I read this a lot on the internet: I’m making familiar myself with Kali Linux! I want to learn Kali Linux! I’ve already installed Kali – now what? But what is Kali Linux anyway? How to learn Kali Linux? And is it really right for it to be so much in the spotlight?
What is Kali Linux?
Kali Linux is a free Linux distribution. It describes itself as an operating system aimed at various information security tasks – such as performing penetration tests, security research, computer forensics and reverse engineering.
What is Kali Linux based on?
Kali Linux is first of all just a Linux distribution based on Debian GNU/Linux, like Ubuntu Linux for example. Debian itself is a free open source operating system: Debian GNU/Linux is based on the basic system tools of the GNU project and the Linux kernel. It exists since 1993 and is appreciated by many Linux users as a very stable and free server operating system, but is also used as a desktop operating system. It has an exceptionally mature system for software package management, and is the mother – or father – of many other Linux distributions as well as Kali Linux. Kali Linux uses Debian Testing as its base. There is Debian in stable – that is the stable and well tested branch of Debian, which is always provided with security updates for a few years, but not with new functionalities. Kali is based on Debian Testing to get new versions of software packages on a regular basis. The publisher Offensive Security uses the large database of software packages from Debian Testing and complements it with other – free open source tools – for hacking or penetration testing. In principle, Kali Linux is just another Linux distribution based on Debian Testing with a few changes or additions.
How popular is Kali Linux?
Kali Linux is very popular, especially among hacking beginners. Primarily because it has the reputation as “the hacker Linux distribution” and is positioned accordingly in Offensive Security’s marketing. But most importantly, you don’t have to download and install various hacking tools from different sources, but can directly try and experiment with the installed hacking tools. That is the advantage of Kali Linux!
Is Kali Linux used in professional penetration testing?
Kali Linux is less used in professional penetration testing. On the one hand, you usually don’t need all the installed tools, but you need a stable Linux distribution for penetration testing instead that is not based on Debian Testing. There are penetration testers who have to use Windows as their operating system due to internal company requirements – my personal condolences at this point – and then use Kali Linux as a virtual machine. This can make sense in this setup, but I prefer to use Debian stable as operating system for penetration testing.
Now how do I learn Kali Linux?
Actually, the question how to learn Kali Linux is already wrong. Nevertheless, it is asked over and over again and haunts various forums: I want to learn Kali Linux! If you just want to try out some hacking tools (locally, on your own private network), you can simply install Kali Linux as a VM and experiment with the installed tools. But you won’t get beyond the level of experimenting. But if you really want to deal with a Linux distribution and hacking tools, you should better install Debian stable – or another reasonable distribution for daily use. Hacking is learned by being curious, not doing anything illegal or just not getting caught and gaining experience. Penetration testing is learned by building a high enough background in IT, hacking, and then learning structured procedures for penetration testing. Kali Linux is learned by downloading it, starting it as a VM, looking at the tools installed, and then realizing that it is simply a Linux distribution with tools pre-installed. Just a Debian Linux distribution with a cool reputation as a Linux distribution used by real hackers.
