Kali Linux is a specialized, Debian-based distribution designed for penetration testing, security research, vulnerability assessment, and digital forensics. Developed and maintained by Offensive Security, Kali ships with over 600 pre-installed security tools, regular updates, and multiple installation options for desktops, servers, virtual machines, cloud platforms, and ARM devices.
Kali follows a rolling release model with quarterly snapshot releases (Q1-Q4) and continuous package updates between releases through the kali-rolling branch.
- 600+ Pre-installed Tools: Comprehensive collection for penetration testing, wireless analysis, web application testing, forensics, reverse engineering, and exploitation
- Core Tools Include: Metasploit Framework, Burp Suite, Nmap, Wireshark, Aircrack-ng, John the Ripper, Hashcat, Ghidra, SQLmap, Nikto
- Categorized Tools: Information gathering, vulnerability analysis, wireless attacks, web applications, exploitation tools, sniffing & spoofing, password attacks, forensics, reverse engineering, reporting tools
- Quarterly Snapshots: Four major releases per year (March, June, September, December)
- Continuous Updates: Daily package updates through
kali-rolling repository
- Bleeding Edge: Latest security tools, kernels, and exploits as they become available
- Stable Base: Built on Debian Testing with rigorous package testing
- Bare Metal: Installer images for x86_64 systems
- Live Boot: Run from USB/DVD without installation
- Virtual Machines: Official images for VMware, VirtualBox, Hyper-V
- Cloud Platforms: AWS, Azure, Google Cloud, Oracle Cloud, Vultr
- ARM Devices: Raspberry Pi, Orange Pi, Pine64, Chromebook, Odroid
- WSL: Windows Subsystem for Linux support
- Docker: Official Kali Linux containers
- Non-Root Default: Regular user account with sudo privileges (since 2019)
- AppArmor: Mandatory access control enabled
- Secure Boot: Support for UEFI Secure Boot
- Encrypted Install: Full disk encryption options during installation
- Kernel Hardening: Grsecurity/PaX patches, SELinux support available
- Xfce: Default desktop (lightweight, stable)
- GNOME: Modern, feature-rich environment
- KDE Plasma: Highly customizable desktop
- MATE: Traditional GNOME 2 fork
- i3: Tiling window manager for advanced users
- Enlightenment: Lightweight alternative
| Field |
Value |
| Latest Release |
Kali 2026.1 |
| Release Date |
January 9, 2026 |
| Linux Kernel |
5.15.0 (2026.1), 6.16.0 (2025.4) |
| Default Desktop |
Xfce 4.20.5 |
| Release Model |
Rolling (kali-rolling) |
| Base |
Debian Testing |
| Architecture |
x86_64, ARM64, ARMhf |
| Package Manager |
APT (dpkg) |
| Init System |
systemd |
| Version |
Expected Date |
Quarter |
Status |
| Kali 2026.1 |
January 9, 2026 |
Q1 |
✅ Released |
| Kali 2026.2 |
June 2026 |
Q2 |
Expected |
| Kali 2026.3 |
September 2026 |
Q3 |
Expected |
| Kali 2026.4 |
December 2026 |
Q4 |
Expected |
| Version |
Release Date |
Kernel |
Desktop |
Notes |
| Kali 2025.4 |
2025-12-12 |
6.16.0 |
Xfce 4.20.5 |
Q4 rolling release |
| Kali 2025.3 |
2025-09-23 |
6.12.0 |
Xfce 4.20.4 |
Q3 rolling release |
| Kali 2025.2 |
2025-06-13 |
6.12.0 |
Xfce 4.20.4 |
Q2 rolling release |
| Kali 2025.1c |
2025-04-28 |
6.12.0 |
Xfce 4.20.4 |
Minor refresh (keyring update) |
| Kali 2025.1 |
2025-03-19 |
6.12.0 |
Xfce 4.20.4 |
Q1 rolling release |
| Version |
Release Date |
Kernel |
Desktop |
Notes |
| Kali 2026.1 |
2026-01-09 |
5.15.0 |
Xfce 4.20.5 |
Q1 rolling release, visual refresh |
| Version |
Release Date |
Notes |
| Kali 2024.4 |
2024-12-16 |
Q4 rolling release |
| Kali 2024.3 |
2024-09-11 |
Q3 rolling release |
| Kali 2024.2 |
2024-06-05 |
Q2 rolling release |
| Kali 2024.1 |
2024-02-28 |
Q1 rolling release |
| Version |
Release Date |
Notes |
| Kali 2023.4 |
2023-12-05 |
Q4 rolling release |
| Kali 2023.3 |
2023-09-06 |
Q3 rolling release |
| Kali 2023.2 |
2023-06-07 |
Q2 rolling release |
| Kali 2023.1 |
2023-03-08 |
Q1 rolling release |
- Download ISO: Get installer or live image from kali.org
- Create Boot Media: Write to USB (Rufus, Etcher) or burn DVD
- Boot: Start from USB/DVD
- Install: Graphical or text-based installer
- Configure: Set up user, disk, and packages
# Pull official Kali Linux image
docker pull kalilinux/kali-rolling
# Run interactive container
docker run -it kalilinux/kali-rolling /bin/bash
# Update packages inside container
docker exec -it <container_id> bash
apt update && apt full-upgrade -y
# AWS CLI example
aws ec2 run-instances --image-id ami-kali-2025.4 \
--instance-type t3.medium \
--key-name my-key-pair
¶ 🔧 Quick Setup Commands
# Update system (post-installation)
sudo apt update
sudo apt full-upgrade -y
# Install additional tools
sudo apt install kali-linux-large -y
# Verify installation
kali-tools-version
| Edition |
Description |
Use Case |
| Kali Linux |
Standard installation |
General penetration testing |
| Kali Linux Everything |
All tools pre-installed |
Complete toolkit offline |
| Kali Linux Minimal |
Base system only |
Custom installations |
| Kali Linux Forensics |
Forensics tools focused |
Incident response |
| Kali Linux ARM |
ARM device images |
Raspberry Pi, SBCs |
| Kali Linux WSL |
Windows Subsystem |
Windows developers |
- CPU: 1 GHz processor (x86_64 or ARM64)
- RAM: 2 GB (4 GB recommended)
- Storage: 20 GB free space (50 GB recommended)
- Boot: USB port or DVD drive for installation
- CPU: Dual-core 2 GHz or better
- RAM: 8 GB or more
- Storage: 100 GB SSD
- Network: WiFi adapter with monitor mode support
- Display: 1920x1080 resolution
- Network penetration testing
- Web application security assessment
- Wireless network auditing
- Social engineering campaigns
- Red team operations
- Incident response
- Evidence collection and analysis
- Memory forensics
- Disk forensics
- Mobile device forensics
- Security certifications (OSCP, OSCE, OSWP)
- University courses
- Capture The Flag (CTF) competitions
- Security research labs
- Vulnerability research
- Internal security assessments
- Compliance testing (PCI-DSS, HIPAA)
- Security awareness training
- Vulnerability management
- Threat hunting
Kali Linux includes tools organized into categories:
| Category |
Tools |
Purpose |
| Information Gathering |
Nmap, Maltego, theHarvester, Shodan, dnsx |
Reconnaissance |
| Vulnerability Analysis |
OpenVAS, Nikto, Wapiti, nuclei |
Vulnerability scanning |
| Web Applications |
Burp Suite, OWASP ZAP, SQLmap, proxify |
Web app testing |
| Database Assessment |
sqlmap, SQLninja, NoSQLMap |
Database attacks |
| Password Attacks |
John, Hashcat, Hydra, Crunch |
Password cracking |
| Wireless Attacks |
Aircrack-ng, Reaver, Kismet |
WiFi auditing |
| Reverse Engineering |
Ghidra, Radare2, GDB |
Binary analysis |
| Exploitation Tools |
Metasploit, Searchsploit, BeEF, PoshC2 |
Exploitation |
| Sniffing & Spoofing |
Wireshark, tcpdump, Ettercap |
Network analysis |
| Post Exploitation |
Mimikatz, Powershell Empire, PoshC2 |
Post-exploitation |
| Forensics |
Autopsy, Volatility, Binwalk |
Evidence analysis |
| Reporting |
Dradis, MagicTree, KeepNote |
Documentation |
| Port Scanning |
Nmap, naabu |
Network discovery |
| OSINT |
email2phonenumber, theHarvester, Maltego |
Open-source intelligence |
| Tool |
Category |
Description |
| dnsx |
Information Gathering |
Fast, multi-purpose DNS toolkit |
| email2phonenumber |
OSINT |
Obtain phone numbers from email addresses |
| naabu |
Port Scanning |
Fast, reliable port scanner |
| nuclei |
Vulnerability Analysis |
Template-based targeted scanning |
| PoshC2 |
Post Exploitation |
Proxy-aware C2 framework |
| proxify |
Web Testing |
HTTP/HTTPS traffic capture and replay |
Note: Four new tools (dnsx, naabu, nuclei, proxify) are from ProjectDiscovery.