A lap around Kali Linux 2.0

As you may know, Kali Linux is arguably the most-popular, but certainly the most mature Linux distribution specifically built for “hacking”, or pentesting – and computer forensics.

image

I’ve blogged about my experience with the older version, and compared it to Blackbox too.

Yesterday, Kali Linux 2.0 was released and it’s a doozy!

What I see from them, is what I somewhat assumed: version 1.0 was about setting up a stable base, now 2.0 is about user experience and getting the package updating streamlined.

What’s new?
I definitely am no expert in this field. Although I’ve had an interest in security for a long time, actually digging into pentesting has been challenging, to say the least! Considering I’m still a newb, I might not get the significance (just yet) of the things they discuss. First, here are the release notes:

Today is the day that Kali 2.0 is officially released.
https://www.kali.org/releases/kali-linux-20-released/

Some things that stand out to me, are:

  • Rolling Distribution: similar to how Microsoft Windows claims it will work, they will magically, incrementally upgrade over time instead of having huge, sweeping releases (like this one)
  • Window Managers: one thing I didn’t like was the old window manager, and when everything broke if you tried to change it. Now, Kali supports KDE, GNOME3, Xfce, etc right out of the box (with the working menus and everything!)
  • Metasploit Community no longer included – you have to go to Rapid7 and get it from there.
  • They are invested: after having played around with it for a while, you can tell some people invested some major time in getting this release right. From reading about it, and considering that they have classes on it and everything, it would seem that the team behind it is “all in”. Therefore it’s probably a safe bet to invest in for the foreseeable future!

If you are looking for a “tl;dr” – yes, this is a major upgrade and major improvement over 1.x, go download it!

Where can I get it?
Yesterday, it was taking hours to try to download, and ultimately failed a couple of times. I tried again today and it downloaded in just a few minutes. Go get the latest for your PC, VM, or even the Raspberry Pi, here:

https://www.kali.org/downloads/

What’s it look like?
I installed this in Hyper-V with no issue. From a fresh install with no customization, you can tell it’s much “prettier” right from the login screen:

image

image

The desktop and use of Gnome is arguably more user-friendly, and familiar for most people.

image

The main app bar on the left, by default has:

  • Iceweasel  (web browser based on FIrefox)
  • Terminal
  • Files (like: Windows “Explorer” or Mac “Finder”)
  • Metasploit framework
  • Armitage
  • Burpsuite
  • Maltego
  • Beef XSS
  • Leafpad (editor)
  • Tweaktool (for setting UI options)
  • Applications (like: Windows “All Programs” or Mac “Applications” folder)

and here’s a look with a couple of windows open so you can see the default window manager and how the menus are handled:

image

All of the Kali tools are right off the main menu. Even nicer, everything is just 1 layer deep. No more menus nested within menus. Everything is easy to find:

image

If there is one thing that is missing, it’s a search feature on the main menu. It would be nice to click “Applications” and start typing the name of the app I want and it show up. On Windows, you click the start button and start typing… on Mac, you ALT+Space and start typing. It’s a pretty common feature nowadays, which is missing here. People want to browse AND search – and you can only really browse.

In it’s defense, this is still possible using the “Show Applications” menu item in the dock – you can search for applications, files, and settings:

image

As for the “rest” of the traditional main menu, that is under “Usual applications”:

image

As you can see, this is a pretty big improvement in the user experience.

Hey, what about that dreaded laptop?
Oh yeah, good question! You might recall that I could install Kali 1.x on this cheapy Dell Inspiron 3451, but it would freeze/hang as soon as I would log into the X11 interface. I never did find a workaround.

image

Well, I installed Kali Linux 2.0 on there and it works with no issues! It detected everything (bluetooth, wifi, external eth0, external mouse, etc) and there are no graphic card problems or freezes. No issues – it works!

Where can I learn more?
That’s an interesting aspect of this operating system. They’ve built it, presumably, to have a professional-quality Linux distribution for professional pentesters. In modern-day, what can you do with that? Well, they offer training courses, and even certifications. The target audience for this seems to be professional pentesters. That is, people who are paid to do this for a living.

image

What if you don’t do this for a living (yet?) – and what about if you don’t have several thousand to spend on training, at the moment? Well, this site is actually pretty good with tons of information: http://docs.kali.org/ it’s a place to start!

Bottom line:
I’m smack-dab in the middle of another blog post comparing/contrasting a few different pentesting distributions. In my unbiased opinion, this changes things in my mind. This to me, puts Kali back on top. But wait, before I draw that conclusion officially, let me finish that other blog post and review! I stopped to whip up this blog post, because this release is so significant.

In the meantime, if this topic interests you or you were curious about Kali 2.0 – you should definitely check it out, it’s a very nice upgrade!!

Posted in Certifications, Computers and Internet, General, Infrastructure, Linux, New Technology, Security, Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Archives
Categories

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2 other followers

%d bloggers like this: