1.4. Main Kali Linux Features
Kali Linux is a Linux distribution that contains its own collection of hundreds of software tools
specifically tailored for their target users—penetration testers and other security professionals.
It also comes with an installation program to completely setup Kali Linux as the main operating
system on any computer.
This is pretty much like all other existing Linux distributions but there are other features that
differentiate Kali Linux, many of which are tailored to the specific needs of penetration testers.
Let’s have a look at some of those features.
1.4.1. A Live System
Alongside the main installer ISO images, Kali Linux offers a separate live ISO image to download.
This allows you to use Kali Linux as a bootable live system. In other words, you can use Kali Linux
without installing it, just by booting the ISO image (usually after having copied the image onto a
USB key).
The live system contains the tools most commonly used by penetration testers, so even if your day-
to-day system is not Kali Linux, you can simply insert the disk or USB key and reboot to run Kali.
However, keep in mind that the default configuration will not preserve changes between reboots.
If you configure persistence with a USB key (see section
9.4
, “
Adding Persistence to the Live ISO
with a USB Key
” [page 246]), then you can tweak the system to your liking (modify config files,
save reports, upgrade software, and install additional packages, for example), and the changes
will be retained across reboots.
1.4.2. Forensics Mode
In general, when doing forensic work on a system, you want to avoid any activity that would alter
the data on the analyzed system in any way. Unfortunately, modern desktop environments tend
to interfere with this objective by trying to auto-mount any disk(s) they detect. To avoid this
behavior, Kali Linux has a forensics mode that can be enabled from the boot menu: it will disable
all such features.
The live system is particularly useful for forensics purposes, because it is possible to reboot any
computer into a Kali Linux system without accessing or modifying its hard disks.
8
Kali Linux Revealed
1.4.3. A Custom Linux Kernel
Kali Linux always provides a customized recent
Linux kernel
22
, based on the version in Debian
Unstable. This ensures solid hardware support, especially for a wide range of wireless devices.
The kernel is
patched
23
for wireless injection support since many wireless security assessment
tools rely on this feature.
Since many hardware devices require up-to-date firmware files (found in
/lib/firmware/
), Kali
installs them all by default—including the firmware available in Debian’s non-free section. Those
are not installed by default in Debian, because they are closed-source and thus not part of Debian
proper.
1.4.4. Completely Customizable
Kali Linux is built by penetration testers for penetration testers, but we understand that not ev-
eryone will agree with our design decisions or choice of tools to include by default. With this in
mind, we always ensure that Kali Linux is easy to customize based on your own needs and prefer-
ences. To this end, we publish the
live-build
24
configuration used to build the official Kali images
so you can customize it to your liking. It is very easy to start from this published configuration
and implement various changes based on your needs thanks to the versatility of live-build.
Live-build includes many features to modify the installed system, install supplementary files, in-
stall additional packages, run arbitrary commands, and change the values pre-seeded to debconf.
1.4.5. A Trustable Operating System
Users of a security distribution rightfully want to know that it can be trusted and that it has been
developed in plain sight, allowing anyone to inspect the source code. Kali Linux is developed by a
small team
25
of knowledgeable developers working transparently and following the best security
practices: they upload signed source packages, which are then built on dedicated build daemons.
The packages are then checksummed and distributed as part of a signed repository.
The work done on the packages can be fully reviewed through the
packaging Git repositories
26
(which contain signed tags) that are used to build the Kali source packages. The evolution of each
package can also be followed through the
Kali package tracker
27
.
22
https://pkg.kali.org/pkg/linux
23
https://gitlab.com/kalilinux/packages/linux/-/blob/kali/master/debian/patches/series
24
https://gitlab.com/kalilinux/build-scripts/live-build-config
25
https://www.kali.org/about-us/
26
https://gitlab.com/kalilinux/packages
27
https://pkg.kali.org/
9
Chapter 1 — About Kali Linux
1.4.6. Usable on a Wide Range of ARM Devices
Kali Linux provides binary packages for the armel, armhf, and arm64 ARM architectures. Thanks
to the easily installable images provided by Offensive Security, Kali Linux can be deployed on
many interesting devices, from smartphones and tablets to Wi-Fi routers and computers of various
shapes and sizes.
|
