Bibliography ：
《Kali Linux Revealed》—Raphael Hertzog,Jim O’Gorman,Mati Aharoni

1. Summary of relevant resources
2.Kali Linux brief introduction
3.
4.
5.

1. Summary of relevant resources

kali
Official website ：http://www.kali.org
download ：http://www.kali.org/download
Git The source code library ( With signature tag ）：http://git.kali.org
Package tracker （ You can view the evolution of each software package ）：http://pkg.kali.org

Debian
Official website ：https://www.debian.org
Debian Free Software Guide ：https://www.debian.org/social_contract
Debian Policy clause ：https://www.debian.org/doc/debian-policy

Linux Desktop Environment
GNOME https://www.gnome.org
KDE https://www.kde.org
Xfce http://www.xfce.org
LXDE http://lxde.org
MATE http://mate-desktop.org

2.Kali Linux brief introduction

Kali Applications include penetration testing , obtain evidence , Reverse engineering and vulnerability assessment , Mainly used for penetration test .

2004 year ,Mati “Muts” Aharoni Released ”WHoppiX"(White Hat Knoppix) Of Live CD , It contains information from SecurityFocus,Packet Storm and kotik All the penetration scripts .
2005 year ,WHoppiX Evolved into WHAX, An extended updated tool set .
2006 year ,Muts,Max Moser And their team will Auditor Security Linux and WHAX Merge into a single distribution , be called BackTrace.Muts found Offensive Security company , Provide the world's leading training and penetration testing services .
2009 year ,BackTrace Extended to BackTrace 4, It is no longer a self-made CD, It's based on ubuntu Distribution version .
2011 year ,BackTrace 5 Release , Still based on ubuntu.
2013 year ,Kali Linux 1.0 Release ,Kali It's better than BackTrace more mature , Safe and suitable for enterprise applications ,Kali It's from Debian On the core of the kernel , Built from scratch ,Kali Same as Debian The software warehouse is synchronized four times a day , Users can obtain software package updates and security patches in time . As a result of doing a lot ARM Development work , bring Kali Linux It can be installed on a wide range of hardware platforms , Including wireless AP, Single chip system （ Like raspberry pie ,ODROID,BeagleBone,CubieBoard etc. ）, And based on ARM Of Chromebook Computer .
2015 year ,Kali 2.0 Release .
2016 year ,Kali rolling The release of .

Even though Kali Have the most cutting-edge kernel , But due to the lack of appropriate drivers , network card , mouse , The latest NVIDIA Video card and GPU It may not be available . stay Kali In the autogenetic mode , In a terminal Input in lspci command ,lspci（list personal computer interface） View the hardware list ：“PCI bridge,USB controller,SATA controller,Ethernet and Network controllers”, By searching for the appropriate model of these hardware , as well as Kali Linux Cross index of , It is found that the drivers of these latest hardware have not been integrated into the kernel code of the mainline . solve ： Download the required drivers , Can also be installed to play GPU（Grapical Process Unit） Performance and for hashcat programmatic CUDA The library files , It makes the GPU Can play the greatest role in cracking the hash password .

Kali Linux The project is 2012 year Offensive Security The company started , Used in place of Backtrace Linux Project Debian Derivative .
Debian Derivative https://wiki.debian.org/Derivatives/Census

Linux Distribution version
Linux The distribution refers specifically to the name of the kernel , A piece of software that interacts between hardware and end-user applications .
Linux A distribution, on the other hand, refers to a release in Linux A complete set built on the kernel OS, It usually includes an installer and many applications , Some are already installed in OS On , Some are packaged as software packages , Easy to install at any time .
Debian GNU/Linux It's a universal Linux Distribution version , It is known for its quality and stability .
Debian Is a generic with many different versions OS, Usually using a distribution （distribution） To represent a particular version , Such as Debian Stable version live Debian The beta .

GNOME yes Kali Linux Default desktop environment for
A desktop environment is a collection of graphical interface applications that share a graphical toolkit . Users' workstations often use graphical interfaces , The server is generally not used .
Common desktop environments provide an application launcher , A file manager , One Web Browser a Email Client and a set of office software .
GNOME https://www.gnome.org
KDE https://www.kde.org
Xfce http://www.xfce.org
LXDE http://lxde.org
MATE http://mate-desktop.org

Kali and Debian The relationship between
Debian The stable version will give priority to software stability , This will lead to the integration of the new version application into OS It takes a long time .
For the cost of continuous integration ,Kali Linux stay Debian Build on beta , That is to say kali The concept of rolling distribution .


Process flow of software package
stay Debian aspect , Contributors update packages daily and upload them to Debian Unstable version （Debian Unstable）.
Once a major problem is solved in the unstable version , The software package is migrated to Debian The beta .
The migration process also needs to ensure that no Debian The beta version already exists, and the dependent file is damaged .
Debian The test version is the same as Kali Linux Consistent goals , So choose it as Kali Linux Building foundation .


To add... To the distribution Kali Specific software packages require two steps ：
1. Forced direction Debian The beta version injects specific Kali software package （ be located kali-dev-only In the library ） To build kali-dev library . This library will have problems from time to time . such as ：Kali The package for may not be installed until it is recompiled with a newer library file, etc .kali-dev Libraries are not intended for end users .
2. Same as Debian The beta version is based on Debian Unstable Version build ,kali-rolling Rolling releases are based on kali-dev Build version , It is also recommended Kali Linux The version used by the user . Only when all the dependency problems are solved , The software package will be migrated to kali-rolling In rolling releases .


Same as Debian The difference between
Kali Package Tracer（https://pkg.kali.org/derivative/kali-dev） Help track Kali And debian The branch of .
All software packages are stored and hosted at the same time debian Branches and kali The branch Git In the library .（http://git.kali.org）
Based on this , to update fork The package becomes a two-step simple process ： to update Debian Branch , Then merge it into kali Branch .

Kali Linux Design goals and usage scenarios
Kali Linux The positioning of is a framework , Because it contains many tools with different purposes .
Kali Linux It can be used for various types of computers ：

• The most commonly used portable computer for penetration test engineers
• Forensics analyst workstation
• It can also be installed on the server by the system administrator who wants to monitor the network
• Can also be installed in use ARM CPU On a portable embedded device , These devices can be placed within the wireless network or inserted into the target user's computer .
• Kali Linux Can be deployed in the cloud , In order to quickly establish a password cracking machine solution group
  
  
  
  Kali Linux The main menu of is organized according to various tasks and activities related to testers and other information security professionals ：
• information gathering ： Collect data on the target network and its structure , Identify the computer ,OS And the various services running on it . Identify potentially sensitive parts of the information system . Extract various manifests from the running directory service .
• Vulnerability analysis ： Quickly identify whether the local or remote system is affected by some known vulnerabilities or unsafe configurations . Vulnerability scanners use... That contains a large number of vulnerability characteristics DB, To identify the loopholes in the signature .
• Web Application Analysis ： distinguish Web Misconfiguration and security vulnerabilities in applications . because Web The application is completely open to the public , Therefore, it is an ideal target for attackers , Identifying and fixing these vulnerabilities is critical .
• Database evaluation ： from SQL Inject authentication credentials into the attack ,DB Attack is a very common attack vector . You can find it from here SQL Various tools injected into data extraction and analysis .
• Password attacks ： Identity authentication system is always a feasible attack vector . Offline tools ranging from online password attacks to attacks on encryption or hashing can be found here .
• Wireless attack ： The accessibility of wireless networks means that they are a common attack vector . because Kali Linux It supports a wide range of wireless network cards , So choose Kali Linux Implement attacks on various wireless networks .
• Reverse engineering ： Reverse engineering is an activity that can support multiple goals . In terms of attack , Reverse engineering is one of the main methods to identify vulnerabilities and exploit programs . In terms of defense , It can be used to analyze malware used in attacks , In this respect , The main goal of reverse engineering is to identify the functionality of a given piece of code , Take advantage of the capabilities provided by reverse engineering ,Kali Can identify malware .
• Exploit tools ： Exploit previously identified vulnerabilities , You can get access to live devices of remote machines . It is also possible to use various attack methods, such as privilege escalation, on the basis of preliminary access rights , Obtain higher permissions on this captured local computer or on a computer accessible to the local network . The vulnerability exploitation tool set contains some tools that can help you simplify the process of developing vulnerability exploitation tools .
• Sniffing and cheating ： Attackers often want access to direct data . In sniffing and spoofing , You can find tools that allow you to impersonate legitimate users , And sniffer tools that can directly capture and analyze the network .
• （ Post penetration ） Authority maintenance ： Once you find the entrance to the system , You often want to keep the access to the system , Or further expand the control surface in the intranet , Relevant tools can be found here .
• Digital forensics ： For evidence collection Linux In recent years, the self generated system environment is very popular .Kali Contains a large number of Linux Common forensics tools , These tools can help you from preliminary analysis to data mirroring to complete data analysis , And all data forensics processes such as case management .
• Reporting tools ： The tools included in this category can help organize the data collected by the information collection tools , Discover hidden relationships and integrate various report contents .
• Social engineering tools ： If the technical protection of the attack target is done well , The use of human weakness will become an easier attack vector .
• system service ： Start and stop applications that run in the background as system services .

Kali Linux The main function of
1. One Autogenous system
Same as most Linux Distribution similar , The master you downloaded ISO Images can not only help install OS, At the same time, it can also be used as a self starting self generating system , namely ： Can be installed without Kali Linux Use it in case of , Just start ISO Mirror image （ Usually copy the image to U After the dish ） that will do .
This in-house system contains tools that penetration testers often use , So even if you're daily OS It's not Kali Linux, Just plug in your hard drive or U Disk and restart to run it .
Be careful ： Changes you make to the system will not be preserved in the default configuration , These changes will be lost after reboot . If you use U Disk and configured the persistence option , Then you can adjust the system according to your own preferences , These changes will be preserved after the reboot .
2. Forensics mode
Generally speaking, when collecting evidence for the system , We hope to avoid any behavior that will modify the data of the analyzed system . But modern desktops OS Will try to automatically mount all the disks it detects , This is against our goal , To avoid this kind of situation ,Kali linux There is a forensics mode that can be enabled from the boot menu ： It will disable all these functions .
Autogenous systems are useful for forensic purposes , Because you can use Kali Linux Start any computer , Without having to access or modify its hard disk .
3. A custom Linux kernel
Kali Linux Always provide one based on Debian Unstable Version customized version Linux kernel . This ensures the stability of the hardware support , It is very important to support a large number of wireless devices . This version of the kernel adds a wireless injection support patch , Because many wireless security assessment tools rely on this feature .
Because many devices need the latest firmware files （ be located /lib/firmware/）, So by default ,Kali Will install them all — Include Debian Not free of charge （no-free） Part of the firmware . stay Debian These firmware are not installed by default , Because they are not open source , Is not Debian An inherent part of .
4. Completely customizable
Released to build official kali mirrored live-build To configure , So that you can customize it according to your own preferences .
live-build It contains many functions , Such as ： Modify the installed system , Install supplemental files , Install additional packages , Run any command , And for modifying deconf Default installation problems of .
5. The source code is traceable
Kali Of Git The source code library ( With signature tag ）：http://git.kali.org
Kali Package tracker （ You can view the evolution of each software package ）：http://pkg.kali.org
6. Can be found in many ARM Used in the device
Kali by armel,armhf and arm64 Wait for binary ARM The architecture provides binary packages . Thanks to the Offensive Security Easy to install image files provided by the company ,Kali Linux Can be deployed on many different devices , It can be installed on a variety of embedded devices and mobile platforms , Such as ： mobile phone , The tablet ,Wi-Fi Router , Computer .

Kali Linux Design strategy
1. By default root user
because Kali Many of the tools included in can only be executed with privileges , therefore kali The default installation user for is root. And others linux The distribution is different , install Kali You will not be prompted to create an unprivileged user .
2. Network service is disabled
And Debian contrary ,Kali By default, any installed services that can listen on the network are disabled , for example HTTP and SSH.
reason ： Because unexpected network interaction may expose your existence , Thus increasing the perceived risk , Not conducive to testing activities , Therefore, the exposure must be reduced as much as possible in the test activities .
It can be run sysytemctl enable <serviceName> Start any required services manually .
3. be based on Debian Rolling release of beta
kali Like most mainstream OS Different , It is a rolling release （Rolling）, It means you get updates every day .
4. Autogenous system
Non installation self startup .