Introduction
Kali Linux is a Debian-based distribution specifically designed for penetration tests, security audit and forensic analysis.
History and origin
Developed by Offensive Security in 2013 as a successor to BackTrack, Kali Linux inherited a wide repertoire of tools and improved its stability by building on Debian's testing branch.
Main characteristics
Among its features are the custom kernel with injection patches, a light desktop environment (by default Xfce), and a rolling release package system that guarantees constant access to the latest versions of the tools.
Tools included
- Metasploit Framework for the exploitation of vulnerabilities.
- Wireshark for network traffic capture and analysis.
- Nmap for port scanning and discovery of hosts.
- Burp Suite for safety tests in web applications.
- Aircrack-ng for wireless network evaluation.
- John the Ripper and Hashcat for password cracking.
- SQlmap for detection and operation of SQL injections.
Installation and requirements
Kali Linux can be installed on hard drive, run in live mode from USB or run within virtual machines such as VirtualBox or VMware. The minimum requirements are 2 GB RAM, 20 GB disk space and a processor compatible with x86 _ 64 architecture.
Use cases and best practices
Security professionals use Kali for network audits, web penetration tests, malware analysis and incident response. It is recommended to keep the system up-to-date, to use isolated environments (such as containers or VMs) and to document thoroughly each step taken during a test.
Community and resources
The Kali Linux community offers official documentation, certified courses (such as OSCP), active forums and a continuously updated tool repository. Participating in events like Black Hat or DEF CON and following Offensive Security blogs helps keep up with the latest techniques and threats.
