Kali Linux

My main use case for Kali Linux  is primarily for testing and cybersecurity, specifically for doing penetration testing on applications and network applications that we utilize for network monitoring.

A specific penetration test I performed using Kali Linux  was for the application related to DDI , which encompasses DNS, DHCP infrastructure, and network monitoring as well as authentication for Cisco ISE , during which I used tools such as Hydra, Nmap , Ncat, and Wireshark  to capture and analyze network packets.

Kali Linux fits into my team because I mainly work with network tools and focus primarily on DNS; it plays a crucial role in penetration testing and ensuring that my applications are secure against attacks through various cybersecurity criteria.

The best features Kali Linux offers include its Debian-based architecture and being open source, which is important for many reasons, such as allowing for live USB boot and custom ISOs, making penetration testing simpler with comprehensive pre-installed toolsets such as Nmap , useful for vulnerability scanning.

The live USB and custom ISO options help me specifically as they allow for quick access to a wide selection of pre-installed security tools, saving me time on installations and configurations through live USB boot functionality, which lets me get up and running quickly.

The integration of cloud and containers within Kali Linux is something I wish more people knew about, as it allows for utilizing containerized versions that provide scalability and eliminate the need for a virtual machine setup.

Kali Linux has positively impacted my organization by improving efficiency in penetration testing; its open-source nature permits extensive customization and inclusion of numerous comprehensive pre-installed tools, contributing to a secure network environment with effective monitoring of network applications.

The outcomes from using Kali Linux in our organization are significant; we experienced reduced cybersecurity attacks and improved application security, leading to decreased attack surfaces and quicker testing cycles that enabled faster launches and installations.

There are areas for improvement in Kali Linux, particularly regarding its use of the Linux kernel, which requires external additional patching, and the fact that network services are disabled by default, which complicates usage; enhancing user-friendliness through more GUI-based tools and better integration could be beneficial.

While Kali Linux is open source, it lacks vendor support, and I believe that improving documentation and community engagement is essential, making it more user-friendly and encouraging the use of GUI tools can significantly enhance the overall experience.

I have been using Kali Linux for around five years, starting in 2018 or 2019, and I continue to use it until 2024, with plans to keep using Kali Linux starting in January 2025.

Before switching to Kali Linux, we used Fedora for penetration testing. The decision to move to Kali Linux was influenced by its open-source nature, which reduced costs while facilitating easier automation with DevOps tools.

Integrating Kali Linux with DevOps tools has resulted in reduced operational costs due to automated test cases, making it a worthwhile investment with significant returns by decreasing the attack surface area and the frequency of attack incidents.

My experience with pricing, setup costs, and licensing for Kali Linux has been positive, as it operates under an open-source model with setup costs primarily related to hardware and virtual machines, eliminating the need for vendor-specific licenses.

We evaluated alternatives to Kali Linux, including Parrot  OS, BlackArch, BackBox , and the Network Security Toolkit (NST), but Kali Linux was chosen for its stability, open-source nature, and strong community support.

Kali Linux's scalability is commendable; it allows for easy expansion through containerized versions and custom ISOs, although support is primarily dependent on the community rather than vendor assistance.

My advice for others looking into using Kali Linux is to ensure they have a strong foundation in Linux knowledge and are familiar with the various toolsets available within Kali Linux so that they can select the right tools for their specific needs.

I believe Kali Linux is a valuable open-source tool with great potential for growth through community involvement, and continuous development can enhance its position as a leading solution for penetration testing.

On a scale of one to ten, I rate Kali Linux an eight out of ten.

I mainly use Kali Linux  for educational purposes, such as learning pen testing and Linux fundamentals.

I have been using Kali Linux  for the TryHackMe section and applying that learning into different automated scenarios of pen testing that are available on the TryHackMe website.

I haven't used Kali Linux for my organization, only for my learning purposes.

Since Kali Linux is a security-focused Linux distro, that would be its main advantage compared to Ubuntu  or Arch Linux.

The overall focus on security in Kali Linux is what I find most useful.

TryHackMe has an inbuilt Linux distro for doing the assigned tasks, but sometimes network issues may arise or lag may occur. I use Kali Linux because it is fast and there are no hindrances. It provides quick results and helps me gain a deeper understanding of how something works.

It would be helpful if Kali Linux could be involved in more systems or laptops. Windows is a standard for many laptops and comes pre-installed on many devices available in the market. If Kali Linux could do the same and increase their reach to better areas, it would be beneficial.

They could improve Kali Linux's UI/UX. They have been following a standard UI/UX. They could add more options, similar to how CachyOS distro of Arch Linux has many different UI options to select from. Making Kali Linux more customizable would allow users to personalize it to their style.

Many users utilize Kali Linux through virtual machines. Sometimes Kali Linux has issues detecting hardware such as inbuilt or external Wi-Fi adapters. Improving device detection would be beneficial.

I have been using Kali Linux for a couple of years.

Kali Linux is pretty stable.

With enough resources, Kali Linux can handle enough tasks.

I used Ubuntu  before. I wasn't aware of Kali Linux when I first started. I was using Ubuntu for learning about cybersecurity and pen testing. Then I discovered Kali Linux.

I compared Ubuntu and Kali Linux, as there weren't many security-focused Linux distros available.

Kali Linux is free software, an operating system that's available to download without any cost or licensing fees.

Kali Linux has helped me learn faster and understand concepts better. You get a sense of appreciation when completing tasks on your own machine without help or hints from available tools or operating systems, with minimal guidance.

I have saved time by avoiding the lag I sometimes face on the TryHackMe in-built machine, and I have learned more efficiently.

Kali Linux is free software, an operating system that's available to download without any cost or licensing fees.

Other than increasing my knowledge of the Linux distro, Kali Linux has helped me in automated scenarios and increased my knowledge in cybersecurity pen testing. I am still learning.

I would recommend starting with Ubuntu, learning basic Linux commands and Linux-related knowledge, including Debian . Then make the switch to Kali Linux when ready, starting with small tasks before moving on to bigger things.

On a scale of 1-10, I rate Kali Linux an 8.

We have some entirely backend services that function as an integration layer, where multiple applications exchange data through it. For any frontend and API control such as Acunetix  or Qualys, they are not supported for those kinds of backend services. For that purpose, we are using Kali Linux . Kali Linux  has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.

For backend service, Kali Linux is a very good tool, so I can recommend it for that.

Kali Linux has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.

The toolset on the security framework in Kali Linux is fulfilling our purpose of doing the assessment. We are good with that.

Kali Linux has the capability to expand more.

We don't know if Kali Linux has the port scanning capability yet, but that is an area of improvement because we are working with DMZ zones and customized ports. If we can add featured customized port scanning and DMZ zone capability, then it will be a very great tool. It might be there, but we are not exploring it yet.

We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we can use a customized port such as 9876, that capability would be great.

The only point that I didn't find on Kali Linux for now is the ability to customize port scanning.

It has been only five to six months, and the team is getting used to it now.

I should rate the stability of the product as average, good. I would rate it eight, minus two because I don't know about other capabilities.

Kali Linux has the capability to expand more, so I would rate it nine.

I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat.

The initial setup of Kali Linux is okay—not pretty complex or very simple.

It could be simplified from Kali's side for a GUI user, but if we are doing it as command mode, it is okay. We don't find it very hard to install or pretty complex.

For a regular user, they might find it complex. For the technical staff, it's not very complex.

Our DevOps team is doing it, so it is somewhat customized.

I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat. We can say the competitors of Acunetix , such as Burp  Suite and Qualys Guard, those are the real competitors. Kali Linux is good because Sysbench is one kind of tool that has the capability of port scanning, but we don't know much about Sysbench as of now.

We are not working with the multi-language support function as of now because we are very new to it, so we are exploring the stuff entirely.

We are not working with the resource constrainer system function. We just use scanning for incoming and outgoing data services as of now.

We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we are able to use a customized port such as 9876, that capability would be great.

I prefer not to comment further because we are very new to the tool. We don't explore 100%, so I can't comment on it with my capacity right now.

I'm not sure about the pricing model because we got a community version of Kali Linux. The customer has purchased it, so I'm not sure about the pricing.

On a scale of one to ten, I rate Kali Linux an eight.