Kali Linux is a Debian-based Linux distribution maintained by Offensive Security, designed specifically for penetration testing, security research, digital forensics, and reverse engineering. It comes preloaded with hundreds of curated security tools and is the most widely used operating system in offensive-security work.
What makes Kali different
Kali is not designed as a daily-driver operating system; it is a working environment for security professionals. It ships with a non-root default user (a change made in 2020) but assumes the user will need elevated privileges frequently. It is updated continuously through a rolling-release model so that tool versions stay current. The distribution supports many platforms including bare-metal, virtual machines, ARM (Raspberry Pi, Pinebook), Windows Subsystem for Linux, and live USB.
Tooling categories
Pre-installed tools cover the full engagement lifecycle: information gathering (Nmap, theHarvester, recon-ng), vulnerability analysis (Nikto, OpenVAS), web application testing (Burp Suite Community, OWASP ZAP, sqlmap), wireless attacks (Aircrack-ng, Reaver, Kismet), exploitation frameworks (Metasploit), password recovery (John, Hashcat), forensics (Autopsy, Sleuthkit), and reverse engineering (Ghidra, radare2). Additional tools can be installed from the standard Debian repositories or directly from upstream.
Editions and use cases
The standard installer is the most common form. Kali NetHunter targets Android devices and is used for mobile and wireless work. Kali Live offers a non-persistent USB-bootable environment, ideal for one-off engagements where leaving no trace on a workstation matters. Kali Purple is a defensive-focused variant introduced in 2023, aimed at blue team and detection engineering work.
Who uses Kali
Penetration testers, red teamers, capture-the-flag competitors, security researchers, and digital forensics professionals. The Offensive Security PEN-200 course (leading to the OSCP) uses Kali throughout. Many CREST and NCSC CHECK assessments are conducted from Kali, although this is not a requirement; any well-maintained Linux build with the right toolchain works equally well.
Related terms
See also: Metasploit, Nmap, Burp Suite, and OSCP certification.
Leave a Reply