As you may know, Kali Linux is arguably the most-popular, but certainly the most mature Linux distribution specifically built for “hacking”, or pentesting – and computer forensics.
Yesterday, Kali Linux 2.0 was released and it’s a doozy!
What I see from them, is what I somewhat assumed: version 1.0 was about setting up a stable base, now 2.0 is about user experience and getting the package updating streamlined.
I definitely am no expert in this field. Although I’ve had an interest in security for a long time, actually digging into pentesting has been challenging, to say the least! Considering I’m still a newb, I might not get the significance (just yet) of the things they discuss. First, here are the release notes:
Today is the day that Kali 2.0 is officially released.
Some things that stand out to me, are:
- Rolling Distribution: similar to how Microsoft Windows claims it will work, they will magically, incrementally upgrade over time instead of having huge, sweeping releases (like this one)
- Window Managers: one thing I didn’t like was the old window manager, and when everything broke if you tried to change it. Now, Kali supports KDE, GNOME3, Xfce, etc right out of the box (with the working menus and everything!)
- Metasploit Community no longer included – you have to go to Rapid7 and get it from there.
- They are invested: after having played around with it for a while, you can tell some people invested some major time in getting this release right. From reading about it, and considering that they have classes on it and everything, it would seem that the team behind it is “all in”. Therefore it’s probably a safe bet to invest in for the foreseeable future!
If you are looking for a “tl;dr” – yes, this is a major upgrade and major improvement over 1.x, go download it!
Where can I get it?
Yesterday, it was taking hours to try to download, and ultimately failed a couple of times. I tried again today and it downloaded in just a few minutes. Go get the latest for your PC, VM, or even the Raspberry Pi, here:
What’s it look like?
I installed this in Hyper-V with no issue. From a fresh install with no customization, you can tell it’s much “prettier” right from the login screen:
The desktop and use of Gnome is arguably more user-friendly, and familiar for most people.
The main app bar on the left, by default has:
- Iceweasel (web browser based on FIrefox)
- Files (like: Windows “Explorer” or Mac “Finder”)
- Metasploit framework
- Beef XSS
- Leafpad (editor)
- Tweaktool (for setting UI options)
- Applications (like: Windows “All Programs” or Mac “Applications” folder)
and here’s a look with a couple of windows open so you can see the default window manager and how the menus are handled:
All of the Kali tools are right off the main menu. Even nicer, everything is just 1 layer deep. No more menus nested within menus. Everything is easy to find:
If there is one thing that is missing, it’s a search feature on the main menu. It would be nice to click “Applications” and start typing the name of the app I want and it show up. On Windows, you click the start button and start typing… on Mac, you ALT+Space and start typing. It’s a pretty common feature nowadays, which is missing here. People want to browse AND search – and you can only really browse.
In it’s defense, this is still possible using the “Show Applications” menu item in the dock – you can search for applications, files, and settings:
As for the “rest” of the traditional main menu, that is under “Usual applications”:
As you can see, this is a pretty big improvement in the user experience.
Hey, what about that dreaded laptop?
Oh yeah, good question! You might recall that I could install Kali 1.x on this cheapy Dell Inspiron 3451, but it would freeze/hang as soon as I would log into the X11 interface. I never did find a workaround.
Well, I installed Kali Linux 2.0 on there and it works with no issues! It detected everything (bluetooth, wifi, external eth0, external mouse, etc) and there are no graphic card problems or freezes. No issues – it works!
Where can I learn more?
That’s an interesting aspect of this operating system. They’ve built it, presumably, to have a professional-quality Linux distribution for professional pentesters. In modern-day, what can you do with that? Well, they offer training courses, and even certifications. The target audience for this seems to be professional pentesters. That is, people who are paid to do this for a living.
What if you don’t do this for a living (yet?) – and what about if you don’t have several thousand to spend on training, at the moment? Well, this site is actually pretty good with tons of information: http://docs.kali.org/ it’s a place to start!
I’m smack-dab in the middle of another blog post comparing/contrasting a few different pentesting distributions. In my unbiased opinion, this changes things in my mind. This to me, puts Kali back on top. But wait, before I draw that conclusion officially, let me finish that other blog post and review! I stopped to whip up this blog post, because this release is so significant.
In the meantime, if this topic interests you or you were curious about Kali 2.0 – you should definitely check it out, it’s a very nice upgrade!!