Kali 2017.
Always suspicious of everything, Nate “what’s the catch?” Drake explores the latest divine offering from his distro god, Kali Linux.
Were visit( what other option is there ?– Ed) the rolling pen-testing distro that loves the limelight and hackers alike with Nate Drake.
Kali Linux, which now follows a rolling release model, has now been updated to version 2017.1, replete with updated tools, kernel and better hardware support.
While Kali is by no means the only pen-testing distro in the wild, it remains the most popular with ethical hackers. The OS contains any number of programs such as Aircrack-ng, a suite of tools for penetration testing of wireless networks. To this end, the latest Kali offering now supports RTL8812AU Wireless chipsets. These don’t form part of the standard Linux Kernel, but were included in response to a feature request. This makes possible much more invasive testing of your network, enabling you, for instance, to deauthenticate devices, then inspect the ‘handshake’ as they reconnect, exposing the WiFi password.
While on the subject of drivers, Kali 2017.1 also includes much more streamlined support for Nvidia GPUs with CUDA support. CUDA is a software platform created by Nvidia to give direct access to a GPU’s virtual instruction set. In plain English, this makes it possible to use GPUs for purposes other than playing video games, such as mining Bitcoins or in the case of Kali, cracking passwords.
The Kali website details the necessary steps to get the CUDA toolkit working with Hashcat, (now upgraded to version 3.2.0) claiming that you can get started in minutes. If you don’t happen to have an arsenal of GPUs handy, Kali 2017.1 also now supports AWS and Azure Images of the OS, which support GPU password cracking out of the box.
Although it’s too big to be bundled with the ISO, Kali’s repositories now include OpenVAS 9, a vulnerability scanner suite that automates much of the tasks pen testers have to do manually on target systems.
Pen-testing friendly
Despite a slew of new drivers, images and tools making Kali easier to use, the OS continues to provide support for newcomers to pen-testing. The Kali website has long offered OSCP (Offensive Security Certified Professional) online training, which involves a gruelling 24-hour exam. This has now been complimented by the Kali Linux Certified Professional Program’ to affirm your efficiency specifically with Kali itself. The first four-day KLCP course will take place at Black Hat USA 2017, where interested parties can become a Kali Linux Ninja!
Aside from the vast number of platforms for which Kali Linux 2017.1 is available, it’s the documentation that tips the balance in Kali’s favour. Other pen-testing distributions such as BlackArch and Parrot Security OS may have more tools pre-installed or be easier on the eye, but Kali holds your hand from the outset. The sidebar contains shortcuts to common hacking tools such as Armitage and the Metasploit Framework. The official Kali documentation talks you through the steps of setting up the OS, general usage as well as customising your own ISO. Offensive Security are also behind the free Metasploit Unleashed ethical hacking course, which offers free training for the Metasploit Framework.
The release notes for Kali 2017.1 also contained an announcement that Kali Linux Revealed will be published in July, with a free online version being made available afterwards.
Because Kali now follows a rolling release model, existing users can updated to version 2017.1 by running apt dist-upgrade in a Terminal.