【 Kali Linux 】What is it? + Characteristics and Uses ▷ 2022

Since we entered the world of security, We always hear about the great importance of and the evolution that has brought with their toolkits.

Today, we will help you in your investigation, and we will supply you with all the information you require from this wonderful operating system. We will begin by explaining to you what this wonderful OS is all about.

Also, we are going to show you what are the Necessary requirements for the installation of Kali Linux to be a total successjust like we will show you all the tools that make this , in one of the most acclaimed.

What is Kali Linux and what is this Ubuntu distribution for?

Kali Linux is one of the Linux distributionsmore used by computer scientists, since it is through it where the best processes are carried out. Their maintenance support is from Offesive Security Ltd.

This is the improved and fortified version of the system known as BackTrack. offers today more than 600 tools including among them, the famous Nmap and great Aircrack-ng key cracker. Among the new updates received, Kali can be used from a Live CD, or USB-Liveand also as a system installed directly to hard drive.

What are the main features of this OS? What makes it different from other distributions?

As we already mentioned Kali Linux, It is one of the most famous Linux distributions by professionals in . It is one of the few most complete distros to perform attacks and system analysis and network applications.

Although it has some characteristics similar to other distributions for pentesting, Kali Linux differs by having the main ones:

• Tools for penetration testing
• updates of security
• network services disabled
• Personalization of
• whole system it is fully configurable
• High security and reliability in the system
• It has a lots of ARM utilities
• Great utility for forensic analysis

Kali Linux Tools What are all available in this distribution?

The tools that Kali Linux offers us, belong to the most important features of this operating system.

If you want to know what all these existing tools are, in the following list we will mention them all, and we classify them according to their usefulness:

monitor and analyze

With any of the following tools you can get network traffic information, or any other than tell us the security codes and used.

It belongs to the most used group of tools for Ethical Hacking:

• Tcpflow (monitor network traffic)
• intrace
• Zenmap (Port Scanner)
• SQL Ninja (SQL Server)
• Acccheck (SMB Samba)
• Forensics mode
• Offline password cracking like John the Ripper
• Guymager (image creation)
• Chkrootkit (anti-rootkit)
• metasploit
• Armitage
• p0f
• DDMS
• apktool

DNS inspection and analysis

These tools are very useful when extract information from the conditions of the .

Among these data, the number of entries contained in the domain and the attacks received are obtained:

• dnsdict6
• dnsenum
• dnsmap
• dnsrecon
• dnsrevenum6
• dnstracer
• dnswalk
• fierce
• Maltese
• nmap
• urlcrazy

Host Identification

The following are tools that allow us to identify all devices within a networkwhose identification is an IP address.

The correct operation of the identity protocol and the level of security are verified:

• fragoute
• fragrouter
• wafw00f
• alive6
• arping
• cdpsnarf
• detect-new-ip-6
• detect-sniffer6
• dmitry
• dnmap-client
• dnmap-server
• fping
• hping3
• inverse_lookup6
• ncat
• netdiscover
• nmap
• passive_discovery6
• thcping6
• wol-e
• xprobe2

Network Scanner

It belongs to the tools commonly used by ethical hackers, since it is through it that the stability of network servers is evaluated:

• dmitry
• dnmap-client
• dnmap-server
• netdiscover
• nmap

Operating System Detection (OS Fingerprinting)

• dnmap-client
• dnmap-server
• miranda
• nmap

OSINT Tools

They are Tools that are dedicated to the extraction of public information that the Internet offers us in order to create monitoring, inspection or marketing campaigns:

• casefile
• creepy
• dmitry
• jigsaw
• Maltese
• metagoofil
• theharvester
• twofi
• urlcrazy

Samba Analysis

Are information behavior analyzers and structuring Of the same.

Including the great feature of giving us a map of the location of each asset, including threats:

SNMP analysis

These are tools used for detailed monitoring of management protocols:

• braah
• cisco-auditing-tool
• cisco-torch
• copy-router-config
• merge-router-config
• nmap
• onesixtyone

SSL analysis

The following are tools that allow us to analyze and check the integrity of SSL certificates.

In order to also obtain information on their traffic:

• sslcaudit
• ssldump
• sslh
• sslscan
• sslsniff
• sslstrip
• sslyze
• stunnel4
• tlssled

Traffic Analysis

These are tools that complement the other traffic analysis tools, allowing us to also use them as part of a penetration process:

• cdpsnarf
• intrace
• irpas-ass
• irpass-cdp
• p0f
• tcpflow
• wireshark

VOIP Analysis

From Kali Linux, we can analyze the Voice protocols, through the use of the following tools:

VPN analysis

The following is a specific tool for the analysis and studies of the VPNs used, as well as for checking their level of security:

Vulnerabilities Analysis

They are tools that are used to detect and identify all vulnerabilities found within a system or network servers:

• cisco-auditing-tool
• cisco-global-exploiter
• cisco-ocs
• cisco-torch
• yersinia

Database Analysis (SQL)

The following tools are used for inspection of databases, also known as SQL.

Through it, information can be extracted, and vulnerabilities can be identified:

• bbqsql
• dbpwaudit
• hexorbase
• mdb-export
• mdb-parsecsv
• mdb-sql
• mdb-tables
• oscanner
• sidguesser
• sqldict
• sqlmap
• sqlninja
• sqlsus
• tnscmd10g

Fuzzing Tools (Brute Force)

Hackers use these tools to crack the encryption of networks or systems, the objective is to check their security level:

• beds
• fuzz_ip6
• ohrwurm
• powerfuzzer
• sfuzz
• siparmyknife
• spike-generic_chunked
• spike-generic_listen_tcp
• spike-generic_send_tcp
• spike-generic_listen_upd
• burp suite
• powerfuzzer
• webscarab
• webslayer
• websploit
• wfuzz
• xsser
• zaproxy

CMS Identification

They are tools with a set of functions that allow identification of CMS.

It also allows you to check its correct operation:

• blindelephant
• plecost
• wpscan

Proxies

The following are tools that are used as intermediaries before a network, and the sharing of information, guaranteeing security in the system:

• burp suite
• stoppages
• proxystrike
• vega
• webscarab
• zaproxy

web tools

They are used for the analysis of web servers, and the possible attacks that they may receive:

• apache-users
• burp suite
• cutycapt
• cutycapt
• dirbuster
• vega
• webscarab
• webslayer
• zaproxy

GPU Tools

With these tools we can obtain information on the graphical processing of the system:

• oclhashcat-lite
• oclhashcat-plus
• pyrit

Offline Tools

The following tools can be used for pentesting without the need to be connected to the Internet:

• cachedump
• chntpw
• cmospwd
• crunch
• dictstat
• hashcat
• hash-identifier
• john the ripper
• Johnny
• lsadump
• maskgen
• oclhashcat-lite
• oclhashcat-plus
• ophcrack
• ophcrack-cli
• policygen
• pwdump
• pyrit
• rainbowcrack
• rcracki_mt
• rsmangler
• samdump2
• sipcrack
• sucrack
• truecrack

Online Tools

These tools can be used through an Internet connection, and can perform different pentesting tasks:

• check
• burp suite
• cewl
• cisco-auditing-tool
• dbpwaudit
• findmyhash
• hydra
• hydra-gtk
• jellyfish
• crack
• onesixtyone
• patator
• phrasendrescher
• thc-pptp-bruter
• webscarab
• zaproxy

bluetooth attacks

The following tools are used to perform auditing through the Bluetooth connection:

• bluelog
• bluemaho
• blueranger
• btscanner
• fang
• spooftooph

Wireless-Wifi Tools

These tools are used to check pentesting, through the wireless connection as well as to check your security system:

• aircrack-ng
• aireplay-ng
• airmon-ng
• airodump-ng
• asleap
• cowpatty
• eapmd5pass
• fern-wifi-cracker
• genkeys
• genpmk
• giskismet
• kismet
• mdk3
• wifiarp
• wifi dns
• wifi-honey
• wifiping
• wifitap
• wifi
• zbassocflood
• zbconvert
• zbdsniff
• zbdump
• zbfind
• zbgoodfind
• zbid
• zbreplay
• zbstumbler

Network sniffers

The following tools are used to capture the frames of a set of nodes connected by means of a network:

• darkstat
• dnschef
• dnsspoof
• dsniff
• ettercap-graphical
• hexinject
• mailsnarf
• netsniff-ng
• passive_discovery6
• sslsniff
• tcpflow
• urlsnarf
• webmit
• webspy
• wireshark
• ettercap-graphical
• evil grade
• fake_advertise6
• fake_dns6d
• fake_dnsupdate6
• fake_mipv6
• fake_mld26
• fake_mld6
• fake_mldrouter6
• fake_router6
• fake_solicitate6
• fiked
• macchanger
• parasite6
• randicmp6
• rebind
• redir6
• sniffjoke
• sslstrip
• tcpreplay
• wifi-honey
• yersinia

VoIP Tools

With the use of these tools it is possible to study the operation and the attacks perceived in the :

• iaxflood
• inviteflood
• ohrwurm
• protos-sip
• rtpbreak
• rtpflood
• rtpinsertsound
• rtpmixsound
• sctpscan
• siparmyknife
• yep
• sipsak
• svcrack
• svcrash
• svmap
• svreport
• swwar
• voiphopper

Web sniffers

They are tools that are used to analyze the protocol packets, and intercept the records and traffic that are transmitted through the connected networks:

• burp suite
• dnsspoof
• driftnet
• ferret
• mitmproxy
• urlsnarf
• webmit
• webscarab
• webspy
• zaproxy

Backdoors

Also known as backdoor tools, they are those that take advantage of vulnerabilities to divert information by creating a door in the system itself:

• cymothoa
• dbd
• intersect
• powersploit
• sbd
• u3-pwn

tunneling tools

These tools are the ones that are mostly used for evil purposes, achieving many things, including bypassing the security protocol, and redirecting traffic through a tunnel:

• cryptcat
• dbd
• dns2tcpc
• dns2tcpd
• iodine
• look
• ncat
• proxychains
• proxytunnel
• tunnel
• pwnat
• sbd socat
• sslh
• stunnel4
• updtunnel

Debuggers (Decompilers) and Reversing

They are tools that are used in order to eliminate all errors or failures found in other applications or software:

• edb-debugger
• ollydbg
• jad
• rabin2
• radiff2
• rasm2
• recstudio
• recstudio-cli
• apktool
• clang
• clang++
• dex2jar
• flash
• javasnoop
• radare2
• rafind2
• ragg2
• ragg2-cc
• rahash2
• rarun2
• rax2

Network Stress Tools (Web, Wlan)

With the use of these tools we can carry out security tests and check the level of stress that it supports, with a multi-sending of requests that are transmitted to the Web and other servers:

• denial6
• dhcpig
• two-new-ip6
• flodd_advertise6
• flood_dhcpc6
• flood_mld26
• flood_mld6
• flood_mldrouter26
• flood_router6
• flood_solicitate6
• fragmentation6
• inundator
• kill_router6
• macof
• rsmurf6
• siege
• smurf6
• iaxflood
• invite flood
• thc-ssl-dos
• mdk3
• reaver

android tools

Android tools, we allow inspections of all mobile device systems, from there we obtain deviations in the inputs and outputs.

As well as the security level of the…