Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

  • odd@feddit.org
    link
    fedilink
    arrow-up
    21
    ·
    5 days ago

    Pretty much that. It has all the sane defaults that protect and enable you when starting out in SecOps.

    And for more experienced users it’s later on: “before I setup everything again, I just use Kali.”

    • N.E.P.T.R@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      26
      arrow-down
      2
      ·
      5 days ago

      It isn’t a secure operating system. It is a toolkit for pen testing and red team hackers. Definitely not a daily driver kind of OS.

        • teije9@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          7
          arrow-down
          1
          ·
          5 days ago

          it’s not secure by design, since it’s not made to be secure, and also uses unstable versions of a lot of packages to make certain exploits work

        • N.E.P.T.R@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          5 days ago

          What do you mean secure by design? What part of it is secure. Compare it to actually security focused Linux operating systems like QubesOS, Kicksecure, or Secureblue. Literally any OS that supports the Brace tool (made by the creator of DivestOS) is much more secure than Kali Linux. Kali is purpose built for red team work, not being secure (aka reducing attack surface or designing around a threat model).

          • Manifish_Destiny@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            4 days ago

            Kali is secure as in once it’s configured, it cannot be accessed without creds, keys etc. That meets the definition of ‘secure’. It’s just Linux with a bunch of pre installed packages.

            Of course something can always be more secure. But saying Kali isn’t secure is like me saying your PC isn’t secure because it isn’t air gapped like my most secure PC.

            • N.E.P.T.R@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              3 days ago

              PCs aren’t secure. Linux default isnt secure. Kali has so many apps/tools installed by default that it isnt comparable to default Linux. It has massive attack surface and no security design, therefore calling it secure isn’t accurate.

              If no effort was put into the security design of an OS, why call it secure?

              • Manifish_Destiny@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                1 day ago

                Okay if I turned off password auth, just used keys, disabled the Kali user and root login, how are you breaking in? Where’s the vulnerability? Which cve or cwe are you able to exploit?

                A large attack surface doesn’t mean insecure. It just means less secure.

                Source: I literally pentest for a living. No, I don’t even use Kali on a regular basis.

                • N.E.P.T.R@lemmy.blahaj.zone
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 day ago

                  My point exactly. A large attack surface means less secure. My point was that Kali isn’t focused on being a secure OS. It is all about the tools. Even without a vulnerability, a secure OS should protect against unknowns.

        • N.E.P.T.R@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          5
          ·
          edit-2
          4 days ago

          You mention “sane defaults”. That might mislead someone because it is ambiguous. The terminal defaults used to default to a root prompt, exemplifying that it isn’t a distro focused on sane defaults for a desktop distro.

          Kali is a tool for a specific job. Its meant mostly for hacking or troubleshooting/analysis, being an OS for executing a collection CLI/TUI and GUI utils.

          -Edited everything to make myself more intelligible.