- Base Images
- Kali On ARM
- Gem PDA
- Raspberry Pi - Full Disk Encryption
- Galaxy Note 10.1
- Raspberry Pi
- Acer Tegra Chromebook 13"
- ASUS Chromebook Flip
- BeagleBone Black
- Cubieboard 2
- HP Chromebook
- ODROID U2
- Raspberry Pi - Disk Encryption
- Raspberry Pi 2
- Samsung ChromeBook
- Samsung Chromebook 2
- USB Armory
- Utilite Pro
- Kali NetHunter Documentation
- NetHunter Rootless
- Installing NetHunter
- Installing NetHunter On the Gemini PDA
- NetHunter Components
- NetHunter Home Screen
- NetHunter Chroot Manager
- NetHunter KeX Manager
- NetHunter USB-Arsenal
- NetHunter BadUSB Attack
- NetHunter Application - Terminal
- NetHunter Custom Commands
- NetHunter DuckHunter Attacks
- NetHunter HID Keyboard Attacks
- NetHunter Kali Services
- NetHunter MAC Changer
- NetHunter MANA Evil Access Point
- NetHunter Man In The Middle Framework
- NetHunter Metasploit Payload Generator
- NetHunter Nmap Scan
- NetHunter Exploit Database SearchSploit
- Wireless Cards and NetHunter
- Building a New Device File
- Building NetHunter
- Porting NetHunter to New Devices
- Testing Checklist
- Patching the Kernel
- Configuring the Kernel - General
- Configuring the Kernel - Network
- Configuring the Kernel - Wifi
- Configuring the Kernel - SDR
- Configuring the Kernel - USB
- General Use
- Kali Network Repositories (/etc/apt/sources.list)
- HiDPI (High Dots Per Inch) Display
- Install NVIDIA GPU Drivers
- Kali Linux XFCE FAQ
- Kali Linux Forensics Mode
- Kali Linux Metapackages
- Configuring Yubikeys for SSH Authentication
- Kali In The Browser (Guacamole)
- Kali In The Browser (noVNC)
- All about sudo
- Updating Kali
- Kali's Domains
- Kali Development
- Public Packaging
- ARM Cross-Compilation
- Building Custom Kali ISOs
- Custom Beaglebone Black Image
- Custom Chromebook Image
- Custom CuBox Image
- Custom EfikaMX Image
- Custom MK/SS808 Image
- Custom ODROID X2 U2 Image
- Custom Raspberry Pi Image
- Generate an Updated Kali ISO
- Live Build a Custom Kali ISO
- Preparing a Kali Linux ARM chroot
- Rebuilding a Source Package
- Recompiling the Kali Linux Kernel
What is a branch?
A branch is an alternative version of some software, in this case of the Kali OS. Kali Linux has multiple branches which allows for users to decide how up to date their packages will be. Kali Linux is similar to Debian in many regards, one of which is the use of branches.
You may have multiple branches enabled at once. However, switching branches may introduce problems, as packages may be at different versions, and unavailiable or unstable in certain cases.
First are the main branches, which are the most frequently used, and the most stable. These are often seen as “safe”.
- kali-rolling is the main default branch that most should be using. It is being continuously updated, as it pulls from
kali-devafter ensuring questionable packages are stable and combining them with packages from
kali-rolling-only. From time to time, a package bug may slip into here, due to bugs in
- kali-last-snapshot is a branch of Kali that can be used if users want a more standard feeling of software control. For every new release, we freeze the code and merge
kali-last-snapshot, at which point users will get all of the updates between versioned releases (i.e. 2019.3 -> 2019.4). This often is more stable, as packages are not updated (until the next release as it’s a “Point Release”) and go thought our release testing. This is the “safest” option.
Next are those that you will likely not need except in very special cases:
- kali-experimental is a staging area for work-in-progress packages.
- kali-bleeding-edge contains packages that are automatically updated from the upstream git repositories. This branch has the potential to be very unstable.
- kali-dev is the development version of Kali. It is created by combining three other branches:
debian-testing. Its mainly used for merging Debian’s updates with the changes maintained by Kali.
- kali-dev-only is the development distribution with Kali-specific packages. This branch is auto-merged into
- kali-rolling-only is a repository for packages that need to quickly reach
Branches used to assist with other branches
- kali-debian-picks contains packages cherry-picked from
debian-unstable. It is auto-merged into
- debian-testing is a mirror of Debian’s testing distribution. This is used to build
- debian-experimental and debian-unstable are partial mirrors for specific packages that we want to cherry-pick.
Below is a diagram showing the relationship between the branches.
debian-experimental -> debian-unstable -> debian-testing -> kali-dev -> kali-rolling -> kali-last-snapshot | | ^ ^ ^ | v v | | | v ---------------------------------> kali-debian-picks -| | | --> kali-bleeding-edge | | ^ kali-experimental -> kali-dev-only -----------------------------| | | | Upstream kali-rolling-only --------------------------------------------------------|
Debian has three main options:
Stable is the “safe” Debian branch. Around every two months, it is updated with a “Point Release”, which is often just security updates. Packages don’t generally get a version upgrade during this time, due to potential incompatibility and thus instability. This is the Debian equivalent of kali-last-snopshot.
Testing is the closest thing there is to a Debian “rolling” distribution, where “rolling” means that as soon as a package update is available, it’s pushed out. Kali has used this branch as a starter for kali-rolling since January 2016.
Unstable is just after Debian’s package development happens. The packages have been created, but not fully tested. Kali doesn’t have an equivalent, as it is a rolling distribution.
For more information about how Kali relates to Debian, please see our policy page on the matter.