Kali Linux comes to Windows 10, handing hacking tools to pen testers

Hacker-friendly distro arrives on Windows Subsystem for Linux

Kali Linux is now officially available on the Microsoft Store, marking another milestone in Microsoft's recent bid to support open source software.

Running on Windows Subsystem for Linux (WSL), a feature introduced as part of last year's Fall Creators Update that allows users to run various Linux distros on top of existing Windows 10 installations, Kali Linux joins other popular distros such as openSUSE, Fedora and Ubuntu.

"Our community expressed great interest in bringing Kali Linux to WSL in response to a blog post on Kali Linux on WSL. We are happy to officially introduce Kali Linux on WSL," said Microsoft's WSL programme manager, Tara Raj, as part of a blog post announcing the distro's availability.

"We would like to extend our sincerest thanks to the Kali Linux team and especially [Kali lead developer] Mati Aharoni for all their patience, hard work and support to plan, build, and publish their distro packages in the Windows Store. Thank you!"

Advertisement - Article continues below
Advertisement - Article continues below

Kali Linux, a security-focused Linux distro based on Debian, is designed primarily for 'offensive security' - a branch of cyber security that involves ethical hackersattacking businesses in order to expose flaws in their networks that can then be fixed, a process known as penetration testing.

As well as penetration testers and red teams, the distro is also used by actual cyber criminals, due to its effectiveness. The software comes pre-packaged with a variety of different hacking tools, including password crackers, packet sniffers and exploit tools.

Ian Thornton-Trump, cyber vulnerability and threat hunting lead at Ladbrokes Coral, toldIT Pro that such tools could be dangerous in the wrong hands, but equally warned that using these tools on Windows 10 could expose hackers, due to the type of data Microsoft collects from the OS.

"Windows 10 collects a ton of user telemetry. If you're going to get your hack on, you're going to get caught," he said,"and in the US, you may go to jail for a very long time - especially if you are a jerk and go after infrastructure you don't own. So, it's like a bear trap for script kiddies and entrepreneurial cyber criminals."

However, he also pointed out that making Kali more accessible could lead to improvements in overall security, such as security teams using it to illustrate network vulnerabilities to board members.

"Kali is pure red, like the blood of your cyber enemies. But I do think it may do some good if used to improve security, and the key word is responsibly," he said. "Learning is always cool - getting busted under the CFAA because OPSEC training is not included in Kali is un-cool. Bottom line: hack what you own. If you don't own, it don't hack it - unless you have written permission."

Featured Resources

How inkjet can transform your business

Get more out of your business by investing in the right printing technology

Download now

Journey to a modern workplace with Office 365: which tools and when?

A guide to how Office 365 builds a modern workplace

Download now

Modernise and transform your sales organisation

Learn how a modernised sales process can drive your business

Download now

Your guide to managing cloud transformation risk

Realise the benefits. Mitigate the risks

Download now



What is open source?

30 Jan 2020
operating systems

Best Linux distros 2019

24 Dec 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Microsoft Windows

Microsoft pulls disastrous Windows 10 security update

17 Feb 2020

How to use Chromecast without Wi-Fi

5 Feb 2020
Business operations

HP shareholders invited to come dine with Xerox

17 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020