Today's Whiteboard Wednesday video features Metasploit Product Marketing Manager Chris Kirsch, who talks about one of the most well-known pen testing tools, Kali Linux—the next step in the evolution of BackTrack, a popular pen testing tool. Learn about all of the new features in this updated and renamed release, and how Metasploit now supports Kali Linux as an official platform.
Kali Linux is a security auditing toolkit, known to penetration testers as one of the most comprehensive open source pen testing tools, which allows you to test your network defenses. Metasploit has been re-engineered to fully integrate with Kali Linux to provide a better user experience. Check out one of the most popular pen testing tools out there!
Read Video Transcript
Hello and welcome to this Rapid7 Whiteboard Wednesday. My name is Chris Kirsch. I'm the Product Marketing Manager for Metasploit. Today, I'd like to talk about a slightly different topic. It's actually a third-party open source tool called Kali.
You might know Backtrack. Some of you might know it really well. Today, the good guys from Offensive Security have issued a new version of Backtrack called Kali Linux.
So Kali Linux is based on Debian. The previous version of Backtrack was based on Ubuntu. It's essentially, for those that don't know Backtrack and don't know Kali yet, it's an open source platform and operating system with Linux distribution that comes with a ton of great penetration testing tools all pre-loaded and pre-installed.
So some examples of that, obviously, Metasploit is on that platform, Aircrack NG for wireless pen testing, WireShark for network sniffing, and Map for mapping out networks. There are hundreds of tools on that platform. It's really great for penetration testers who don't want to install and keep up to date all the different tools that they need every day.
So why the name change? Well, the makers of Backtrack and of Kali Linux thought, hey, they're actually making so much from scratch for this entire project that it really deserves a new name. That's why they chose the name Kali Linux.
In a nutshell, the new system is going to be more robust and easier to use. It's also going to be easier to update. One of the things that's been a challenge is to keep the system updated, and also, when you change from one version of Backtrack to the next, you had to reinstall and so on. So this system actually makes it more future proof. When the next version of Kali Linux comes out, you can just update that platform. You don't have to start over.
The UX is a lot more streamlined and a lot more user friendly. For example, the installation process, if you want to use a persistent platform, which I recommend, especially if you're going to use Metasploit, it's a lot easier. Also, one fun thing is you can fully customize your distribution, so you can choose which tools you want on there and have your own ISO created.
Apart from i386, and AMD64, it also now supports ARM architectures. For those of you who like the little embedded or mobile devices or the tablets based on ARM, you can actually run Kali Linux on that.
Now, Kali Linux is officially supported by Rapid7 as a platform. Backtrack, we had Metasploit on Backtrack before. Some users reported some issues with things like the database, general stability, updating, and so on. So we worked together with the guys from Offensive Security to repackage Metasploit from scratch for the Kali Linux distribution so that you would all have a much better user experience.
Also, for the Metasploit Pro edition, which is pre-loaded on Kali Linux, if you are a commercial customer, you have full support on that platform. If you're a penetration tester and you love Backtrack, you're going to love Kali Linux and using Metasploit Pro with full technical support from Rapid7.
Some people have asked me about the relationship between Kali Linux, Offensive Security, and Rapid7. So I just want to go into that a little bit. Basically, it's one big love-fest. There are not a lot of commercial agreements between us. Offensive Security are the main guys behind Backtrack and Kali Linux. They're really the heart of the project. They came up with this idea. We contacted them about making the Metasploit experience better on Backtrack and found out about Kali Linux. Now, Rapid7 has become an official contributor to the project, and we're now very involved with them to make Metasploit better on this platform.
Where can you get the new Kali Linux? You can get it at Kali.org, and simply download it from there. You can get the different versions for your preferred platform. That's it for today's Whiteboard Wednesday.