Whenever we are given the opportunity to describe Kali Linux, we use the word “powerful“. Have you ever wondered or asked yourself why exactly we consider Kali to be so “Powerful”? Why is Kali any different or better from say, an Ubuntu machine with a bunch of security tools preinstalled on it? After all, our nmap package isn’t any better than anyone else’s, is it?
Flexible Penetration Testing Platform
One of the major benefits of Kali Linux is that it’s not merely a bunch of tools pre-packaged into a Linux distribution. Kali is a real “Penetration Testing Platform” – and that’s not just a cool buzzword we use. Derived from the rock solid Debian platform, Kali is flexible enough to provide features such as:
- Rolling distribution with seamless updates and upgrades.
- Automated installations using preseed files including network and PXE installs.
- Ability to easily create custom Kali images using live-build, with multiple WM support.
- Whole disk encryption during installation.
- Multiple ARM images for a wide variety of hardware
- Accessibility support for blind and visually impaired users.
- Bleeding edge repositories.
Each one of these features provides multiple interesting opportunities for penetration testers, security auditors, and forensics folks alike. We would like to present a few simple scenarios which we had the opportunity to implement, demonstrating just how powerful Kali Linux can be.
Scenario 1 – Simple Deployment of Kali Scanning Agents
Consider the following scenario – you are a security administrator of a multi-national corporation. You are asked to run a vulnerability scan on each of your twelve offices, located in different parts of the world. Naturally, you have an insignificant budget to complete this task and the VA results need to be submitted to management ASAP. How would you go about accomplishing this task? This would be the “Kali” way: