Users often request the addition of vulnerability scanners to Kali, most notably the ones that begin with “N”, but due to licensing constraints, we do not include them in the distribution. Fortunately, Kali includes the very capable OpenVAS, which is free and open source. Although we briefly covered OpenVAS in the past, we decided to devote a more thorough post to its setup and how to use it more effectively.
Recently, Mathy Vanhoef of imec-DistriNet, KU Leuven, discovered a serious weakness in WPA2 known as the Key Reinstallation AttaCK (or KRACK) attack. Their overview, Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse, and research paper (Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2, co-authored by Frank Piessens) have created quite a stir in our industry because the press touts that it “breaks Wi-Fi”.
One of the fun, and often necessary features of Kali Linux is the ability to create really killer, completely customized live-boot installations. Normally stored on a USB drive, these installations put the power of Kali Linux in your pocket, ready to roll whenever you need it.
Building Kali live USB installations is pretty straight-forward, whether you’re going plain vanilla, building in persistence so you can store files, going fully-encrypted (even arming a self-destruct passphrase), or customizing and building your own tailored install.
The Kali community is a pretty crazy thing. There are folks all over the world doing interesting things with Kali Linux and far too often, these cool projects get overlooked. Part of the problem is that the community is spread out all over the ‘net. We’re continuing to help build the Kali community to help with this problem, but that’s a slightly longer topic. In the meantime, we want to keep you well-informed about cool stuff that’s happening in our world-wide community. We’ll also be reaching out to standout members of our community, highlight their work, and get them involved in building our new community.