Kali Linux comes to Windows 10, handing hacking tools to pen testers

Hacker-friendly distro arrives on Windows Subsystem for Linux

Kali Linux is now officially available on the Microsoft Store, marking another milestone in Microsoft's recent bid to support open source software.

Running on Windows Subsystem for Linux (WSL), a feature introduced as part of last year's Fall Creators Update that allows users to run various Linux distros on top of existing Windows 10 installations, Kali Linux joins other popular distros such as openSUSE, Fedora and Ubuntu.

"Our community expressed great interest in bringing Kali Linux to WSL in response to a blog post on Kali Linux on WSL. We are happy to officially introduce Kali Linux on WSL," said Microsoft's WSL programme manager, Tara Raj, as part of a blog post announcing the distro's availability.

Advertisement - Article continues below

"We would like to extend our sincerest thanks to the Kali Linux team and especially [Kali lead developer] Mati Aharoni for all their patience, hard work and support to plan, build, and publish their distro packages in the Windows Store. Thank you!"

Kali Linux, a security-focused Linux distro based on Debian, is designed primarily for 'offensive security' - a branch of cyber security that involves ethical hackersattacking businesses in order to expose flaws in their networks that can then be fixed, a process known as penetration testing.

Advertisement
Advertisement - Article continues below

As well as penetration testers and red teams, the distro is also used by actual cyber criminals, due to its effectiveness. The software comes pre-packaged with a variety of different hacking tools, including password crackers, packet sniffers and exploit tools.

Ian Thornton-Trump, cyber vulnerability and threat hunting lead at Ladbrokes Coral, toldIT Pro that such tools could be dangerous in the wrong hands, but equally warned that using these tools on Windows 10 could expose hackers, due to the type of data Microsoft collects from the OS.

Advertisement - Article continues below

"Windows 10 collects a ton of user telemetry. If you're going to get your hack on, you're going to get caught," he said,"and in the US, you may go to jail for a very long time - especially if you are a jerk and go after infrastructure you don't own. So, it's like a bear trap for script kiddies and entrepreneurial cyber criminals."

However, he also pointed out that making Kali more accessible could lead to improvements in overall security, such as security teams using it to illustrate network vulnerabilities to board members.

"Kali is pure red, like the blood of your cyber enemies. But I do think it may do some good if used to improve security, and the key word is responsibly," he said. "Learning is always cool - getting busted under the CFAA because OPSEC training is not included in Kali is un-cool. Bottom line: hack what you own. If you don't own, it don't hack it - unless you have written permission."

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020
BlackRock banking Trojan targets Android apps
trojans

BlackRock banking Trojan targets Android apps

27 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
Police use of facial recognition ruled unlawful in the UK
privacy

Police use of facial recognition ruled unlawful in the UK

11 Aug 2020