Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform.
Packaged apps to set up test labs
The Kali Team knows the importance of practicing instead of relying on theory, and for infosecurity professionals, test labs are a way to test tools and hone their own skills in a legal environment.
Therefore, the team aims to help users build test labs, by packaging the Damn Vulnerable Web Application and the OWASP Juice Shop – other test labs will be added into the kali-linux-labs metapackage in the future.
Like all professionals, security pros need to understand the tools they use to master their craft, the team noted, and the test beds can help them discover the tools’ capabilities and retain the knowledge. (As they rightly pointed out, it’s one thing to read something, and another to actually do it.)
New tools in Kali Linux 2022.3
As per usual, a new Kali version comes with new tools. This time it’s:
- BruteShark – a Network Forensic Analysis Tool (NFAT)
- DefectDojo – An open-source application vulnerability correlation and security orchestration tool
- phpsploit – A post-exploitation framework that provides an interactive shell-like connection over HTTP between client and web server
- shellfire – An exploitation shell for exploiting LFI, RFI, and command injection vulnerabilities
- SprayingToolkit – A set of scripts to make password spraying attacks against Lync/S4B, OWA and O365 easier
Kali NetHunter, the distro’s mobile pentesting platform, has also been updated, and so have some of the Android applications for penetration testing and forensics available in the NetHunter Store.
New and updated documentation!
The team has created a number of new and updated old pages documenting the use of Kali Linux and various apps in different setups. They have also delivered the promised documentation on using the distro on Linode instances.
They have also been updating the documentation for various tools, but are calling for users to help them with the effort by contributing to the (now opened up) kali-tools repository.
“Our goal is to have general information about every tool, as well as examples of the tool being used, and how to use the tool,” they explained.
A Discord server for the community
While we’re on the topic of community input and involvement, the “big” news is that the team opened a new discord server – fittingly named Kali Linux & Friends – “a new place for the Kali community to get together and chat in real-time all about Kali Linux (as well as other community projects that OffSec has to offer).”
They’ve also announced that, from this Kali release on, they will be doing a live session where various Kali developers voice chat on Discord to answer questions and taking input from the community.
Download Kali Linux 2022.3
Kali Linux 2022.3 can be downloaded or you can update your existing installation to this version.
Check out Offensive Security’s blog post for more details about the new release.
Kali Linux users can also learn more about how Kali Linux creators plan to handle the future of penetration testing, and Offensive Security CEO’s thoughts on why automated pentesting won’t fix the cybersecurity skills gap.