Finally, it’s here! We’re happy to announce the availability of the Kali Linux 2017.1 rolling release, which brings with it a bunch of exciting updates and features. As with all new releases, you have the common denominator of updated packages, an updated kernel that provides more and better hardware support, as well as a slew of updated tools - but this release has a few more surprises up its sleeve.
A couple of weeks back we added more HTTPS support to our Kali infrastructure, and wanted to give our users some guidance and point out what’s new. While our Kali Linux download page (and shasums) has always been served via HTTPS, our mirror redirector has not. Now that we generate weekly images, secure access to the mirror redirector has become crucial.
Due to increasing popularity of cloud-based instances for password cracking, we decided to focus our efforts into streamlining Kali’s approach. We’ve noticed that Amazon’s AWS P2-Series and Microsoft’s Azure NC-Series are focused on Windows and Ubuntu. The corresponding blog posts and guides followed suit. Although these instances are limited by the NVIDIA Tesla K80’s hardware capabilities, the ability to quickly deploy a Kali instance with CUDA support is appealing.
Introducing the KLCP Certification After almost two years in the making, it is with great pride that we announce today our new Kali Linux Professional certification - the first and only official certification program that validates one’s proficiency with the Kali Linux distribution.
If you’re new to the information security field, or are looking to take your first steps towards a new career in InfoSec, the KLCP is a “must have” foundational certification. Built on the philosophy that “you’ve got to walk before you can run,” the KLCP will give you direct experience with your working environment and a solid foundation toward a future with any professional InfoSec work. As we continually see, those entering the OffSec PWK program with previous working experience with Kali, and a general familiarity with Linux, tend to do better in the real world OSCP exam.
We’re happy to announce that we’ve once again listed our Kali Linux images on the Amazon AWS marketplace. You can now spin up an updated Kali machine easily through your EC2 panel. Our current image is a “full” image, which contains all the standard tools available in a full Kali release. Once your instance is running, connect to it with your SSH private key using the “ec2-user” account. Don’t forget to update your Kali instance to get the latest packages and bug fixes. Type as root (or sudo): apt update && apt dist-upgrade. We are “selling” these images on the marketplace for free, so other than the regular Amazon charges, there are no extras to pay. The Kali team would like to take this opportunity to thank @r0kh for his efforts of getting Kali back on track (no pun intended) and working flawlessly in AWS. If you plan to use these Kali images for penetration testing in an AWS environment, make sure you check out the Amazon penetration testing request form.
Kali Linux in the Azure Marketplace Over the past couple of weeks we’ve been working on building and implementing Kali 2016.2 in the Azure Marketplace. We’re happy to announce that from today on, you can spin up a Kali machine from the Azure Marketplace. In just a few seconds, you can have a full penetration testing toolset at your fingertips for no additional cost (other than the standard Azure pricing). If you are a new Azure customer, you can create a free account and receive $200 credit. If you are performing penetration testing, please refer to the Azure Testing Request for more information.
We’re well recovered from the Black Hat and DEF CON Vegas conferences and as promised, we’re launching our second Kali Rolling ISO release aka Kali 2016.2. This release brings a whole bunch of interesting news and updates into the world of Kali and we’re excited to tell you all about it.
Kali Linux Dojo, BlackHat 2016 - Las Vegas We have really enjoyed doing the Dojo at Black Hat the last few years. It’s been a great opportunity to show off some of the lesser known (but oh so useful) features of Kali Linux as well as interact with the user base. But one of the limitations of the previous structure was that while this was a hands-on exercise, many attendees moved at different paces from each other. So we wanted to move towards more of a “self service” model where attendees can drop in, have access to the training material, and will be free to work at their own pace. We accomplished with the new model we will be premiering this year, allowing everyone to take as much, or as little, time needed to get a working Kali install customized to their desires. While this is being done, Kali developers will be onsite and interacting with everyone on a consistent basis.
The folks at Black Hat have been kind enough to invite us once again to deliver a Kali Dojo in Las Vegas this year. The event will be held on the 4th of August at the Mandalay Bay hotel, and will be open to all Black Hat pass types. This year our Dojo will be set up differently, allowing for a larger crowd and much more interaction. We are going to hold a full day event, featuring several main activity areas :
Our First Release of Kali-Rolling (2016.1) Today marks an important milestone for us with the first public release of our Kali Linux rolling distribution. Kali switched to a rolling release model back when we hit version 2.0 (codename), however the rolling release was only available via an upgrade from 2.0 to kali-rolling for a select brave group. After 5 months of testing our rolling distribution (and its supporting infrastructure), we’re confident in its reliability - giving our users the best of all worlds - the stability of Debian, together with the latest versions of the many outstanding penetration testing tools created and shared by the information security community.