’s already rich features. We present the complete list below:
- cabby. A TAXII client (Trusted Automated eXchange of Indicator Information) which facilitates the exchange of security information between organizations.
- cti-taxii-client. A client library for TAXII 2, which supports the TAXII standard for exchanging threat intelligence information.
- enum4linux-ng. Advanced version of enum4linux, an enumeration tool for Windows/Samba systems, with additional functionality. It is software designed to collect detailed information about systems connected to the local network. Enumeration is a basic activity during the penetration testing or security analysis.
- exiflooter. Extracts geolocation information from assets containing images by examining embedded EXIF data.
- h8mail. An OSINT tool (Open Source Intelligence). Starting from a specific email address, it allows you to obtain information on any security breaches in which the email address may have been involved.
- Havoc. A framework of post-exploitation modern and flexible for the control of compromised systems (command and control).
- OpenTAXII. Implementation of a TAXII server to facilitate the exchange of threat intelligence information.
- PassDetective. Scans shell command history for passwords, API keys, and other “secrets” introduced in the clear.
- Portspoof. It emulates services with all 65535 TCP ports open, increasing confusion for attackers trying to detect real services.
- Raven. A lightweight HTTP file upload service to facilitate file transfer.
- ReconSpider. An advanced OSINT framework for analysis and intelligence collection.
- rling – RLI Next Gen (Rling). A later version of RLI (Remote Live Investigation), a faster and more feature-rich, multi-threaded alternative.
- Sigma-Cli. View and convert Sigma rules, a format of threat detection rules, into languages that support the use of query queries.
- sn0int. A semi-automated OSINT framework and package manager to simplify intelligence gathering.
- SPIRE – SPIFFE Runtime Environment. Set of APIs for establishing trust between software systems, part of the SPIFFE architecture (Secure Production Identity Framework for Everyone).
The most important tools that Kali Linux integrates
I tool additions just inserted by the Kali Linux team within the distribution complement the many tools that the product offers.
The various software are divided into categories and allow you to perform a vast array of operations for the purposes of penetration testingdell’ethical hacking and IT security.
Among the many proposals, we remember for example the Nmap port scanner; the well-known framework Metasploit which allows security experts to test vulnerabilities, develop and launch exploits against target systems; the history is always updated packet sniffer Wireshark, a network protocol analyzer that allows you to capture and analyze network traffic in real time, useful for forensic analysis and debugging.
They deserve a special mention too Burp Suite, Web application security testing tool that provides scanning, crawling and analysis capabilities; John the Ripper e Hashcat for password cracking, useful for launching attacks brute force and crack more or less strong passwords. In the same vein, Hydra e Medusa which exploit “brute force” to overcome the credentials set by users with various protocols and services.
One of the cornerstones of Kali Linux remains Aircrack-ng, a set of tools that can be used to test and analyze the security of WiFi networks; While SQLMap helps researchers find vulnerabilities that can lead to SQL injection in web applications.
In another article we saw how many security vulnerabilities exist and how they can possibly be exploited to launch a cyber attack. In the same in-depth analysis we explained that, at least at a regulatory level, the concept of does not yet exist in Europe ethical hacking. An aspect not to be underestimated.
How to download and use Kali Linux
By accessing the download area of the official website, it is possible to find the Linux distribution in multiple “formats”. There is the possibility to download the file ISO official, a Virtualbox or VMware virtual machine already pre-configured and ready for use, to download “ad hoc” versions for ARM and mobile devices in general.
The team then offers the tools for deployment in Kali Linux sul cloudthe support to carry out the live boot distribution on any system, Docker and LXC/LXD containers, support for Windows Subsystem for Linux (WSL).