Major Metapackage Makeover

With our 2019.3 Kali release imminent, we wanted to take a quick moment to discuss one of our more significant upcoming changes: our selection of metapackages. These alterations are designed to optimize Kali, reduce ISO size, and better organize metapackages as we continue to grow.

Before we get into what’s new, let’s briefly recap what a metapackage is. A metapackage is a package that does not contain any tools itself, but rather is a dependency list of normal packages (or other metapackages). This allows us to group related tools together. For instance, if you want to be able to access every wireless tool, simply install the kali-tools-wireless metapackage. This will obtain all wireless tools in one download. As always, you can access the full list of metapackages available in Kali on If you prefer to use the command line, the following command will list out the packages that will be installed via a specific metapackage:

root@kali:~# apt update
Hit:1 kali-rolling InRelease
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
root@kali:~# apt depends kali-tools-wireless
  Depends: kali-tools-802-11
  Depends: kali-tools-bluetooth
  Depends: kali-tools-rfid
  Depends: kali-tools-sdr
  Depends: killerbee
  Depends: rfcat
  Depends: rfkill
  Depends: sakis3g
  Depends: spectools
  Depends: wireshark

We took the time to create new metapackages and rename existing ones, and we did the same with the tools listed inside of them. As a result of these changes, we’ve implemented a new naming convention for simplicity and improved granular control. At the end of the post there is a table displaying the relationships between previous and new names moving forward, along with a description of the metapackage purpose.

If you have made it this far, you are likely wondering “how does this affect me”?

  • If you are using a version of Kali older than 2019.3, if and when you upgrade, you will still have the same set of tools (just newer)!
  • However, if you do a fresh install of Kali with a version higher than either weekly W34 or 2019.3 ISO, you will notice some of the tools that get installed by DEFAULT have changed (we have put Kali on a diet!)

Previously, kali-linux-full was the default metapackage, which has been renamed to kali-linux-large with a redirect put in place. We have introduced a new default metapackage called kali-linux-default, which serves as a slimmed-down version of the tools from kali-linux-large.

Depending on how you use Kali will determine which metapackage would suit you best. This is the power of metapackages. For example:

  • If you want a core set of tools, stick with kali-linux-default (designed for assessments that are straightforward ).
  • If you want a more general and wider range of tools, select kali-linux-large (useful if Internet access is permitted but slow).
  • If you want to be prepared for anything, go with kali-linux-everything (great if you are going to be doing air-gap/offline work)

Note: You can install multiple metapackages at once and are not limited to just one, so mix and match!

Each of these metapackages depends on the one above. That means, when we add a new essential tool to kali-linux-default, it is automatically part of kali-linux-large and thus kali-linux-everything. Otherwise, when we add a new tool that may not be useful to everyone, it will be placed into either kali-linux-large or kali-linux-everything - depending on our tool policy. More information about the new tool policy will be made public towards the end of the year. Stay tuned for some very exciting news!

How Kali is being used today has changed since when Kali (and even BackTrack) was first born. Not everyone needs all the tools at once - but they are still available when required. We have opted for a new default set of tools to match the majority of today’s current network environments, by removing edge cases and legacy tools which are rarely used.

Upon doing a system upgrade (apt -y full-upgrade) on a version of Kali older than 2019.3, you will see the old metapackage name being removed. This is safe. If you have tried to remove a tool before, you may have run into this (when the tool is part of a metapackage). This is also safe to remove, as it doesn’t remove any other tools. It simply means that when a new tool is added into that metapackage, you won’t receive it.

If you are running 2019.3 and want the old default set of tools, you can do either apt -y install <tool> for a one-off package installation or apt -y install kali-linux-large to get the old tool set back. For the 2019.3 release, we will be doing a one-off extra image, which is based on kali-linux-large to help with the transition.

Below are the tables with a complete breakdown of previous metapackages names, along with their new respective names:


These metapackages are used when generating our images

kali-linuxkali-linux-coreBase Kali Linux System - core items that are always included
newkali-linux-default“Default” desktop (AMD64/i386) images include these tools
newkali-linux-lightKali-Light images use this to be generated
newkali-linux-armAll tools suitable for ARM devices
kali-linux-nethunterkali-linux-nethunter (same)Tools used as part of Kali NetHunter

Kali Menu

These entries are based around the Kali menu

newkali-tools-information-gatheringUsed for Open-source Intelligence (OSINT) & information gathering
newkali-tools-vulnerabilityVulnerability assessments tools
kali-linux-webkali-tools-webDesigned doing web applications attacks
newkali-tools-databaseBased around any database attacks
kali-linux-pwtoolskali-tools-passwordsHelpful for password cracking attacks - Online & offline
kali-linux-wirelesskali-tools-wirelessAll tools based around Wireless protocols - 802.11, Bluetooth, RFID & SDR
newkali-tools-reverse-engineeringFor reverse engineering binaries
newkali-tools-exploitationCommonly used for doing exploitation
newkali-tools-social-engineeringAimed for doing social engineering techniques
newkali-tools-sniffing-spoofingAny tools meant for sniffing & spoofing
newkali-tools-post-exploitationTechniques for post exploitation stage
kali-linux-forensicskali-tools-forensicsForensic tools - Live & Offline
newkali-tools-reportingReporting tools


These are tool listing based on the category and type

kali-linux-gpukali-tools-gpuTools which benefit from having access to GPU hardware
newkali-tools-hardwareHardware hacking tools
newkali-tools-crypto-stegoTools based around Cryptography & Steganography
newkali-tools-fuzzingFor fuzzing protocols
newkali-tools-802-11802.11 (Commonly known as “Wi-Fi”)
newkali-tools-bluetoothFor targeting Bluetooth devices
kali-linux-rfidkali-tools-rfidRadio-Frequency IDentification tools
kali-linux-sdrkali-tools-sdrSoftware-Defined Radio tools
kali-linux-voipkali-tools-voipVoice over IP tools
newkali-tools-windows-resourcesAny resources which can be executed on a Windows hosts


Useful metapackages which are “one off” groupings

kali-linux-fullkali-linux-largeOur previous default tools for AMD64/i386 images
kali-linux-allkali-linux-everythingEvery metapackage and tool listed here
kali-linux-top10kali-tools-top10The most commonly used tools
kali-desktop-livekali-desktop-live (same)Used during a live session when booted from the image
newkali-tools-headlessTools which do not require a GUI in order to access them


Tools used for Offensive Security’s courses

newoffsec-awaeAdvanced Web Attacks and Exploitation
newoffsec-pwkPenetration Testing with Kali

Desktop Managers

Desktop Environment (DE) & Window Manager (WM)

kali-desktop-commonkali-desktop-coreAny key tools required for a GUI image
newkali-desktop-e17Enlightenment (WM)
kali-desktop-gnomekali-desktop-gnome (same)GNOME (DE)
newkali-desktop-i3i3 (WM)
kali-desktop-kdekali-desktop-kde (same)KDE (DE)
kali-desktop-lxdekali-desktop-lxde (same)LXDE (WM)
newkali-desktop-mateMATE (DE)
newkali-desktop-pantheonPantheon (DE)
kali-desktop-xfcekali-desktop-xfce (same)XFCE (WM)

If you wish to create your own metapackage, see how we do it here, before you create your own package.