Kali Linux – The most advanced Penetration Testing Distribution now introduces Kali Purple.
Kali Linux is an open-source, Debian-based Linux distro for information security tasks, such as Penetration Testing, Network security, Bug hunting, Cyber Security Research, Digital Forensics and Reverse Engineering.
Introducing Kali Purple
What is in Kali Purple?
On a higher level, Kali Purple consists of:
A reference architecture for the ultimate SOC In-A-Box; perfect for:
- Learning
- Practicing SOC analysis and threat hunting
- Security control design and testing
- Blue / Red / Purple teaming exercises
- Kali spy vs. spy competitions ( bare knuckle Blue vs. Red )
- Protection of small to medium size environments
Over 100 defensive tools, such as:
- Arkime – Full packet capture and analysis
- CyberChef – The cyber swiss army knife
- Elastic Security – Security Information and Event Management
- GVM – Vulnerability scanner
- TheHive – Incident response platform
- Malcolm – Network traffic analysis tool suite
- Suricata – Intrusion Detection System
- Zeek – (another) Intrusion Detection System (both have their use-cases!)
…and of course all the usual Kali tools - Defensive tools documentations
- Pre-generated image
- Kali Autopilot – an attack script builder / framework for automated attacks
Kali Purple Hub for the community to share:
- Practice pcaps
- Kali Autopilot scripts for blue teaming exercises
- Community Wiki
A defensive menu structure according to NIST CSF (National Institute of Standards and Technology Critical Infrastructure Cybersecurity):
- Identify
- Protect
- Detect
- Respond
- Recover
Kali Purple Discord channels for community collaboration and fun
And theme: installer, menu entries & Xfce!
Python Patches are temporarily
Active package maintainers are upgrading their work to be the latest version, otherwise, its a long wait for the next release! Python is no exception, and Python 3.11 is now in Debian, which comes with more informative error tracebacks and huge speed increase (between 10-60%). The upgrade should not have as big of an impact as say python being removed from $PATH, or even Python 2 -> Python 3 migration.
Current patch is only temporary. Our current behavior will change (like Debian has already). When Kali 2023.4 is released 4th quarter of this year, we will drop our patch, and Pip will refuse to install packages system-wide, as said in the documentation.
Xfce 4.18
Nearly two years of development has gone into shaping Xfce 4.18, which was formally released on December 15, 2022. It is the stable series follow-up to the Xfce 4.16 release that made its debut during Christmas of 2020.
Main changes for Kali are found in:
- Improved support for UI scaling – fixing many blurry icons while using HiDPI settings
- Thunar – Xfce’s file-manager, received most of the attention:
- File color highlight
- Recursive search – integrated in the same window
- Split view
updated kali-undercover mode to support the latest desktop changes, bringing some light improvements, and solving some minor bugs.
KDE Plasma 5.27
Kali now includes the new version 5.27 of KDE Plasma, which brings exciting new improvements to your desktop. You can learn more about the latest changes in the Plasma 5.27 release announcement publication.
New tiling system
You can tile a window dragging it while holding down the Shift key. To create custom tile layouts, hold down the Meta (“Windows“) key, and then press T.
New Tools in Kali
It would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories):
- Arkime
- CyberChef
- DefectDojo
- Dscan
- Kubernetes-Helm
- PACK2
- Redeye
- Unicrypto
Install
Existing Installs: If you already have an existing Kali Linux installation, remember you can always do a quick update:
┌──(kali㉿kali)-[~] └─$ echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list [...] ┌──(kali㉿kali)-[~] └─$ sudo apt update && sudo apt -y full-upgrade [...] ┌──(kali㉿kali)-[~] └─$ cp -vrbi /etc/skel/. ~/ [...] ┌──(kali㉿kali)-[~] └─$ [ -f /var/run/reboot-required ] && sudo reboot -f
OR