Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

Because Kali Linux is multi-platform, it gives you a strong, stable, known baseline to operate from regardless of where you use it: desktops, servers, virtual machines, live environments, cloud or containers.

Why is Kali Linux popular among hackers?

Kali is a popular distro among the security community due to its design, it incorporates tools oriented towards penetration testing, security research, computer forensics and reverse engineering. Kali Linux became mainstream popular thanks to the TV Series Mr. Robot.

How many tools does Kali Linux include?

Kali Linux is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners).

How secure is Kali Linux?

Kali Linux is developed in a secure location with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom-built kernel that is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments.

Is Kali Linux portable?

Kali Linux can run natively when installed on a PC, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.

What Linux distribution is Kali Linux based on?

Kali Linux is based on Debian Wheezy. Most packages Kali uses are imported from the Debian repositories.

What version of Kali Linux should I download?

Each version of Kali Linux is optimized for a specific purpose or platform. First, you have to establish your system's architecture. If your system is 64-bit and you want to have a permanent installation, the Kali Linux ISO 64-bit is your choice. If you want to try Kali Linux without having to install it, the portable versions are the way to go.

Kali Linux was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. The third core developer Raphaël Hertzog joined them as Debian expert.

What's New

Kali Linux VMware & VirtualBox images are available for users who prefer, or whose specific needs require a virtual machine installation.

These images have the default credentials "kali/kali".

Just before the year starts to wrap up, we are getting the final 2024 release out! This contains a wide range of updates and changes, which are in already in effect, ready for immediate download, or updating.

The summary of the changelog since the 2024.3 release from September is:

  • Python 3.12 - New default Python version (Au revoir pip, hello pipx)
  • The end of the i386 kernel and images - Farewell x86 (images), but not goodbye (packages)
  • Deprecations in the SSH client: DSA keys - Reminder about using ssh1 if required
  • Raspberry Pi Imager Customizations Support - Able to alter settings at write time
  • GNOME 47 - Now able to synchronize your favorite colors
  • Kali Forums Refresh - New heart of the community home
  • Kali NetHunter - Updates to the app, kernels, installer, store and website !
  • New Tools - 14 new shiny toys added (and countless updated!)

A new Python version: 3.12

Python 3.12 is now the default Python interpreter. While it was released upstream a year ago, it took a bit of time to become the default in Debian, and then even more time to make it to Kali Linux, but finally it's here. Every new version of Python brings along some deprecations or subtle changes of behavior, which in turn breaks some Python packages, and we have to investigate and fix all the issues reported by our QA system. Hence the delay.

There is a major change with this new Python version: installing third-party Python packages via pip is now strongly discouraged and disallowed by default. This change has been coming for a long time, we wrote about it 18 months ago already, been given little reminders in each release blog post since and we gave another push about it in the 2024.3 release blog post. Now it's finally effective.

pip users, fear not! It's not the end of the world: there is pipx as a replacement. On the surface, it provides a similar user experience, but under the hood it overcomes the one outstanding issue with pip: the lack of environment isolation.

For more details, please check our dedicated documentation page: Installing Python Applications via pipx. If you still have a hard time running a third-party Python application in Kali, please reach out to us via our bug tracker.

The end of the i386 kernel and images

…but not packages.

History lesson: i386 is a 32-bit CPU architecture, maybe more widely known by the name x86. It was the CPU architecture of the first generations of Intel Pentium, AMD K6, and Athlon. In short, it was ubiquitous in personal computers back in the 90s. Starting in 2003, a 64-bit version of the x86 architecture appeared, usually named x86-64 (or amd64 in Debian-based Linux distributions). It marked the end of the 32-bit x86 CPUs.

Despite being long obsolete, this architecture remained supported in software for years. 2019 was the year when major Linux distributions (Fedora 31 & Ubuntu) started to drop it. Finally, in October 2024, Debian stopped building a i386 kernel (and OS images, as a consequence). Kali Linux, being based on Debian, follow suit: images and releases will no longer be created for this platform.

It's important to note that this is not an instant death for i386 though. This is not how architectures die. The i386 kernel and images are gone, however i386 packages in general are not removed from the repository. It means that it's still possible to run i386 programs on a 64-bit system. Either directly via the package manager (APT supports installation of i386 packages on a amd64 system), or via i386 Docker images.

With time, surely more and more i386 packages will disappear, but nobody really knows in advance which packages and ecosystems will go first, and how long others will remain. In particular, one of the biggest areas that keeps i386 alive is gaming: old games that were compiled for 32-bit x86 are still around, and enjoyed by gamers. As a consequence, there are people out there putting effort into keeping it working, and we can hope that a baseline of i386 packages will remain functional for the time being.

If you are impacted by this change and need more guidance to run your i386 binaries on Kali Linux, please reach out to us via our bug tracker, we will do our best to help.

Deprecations in the SSH client: DSA keys

The latest version of OpenSSH (9.8p1) , available in this release of Kali Linux, deprecates DSA keys for good. If you need this support to connect to very old SSH servers, you will need to use the command ssh1 instead of ssh. Let's take this chance to review how Kali Linux deals with SSH deprecations, and what it provides to make it easier to use the SSH client for pentesting purpose.

Out of the box, Kali comes with a "standard" SSH client, as provided by Debian. It means that SSH is pre-configured with security in mind: some legacy ciphers and algorithms are disabled by default, to prevent you from using potentially weak encryption without knowing.

For pentesting purposes though, we often need to use all these legacy features, because we need to know if the server that we target has it enabled. To easily enable all the legacy features at once, we provide the command-line tool kali-tweaks. This tool is a simple menu that allows you to configure various aspects of Kali. In the Hardening section, you can configure SSH for Wide Compatibility (instead of the default Strong Security), and that's all you need to do to maximize the capabilities of your SSH client.

With that said, when some legacy features are not even compiled in the SSH client anymore (as is the case with DSA keys), you will need to resort to another SSH client: ssh1. ssh1 comes pre-installed in this new release of Kali Linux. In practicality, ssh1 is the SSH client frozen at version 7.5 (released in March 2017). This is the last release of OpenSSH that supports the SSH v.1 protocol, and of course it also supports DSA keys. If you target very old SSH servers, you might need to use this client, assuming you are using the SSH client directly from the command-line. However, if you use it indirectly (via some tool that uses SSH), it's possible that the tool does not know about the ssh1 command, so in practice you will lose support for DSA keys with this new Kali release. If you are in this situation, talk to us (via our our Discord server or our bug tracker), and we might be able to help.

All of this information (and more) is available in our documentation.

Raspberry Pi Imager Customizations Support

The moment that Pi users have been waiting for has arrived! We are thrilled to announce that Kali's Raspberry Pi images now support applying customizations directly from the Raspberry Pi Imager software! This is a huge step forward, and we are so excited to bring this much-requested feature to our users. Whether you are a seasoned pro or just getting started, this update is going to make your Raspberry Pi experience even more seamless.

For those who might not be familiar with the Raspberry Pi Imager, it was first introduced in 2020 by the Raspberry Pi Foundation. This incredibly handy tool allows users to easily write Raspberry Pi operating system images onto an SD card or USB drive with just a few clicks. But that's not all – it also lets you apply essential customizations before you even boot up your Pi! You can pre-configure a range of settings, from setting a custom username and password to choosing a hostname, connecting to a Wi-Fi network, and even adding an SSH key for remote access.

With this latest release, you can now apply these customizations to all Raspberry Pi images – with the exception of the PiTail images, which are highly specialized with their own network and user settings. Unfortunately, due to these customizations, applying them via the Raspberry Pi Imager software is not supported for PiTail images. But for everything else, the sky's the limit!

How Does It Work?

The magic happens when you write a Raspberry Pi image to your SD card or USB drive using the imager software. If you choose to enable customizations, the settings are stored in two key files on the /boot partition of the drive:

  • user-data: This file contains all your personal settings, including the username and password, any locale or timezone preferences, and even your SSH public key (if you have chosen to enable SSH).
  • network-config: Here you will find your Wi-Fi network settings, including the pre-computed PSK (Password Security Key) for seamless connectivity.

Once the Raspberry Pi boots for the first time, these files will apply the custom settings automatically.

A quick tip: Do not forget to delete these files after the first boot to keep things secure.

Default Settings for Non-Customized Images

For users who do not wish to enable customizations, do not worry! The default settings for Raspberry Pi images will remain the same, with kali/kali for the username and password.

GNOME 47

We are excited to announce that the latest update to the GNOME Desktop, GNOME 47, is now available! This update brings numerous changes and desktop enhancements, but the most notable feature is the new support for accent color customization. You can now choose your favorite color for window and shell widgets, giving you more control over your desktop's look and feel.

From Kali's side, we have also worked on synchronizing this new setting with the icon theme and legacy GTK window themes to ensure a cohesive visual experience. To complement this feature, we have created multiple variants of the icon theme to match each accent color. These themes are also available across other desktop environments, allowing you to personalize your Kali experience.

Other Improvements

New login theme


New system-monitor panel extension


Improved color-schemes for gnome-text-editor

Kali Forums Refresh

A couple of weeks ago we launched the refresh of our Kali Forums. With this refresh we are now running a Discourse-powered forum with a new set of moderators thanks to our community moderators from Discord. We are very happy with the activity we have seen on it so far and hope to see you there!

For more information, please check out our blog post about the refresh.

New Tools in Kali

As always, we have various new tools added (to the network repositories) - 14 this time! Summarizing what has been added:

  • bloodyad - Active Directory privilege escalation framework (Submitted by @Arszilla)
  • certi - Ask for certificates to ADCS and discover templates (Submitted by @Arszilla)
  • chainsaw - Rapidly search and hunt through Windows forensic artefacts (Submitted by @Arszilla)
  • findomain - Fastest and most complete solution for domain recognition (Submitted by @Arszilla)
  • hexwalk - Hex analyzer, editor and viewer
  • linkedin2username - Generate username lists for companies on LinkedIn
  • mssqlpwner - Interact and pwn MSSQL servers
  • openssh-ssh1 - Secure SHell (SSH) client for legacy SSH1 protocol
  • proximoth - Control frame attack vulnerability detection tool (Submitted by @TechnicalUserX)
  • python-pipx - Execute binaries from Python packages in isolated environments
  • sara - RouterOS Security Inspector (Submitted by @casterbyte)
  • web-cache-vulnerability-scanner - Go-based CLI tool for testing for web cache poisoning (Submitted by @Arszilla)
  • xsrfprobe - An advanced Cross Site Request Forgery (CSRF/XSRF) audit and exploitation toolkit.
  • zenmap - The Network Mapper (nmap) front end (zenmap-kbx is no longer needed!)

There have also been numerous packages updates and new libraries as well. We also bump the Kali kernel to 6.11!

Kali Linux 2024.3 Release (Multiple transitions)

With summer coming to an end, so are package migrations, and Kali 2024.3 can now be released. You can now start downloading or upgrading if you have an existing Kali installation.

The summary of the changelog since the 2024.2 release from June is:

Qualcomm NetHunter Pro Devices - Qualcomm Snapdragon SDM845 SoC now supported

New Tools - 11x new tools in your arsenal

Our focus has been on a lot of behind the scenes updates and optimizations since the last release. There have been some messy migrations, with multiple stacks, all interrelating (transition have been like buses, all coming at once!). After the t64 transition finished up, it was straight into multiple other transitions: GCC 14, the glibc 2.40, and Python 3.12.

This last one is the most significant! This new Python release removed some long-deprecated APIs, breaking a fair number of packages. We have been busy fixing it all (weeks of work!), we are almost there, Python 3.12 will be the default in the next version of Kali - 2024.4. With Python 3.12, there will be a major change for users: it won't be possible to install Python packages with pip anymore. We wrote about that a year ago already, we invite you to read that again if you are an avid user of pip.

But that will be for the next Kali release, 2024.4, due by the end of the year. In the meantime, this new release 2024.3 still has Python 3.11 as the default Python interpreter.

An unfortunate consequence of this situation is that, as the whole Python 3.12 stack did not enter Kali-rolling yet, it also blocked other packages (seemingly unrelated to Python) from entering Kali-rolling. In other words, over the last 2 months the pace of updates in Kali-rolling went down, making this release less exciting than usual. This temporary slowdown should end in the coming days and weeks, as Python 3.12 finally hits Kali-rolling. At this point packages will resume flowing as usual, so users of Kali-rolling should be ready for a lot of updates!

To finish: apart from packaging, various projects either got started or continued to make progress, but are not ready for release just yet (such as having a new Kali forum, NetHunter Store updates and refreshing Kali-menu).

New Tools in Kali

This Kali release is about package updates. For end users its mostly about new tools added, for us, its about the updated stacks!

The community once again has set up and added various new tools. Long term contributor @Arszilla has been busy again! Here is a highlight of what new tools have been added (to the network repositories):

  • goshs - Think SimpleHTTPServer, but written in Go, and with more features
  • graudit - Grep Rough AUDIT: source code auditing tool
  • gsocket - Allows two machines on different networks to communicate with each other
  • hekatomb - Extract and decrypt all credentials from all domain computers (Submitted by @Arszilla)
  • mxcheck - Info and security scanner for e-mail servers (Submitted by @Arszilla)
  • netexec - Network service exploitation tool that helps automate assessing the security of large networks (Submitted by @Arszilla)
  • netscanner - Network scanner & diagnostic tool with modern TUI (Submitted by @Arszilla)
  • obsidian - Private and flexible writing app that adapts to the way you think
  • sippts - Set of tools to audit SIP based VoIP Systems (Submitted by @Arszilla)
  • sprayhound - Password spraying tool and Bloodhound integration (Submitted by @Arszilla)
  • sqlmc - Check all URLls of a domain for SQL injections (Submitted by @Arszilla)

It goes without saying, that there has been numerous packages updates and new libraries as well.

Again, we want to shout out Arszilla and his multiple contributions. Always remember, you can contribute as well! We are always open for engagement from you if you want to get involved.

As hinted in our previous 2024.2 release, the Kali kernel is now also at 6.8.

Kali NetHunter Updates

Kali NetHunter 2024.3 has been held back for the the time being, as we are busy upating the build infrastructure. We will release the updated images when they are ready (hopefully in a few weeks), and talk whats new with them in the next Kali release 2024.4 (Bye Mana!).

Fortunately, we can say there are new supported devices! We are excited to release Kali NetHunter Pro images for devices with a Qualcomm Snapdragon SDM845 SoC (System on a Chip), such as:

  • OnePlus 6/6T
  • SHIFT SHIFT6mq
  • Xiaomi Pocophone F1 (aka Poco F1)

Thanks to @Shubhamvis98 for his amazing work to make this happen!

There is also good news for Hungarian NetHunters! Check out "HnLVIP NetHunter" (1st August 2024), in this podcast by @hackeslangos featuring @yesimxev, talking about getting into NetHunter, an OffSec journey and more! You can listen to it here:

  • Apple
  • Spotify

Kali ARM SBC Updates

  • We now pass QEMU_CPU=cortex-a72 to the build scripts when building an arm64 image on an amd64 host, which should speed things back up considerably.
  • USBArmory devices should now properly start their DHCP server
  • Support has been added for the Raspberry Pi 4 Compute Module Wi-Fi device
  • Raspberry Pi 5 kernel version has been bumped to 6.6
  • additionally due to the new firmware in use on it, if you use an A2 rated microSD card, you should see 2-3x speedup of random access
  • Pinebook kernel has been reverted back to a 6.1 kernel due to graphical glitches, and LCD not working on newer kernels
  • We have cleaned up the build dependencies list, so we do not make users install a bunch of dependencies that are no longer used when building their own custom image.