Frequently Asked Questions (FAQ)

Kali Linux is an open-source, multi-platform distribution geared towards various Information Security tasks, such as Penetration Testing, Security Research, Computer Forensics, Reverse Engineering, Vulnerability Management, and Red Team Testing.

As Kali Linux is multi-platform, it gives you a strong, stable, known baseline to operate from regardless of where you use it, such as:

• Bare metal - Desktops, laptops and netbooks, and servers
• Virtual machines - VMware, VirtualBox, Hyper-V, and QEMU
• Live environments - DVDs and USB drives
• Cloud - AWS, Azure, and Linode
• Containers - Docker, Podman, and LXC/LXD
• WSL - Windows Subsystem for Linux for Windows 10 and higher
• ARM SBC - Raspberry Pis and PineBook etc

Kali Linux is a professional penetration testing focused Linux distribution, and can be used for practice of offensive and defensive tactics, out-of-the-box.

You can learn even more about Kali Linux and its features, history, and initial release in our documentation.

If you are a security assessor then yes, as Kali Linux is a penetration testing focused Linux distribution. Kali Linux’s releases have been through various checks and tests to give as much of a stable environment as possible when working in isolated air-gap networks.

If you are trying to break into the information security industry then yes! Kali Linux can help you by giving access to a wide range of tools at your fingertips allowing you to learn and practice as much as possible.

If you are exploring or curious about security, then yes! Kali Linux can help you scratch that itch quickly and get your feet wet as everything you need is ready out-of-the-box.

If you are not doing frequent penetration assessments or not able to have a dedicated machine just for this, then you can still use Kali Linux. With some alterations, you can modify your setup to make it more of a “daily driver” OS, allowing you to do more transitional day-to-day activities such as “office work”, or playing video games.

Yes!

Should you choose to use Kali Linux in this way, you are able to make it more of a generic Linux system, as long as you are willing to learn and adapt your system to the various scenarios.

If this is case, we would recommend removing as many security tools as possible, which is easier during installation by not selecting packages. Afterwards, further modifications can be done utilizing kali-tweaks to harden:

• Kernel
• OpenSSL
• Samba
• SSH

You also may want to switch to the kali-last-snapshot branch, which will reduce the frequency of updates.

Yes!

Kali NetHunter is a free and open-source Mobile-Based Penetration Testing Platform for Android devices, with Kali Linux features built-in.

Kali NetHunter is made up of:

• A Kali Linux “container”, that includes all the tools and applications that Kali Linux would provide (utilizing a chroot)
• Kali NetHunter Desktop Experience (KeX), which fully runs a Kali Linux desktop session. This has support for screen mirroring via HDMI or wireless screen casting
• A Kali NetHunter App, which is a wrapper to quickly launch common commands, items, and attacks.
• A Kali NetHunter App Store and client in order to include even more purpose-built security apps.

Because Android is used as the base, you can install it on a wide range of mobile devices, such as smartphones, tablets, and even smartwatches! There are pre-created images, otherwise you can create one yourself for your device.

Kali NetHunter and Kali NetHunter Pro Both are free and open-source - Kali. Does. Not. Cost.

The difference between Kali NetHunter and Kali NetHunter Pro is what they are based on:

• Kali NetHunter is based on Android - As a result, most Android devices are supported.
• Kali NetHunter Pro is based on Linux - Which is only supported on a very limited number of devices.

Kali NetHunter Pro is more similar to Kali Linux, as they both are using Linux.

Kali NetHunter Pro is still being developed and quite early in its life cycle, for more information see our Kali NetHunter Pro announcement blog post.

Kali Linux is neither slow or bloated.

In general, Kali Linux:

• Competes with other distributions’ boot timing.
• Uses Xfce as the default desktop environment, and with only a limited amount of standard supported plug-ins, which makes it very light on resources.
• Has a default pre-installed tool selection that covers only what is required to complete most modern penetration assessments, without having many duplicate tool functionality and techniques.
  • We have also made it as simple as possible to remove every pre-installed tool by using “metapackages” to allow for fine granular control later, or expand from the default techniques offering to cover even more scenarios, reaching for edge-cases (perfect if you are doing air-gap work).

Slow

When saying that Kali is “slow”, do you mean Kali Linux is “slow” at starting up? Or do you mean when using Kali Linux, when inside the desktop, clicking about?

Over the years we have taken actions to reduce the footprint of Kali Linux to lower system requirements. This was mainly to benefit lower specification machines to gain better performance.

An example of this was switching from GNOME to Xfce in November 2019. We have always used either Xfce or headless for our ARM Single Board Computers (SBC), whereas our desktop images would use GNOME. We wanted to create the same experience regardless of the platform. As we also noticed a uptick trend in people using VMs more. This meant some of the more rich features, such as touch screen support, which GNOME offers, was not required thus Xfce was better suited. Summary: More features, required more resources - which most users did not require.

Another item is our default disallow network service policy. We have always had this in place, which means any externally-listening services do not come up by default. A side effect of this means, unless users configure them to, less daemons are running during start-up.

Bloated

With regards to being “bloated”:

• Commonly people mean the amount of default pre-installed packages are too many or not as relevant to them.
• Otherwise, it is the amount of services running is too high for them.

With what packages get installed by default, we are continuously fine-tuning our selection which makes sure that Kali Linux is able to adapt and be relevant for current networks and modern infrastructure. We understand that not every assessment has the same scope, as well as the age of the networks differing vastly. On top of that, users may specialize in certain sections. As a result, we need to cover as wide selection as possible, but yet still be relevant. We re-evaluated and reduced duplicate/overlapping features/functionality when multiple tools are able to achieve the same technique and at this stage, we migrate the tool out of the default pre-installed tool listing to our “legacy” option (kali-linux-large) which can be selected during installation. This option allows you to choose your preferred/familiar tool to achieve the same action, rather than how to complete the technique, rather than breaking users workflows.

With all of this, we did a big push in September 2019, to make it easier to choose during setup:

• Nothing - No pre-installed tools, just the core items to operate, allowing you to hand pick exactly what tools you want

• Default - Items required for common assessments.
• Large - This is to reach more un-common “edge cases” on assessments, with a choose of multiple tools.

If you are saying Kali Linux is bloated due to the amount of services running, like before, our default policy disallows network services. Local services, as Kali Linux is based on Debian, are also a talking point as there are some Linux users who believe this eco-system and approach is not required for them which is why they prefer even more fine grain control of packages by using OSs such as Arch Linux or Gentoo Linux. We feel that we have what is necessary for Kali Linux to operate in a modern penetration assessment, but should someone disagree they can create a custom ISO to disable these by default.

The pre-installed tools is a fine line. InfoSec is a fast moving, quick changing item. Many “common” or “hot trend” techniques being used now were not 5 years ago, and will not be in 5 years. As a result, the tools required change. So our pre-installed tools do too.

Out-of-the-box, we try and cover what you would “typically” see in a penetration assessment “today”. We also have an option to expand this with metapackages, such as kali-linux-large.

There are multiple tools which have overlapping features or techniques, and we are looking to cover technique coverage rather than “what tools”.

We cannot please everyone out-of-the-box, which is why we aim to make it as simple as possible to support as many users and use cases as possible. Depending on why you are using Kali, what you want to use Kali for, yes, there could be a percent of tools/packages that you may not need (only doing web tests? Don’t need Wi-Fi!)

Out-of-the-box we have selected only the essential tools to do a generic penetration test for a typical assessment. It is possible to install more, or less, tools by selecting which collection of tools you desire during installation. This can also be modified later by utilizing apt and installing or removing metapackages.

Not since January 2020!

Kali Linux (and BackTrack Linux before it) used to use root as the default user. This was primarily due to many of the tools which used to be included by default, requiring additional privileges to function. As Kali Linux adapts over time to match what is commonly found in modern penetration assessments, more tools today now operate in user-land rather than needing kernel access. As a result, we have introduced user-creation during installation and a standard user for our pre-made images.

There are still a limited amount of tools which do require these extra privileges. When selecting them through the menu, they will automatically be launched in a root terminal. Using the command line, a “helper script” will have been installed to act as a wrapper to get your attention. We will always recommend taking the time to get to know and understand the tools which you are running. A good example of this is Network Mapper (Nmap). It is able to perform a network port scan when in user-land. However, it will change its default scan method when there are elevated permissions.

Should you wish, you can still use the root account, by default, without logging into a personal account and then switching to it. We discourage doing this unless you know what you are doing and are using Kali Linux for generic activities, and not for penetration testing.

We would encourage daily activity, and generic usage, to be done as much through a non-root access as possible.

It lowers the security of your system.

If your machine gets compromised (either by an out-dated network service running, or 0-day client-side attack, or any other means), there is no privilege escalation required. The adversary would have complete control over your machine, data, and access.

Running as a non-root user helps to lower this risk, as it adds another layer of defense. Other steps can be done to further secure your machine such as using AppArmor or SELinux. You can also follow some other practices to increase security.

We have a documentation page that covers a wide range of platforms you can find Kali Linux on, as well as a blog post about this to help you narrow it down.

In general, when in doubt, we would recommend to try Kali Linux in a virtual machine.

If you mean what [“platform” or “flavor” of Kali Linux](/docs/introduction/kali-linux-image-overview/, rather than version, it depends on what you are using it for - see here for the answer

We are always going to recommend the latest version.

You can grab the most recent “stable” image which would be our “point release” images from Get Kali, as these go though a series of manual and automated testing. However, if you are more advanced and feel more confident, because Kali Linux is a rolling distribution, you can get our weekly images, which are automatically generated and as these are automatically created, they do not go through the same amount of testing as our “point releases”.

If you are starting out, we would recommend trying Kali Linux in a virtual machine.

You can download and import one of our pre-made virtual machines!

Once booted and logged in, be sure to update.

It is not something to worry about as long as you verify the checksum.

This can happen as Kali Linux has scripts and tools designed for penetration testing, and some antivirus will detect and identify it as malware. They do not realize how the files are going to be used - have they been used on you, or are you going to use them? Malware solutions are not aware of the scenario. An example of this is Kali Linux contains “exploits” (either stand alone scripts or as part of other tools), which can be used to target and break into other machines. It is a case of how these files are going got be used (rather than have they been used). This is a reason that it is important to understand the tools and how they work before using them.

Typically when this happens, you can set an exclusion for the file and download Kali Linux like normal. This is covered in our documentation: Running Kali Linux as a Virtual Machine in Windows.

We do not announce the next release until it is available to download.

However, there are some clues that people can follow to learn how close to the next release we may be:

• We aim to do four major point releases each year - once a quarter
• Usually on a Tuesday, not on a Friday
• Typically around the same time every year adjusting for holidays or events
• Before we release, we slow down, then pause package updates starting a few weeks leading up to it
• You may also see markers in our build logs

In general, it does not matter when the next release is as we have weekly images which can be installed and updated, and as Kali Linux is a rolling release distribution you will not have to wait for the quarterly releases for updates.

You can find the full list of default credentials in our documentation page!

They also should be in the VM description, along with some other useful information.

Try them and decide for yourself!

You can customize them all as much, or as little, as you like. On top of that, they are always evolving and updating, bringing new features and changes with each release. Commonly, a lot of users will say:

• GNOME - Offers the most feature rich desktop experience (We would recommend using this when installing on bare-metal)
• KDE - Windows users often find this more similar design and layout (We would recommend using this when installing on bare-metal)
• Xfce - Less resources requirements, giving a fastest experience as it is designed to be “minimal features” (We would recommend using this when installing in a VM)

Don’t worry, this isn’t all of them! There are numerous others such as: Cinnamon, MATE, i3, and many many many others.

While these are the only three available during installation, we have a lot more in our repositories you can install afterwards!

We feel these three are the most popular desktop environments, as a result we test and support them. Upon doing so, we have also taken the time to add our own theme and customized them to give the best out-of-the-box experience.

The Kali community also likes other desktop environments, and some have contributed their own customizations, such as i3 (in November 2022, i3-gaps merged into i3). If you like a certain environment, and want to contribute with theming it, please do!

There are a few available sources you can consult for help:

• Our documentation has a troubleshooting section
• Search our community forums
• Ask in our community Discord server
• An Internet search engine (e.g Google, Bing, DuckDuckGo, Startpage etc).
  • Tip #1: Try using “Kali” as a search term. Afterwards, then try “Debian” (As this is what Kali Linux is based on
  • Tip #2: Try searching for the exact error - either what is on screen or in a log file. You may need to make it more verbose/enable debug mode. Afterwards, keep shortening or making the line more generic
  • Tip #3: Search what it is that you are trying to do with the software package name as a term

Please note, our community is filled with volunteers and we should be respectful of their time and efforts.

There are countless ways! How are you wanting to customize it? Looks/design/theme? Functionally? Shortcuts?

You can look over these links which discuss a wide number of ways of customizing Kali Linux:

Creating

• Creating a Kali Linux i3-gaps installation
• Modifying the Kali Linux image
• Creating a custom Kali Linux image using live-build
• Mastering live-build

Installing

• Installing barebones Kali Linux - minimal installation, allowing for more fine control over packages

Using

• Enabling root user account

Packages

• All about Kali Linux Metapackages
• Using End-Of-life (EOL) Python versions
• Using Flatpak package management
• Using Snap package management

Create the file in /etc/apt/sources.list.d!

Instead of polluting /etc/apt/sources.list with extra repositories which may break Kali Linux, manage them better with the /etc/apt/sources.list.d directory. An example of this would be in our Installing Docker on Kali Linux page.

No!

As pip install is on the way out, using apt package manager is the recommend way. If there is not a Python package available or you would like something updated, we suggest submitting a bug request.

There is not a one answer fits all with this. As a starting point:

• Check to see if the tool has either a man page or help screen.
  • Tip #1: man <tool>
  • Tip #2: <tool> -h, or <tool> --help
• Search for the tool’s documentation page on the Kali Linux site
• Look for any official documentation

This can be for quite a few reasons.

We have a documentation page that can help you to narrow it down.

Please also ensure you are using sudo prior to the apt.

As a rule of thumb:

• If it works with Debian, it should work with Kali Linux
• Using bleeding edge hardware is often possible with Linux as a whole, but is more recommended for advanced users

You may find that most functionality works, but a limited amount of minor items may not (such as keyboard control shortcuts for volume or brightness).

If you are trying to use Kali Linux in a Virtual Machine, you may notice that you cannot access certain things such as Graphics cards (GPUs) or Wireless Networks (Wi-Fi). This is because of the Virtual Machine software (i.e. VirtualBox or VMware). They create virtual hardware, which act as a “middle man” so you no longer interact with actual physical hardware. Advanced users are able to do “passthrough”, which would allow for this to happen, but it does have some draw backs as you need to disconnect it from the host and “map” it into the VM.

If you use Kali Linux in a Virtual Machine and are unable to find any Wi-Fi networks, start with reading the reply here which may give you some background. Rather than doing “passthrough” the easiest option would be to use additional hardware, which may mean purchasing an external USB Wi-Fi device.

If you are not using a Virtual Machine, or the above does not answer your question, please see our troubleshooting page on this issue: Troubleshooting Wireless Drivers

Unfortunately this is not as easy to answer as it sounds. Are you wanting to support 2.4 GHz? 5 GHz? WPA3? The range? Are you wanting to upgrade it at any stage? How much budget do you have?

If you are unsure of the answers above, you may benefit from reading these recommendations, as these should be supported cards which can be purchased based on your preferences and shipping availability

We have a few available places that Kali Linux users can interact with each other:

• Our community forums
• Our official community Discord server
• Our community IRC channel

There are also other areas Kali Linux has a presence, and you can see the full list here: Kali Linux Community and Support.

We have a page in our documentation that can walk you through all the different ways: Contribute to Kali.

We welcome any and all contribution - big or small! Help comes in various forms, it could be the Kali Linux project itself, or other users. It could be the Kali Linux operating system, packages, documentation or infrastructure. It could be adding new features, reporting or fixing issues. Do you have an idea of what you would like worked on? Or are you wanting a starting point? Read the page. and afterwards get in touch!