Kali Linux is the operating system most commonly used by ethical and malicious hackers for all aspects of cybersecurity. Kali includes just about every hacking tool imaginable, which means learning to use it is a journey, not a simple skill that can be mastered by watching 10-minute tutorials.
Kali is based on the Debian Linux distribution and includes hacking tools that can be used to perform and defend against brute force attacks, wireless attacks, IP spoofing attacks, reverse engineering attacks, password cracking, dictionary attacks, phishing attacks, SQL injections and many more.
Other Kali tools are more in line with ethical hackers using penetration testing tools, network security information gathering, vulnerability assessment, security testing, and security auditing. As a common platform, it also enables cybersecurity professionals to adopt an offensive rather than defensive security posture by proactively detecting vulnerabilities.
What tools are included with Kali Linux?
A better question is: what are cybersecurity tools no Included with Kali Linux? While some network security toolkits focus on a handful of the best categories of tools, Kali Linux is more comprehensive. While some cybersecurity platforms integrate multiple different utilities, Kali Linux can be considered a complete cybersecurity supermarket, offering many different tool suites.
The Kali distribution includes hundreds of tools in a dozen different categories. Some larger collections include:
- collect message. This category includes everything from identifying all the devices on the network (enumeration) to linking the media access control address of the network interface controller with the IP address to identifying open ports on the target server. Kali Linux information gathering tools include scanners such as Nmap and Wireshark, and information planning platforms integrating leading tools, often with a GUI for more comprehensive functionality.
- wireless attack. This category includes a wide range of utilities for conducting cybersecurity drills or hacking against wireless systems, including those connected via Bluetooth and Wi-Fi. The top Kali wireless utility is Aircrack-ng, a software suite that includes a network detector, wireless packet sniffer, and ) credential cracking tool.
- web application. This category covers a lot, and like everything in Kali, tools exist for almost any penetration testing or red teaming exercise involving web applications. While OWASP is a rich web security platform for web attack and defense that comes with Kali, OWASP Zed Attack Proxy is just one of many utilities that can be used to attack web applications.
- Password attack. This category includes stand-alone password cracking tools such as Hydra, Ncrack, Hashcat, and John the Ripper. It also includes utilities that help increase the effectiveness of any password cracking program, such as Crunch, a program for generating word lists; Ophcrack, a program for cracking Windows passwords using rainbow tables; and more.
Such a wealth of options makes Kali Linux a challenge for beginners looking for an easy introductory tutorial, but it also makes it an indispensable resource for experienced penetration testers or hackers. Take the Information Gathering category as an example. According to statistics, this category includes more than 60 individual tools.
While network protocol analyzers such as Nmap or Wireshark may be the most well-known information gathering tools, they’re not the only ones out there. Some lesser known ones are best for specific purposes. For example, Maltego is a utility for gathering open source information about targets using public websites such as Shodan, Wayback Machine Internet Archive, WHOIS lookups, and more.
InfoSploit is another specialized information-gathering tool that scans web servers for web application vulnerabilities in content management platforms such as WordPress and Joomla. More specialized is the WPScan tool, which probes WordPress sites and can detect potentially vulnerable versions of installed plugins.
Kali also includes the Metasploit framework, a more comprehensive network security platform that can be used for everything from port scanning to password sniffing, identifying active network services and finding potentially vulnerable Microsoft SQL Server implementations. However, if you want to identify the SQL servers on a particular website — including the ability to detect exploitable SQL injection flaws — then sqlmap is the utility for you.
Integration is one of the biggest benefits of using these tools on Kali Linux. Ethical hackers involved in penetration testing can use the Metasploit framework, which gives them access to any individual Kali Linux tool integrated with Metasploit. Another benefit of the Kali tool integration is that many security tools are designed as Unix processes that can be launched from the command line. Integrating these individual utilities into a more comprehensive platform means that users can get equally powerful results from the command-line tools integrated into the platform.
Gain skills using Kali Linux tools
Part of learning to use Kali Linux for network security tasks is understanding how Kali works to integrate all the personal network security tools a penetration tester or ethical hacker might need. As mentioned above, information gathering is not limited to the most commonly used packet sniffing tools such as Wireshark or Nmap. The use of these tools, especially when they are integrated into other platforms such as Metasploit, is built on the process of narrowing down the route to the information needed to complete the task.
That’s how Kali works best – built on the user’s experience with web security. Many general-purpose Kali tools are available for wireless hacking, but many are specifically designed to operate on Wi-Fi networks. For example, the Aircrack-ng suite includes password cracking tools for WEP and other wireless authentication protocols, as well as tools for capturing packets, crafting packet payloads for attacks, and more.
However, in the case of using Wi-Fi Protected Setup, the Reaver tool can help by performing a brute force attack on the WPS router. And, if Reaver itself isn’t enough, Pixiewps is a tool built on top of Reaver that targets different WPS vulnerabilities.
Likewise, the Burp suite of tools for pen testing focuses on testing web applications, using tools such as Spider, a web spider/crawler utility for mapping remote server endpoints. Repeater is a utility for repeating user request submissions with manual changes, for checking that remote servers are validating submissions and for finding web application vulnerabilities.
Kali Linux doesn’t just contain hundreds of different cybersecurity tools; it’s a platform of platforms, operating as a suite, containing a specific type of collection of tools, making it the ultimate social engineering toolkit.