Kali is a Linux distribution maintained by Offensive Security that was created for pen testing, ethical hacking, and network security assessments.
Kali is useful because it comes pre-installed with some of the most popular pen testing tools available. Some of these include:
- NMAP – A network scanner for discovering hosts and services.
- Wireshark – A tool used for network packet analysis.
- Airmon-ng – A toolkit for packet sniffing and cracking WEP/WPA/WPA2 security.
- Sqlmap – Used for database exploitation through server side sql vulnerability.
- Metasploit framework – Tool used for developing and running exploits against targeted machines.
- Vega – Recon tool used for scanning webservers for known vulnerabilities such as cross site scripting and sql.
Installing Kali is straightforward and can run on many devices because of the limited requirements. This includes: Virtual machines, Raspberry Pi (ARM processors), and most recently you can even spin up Kali on Amazon AWS.
Kali has a very active community where you can find tutorials, troubleshooting advice, and see what other users are doing with the OS. If you are interested in seeing exactly what is compiled into Kali you can view the Kali Linux Git repositories.
There are also multiple training programs available from Offensive Security including: Penetration Testing with Kali (PWKI), Offensive Security Wireless Attacks (WiFu), & Cracking the Perimeter (CTP).
To Learn More: