Kali Linux 2022.3 Release (New Tools in Kali & Test Lab)
Reading Time: 3 Minutes
In light of “Hacker Summer Camp 2022” (BlackHat USA, BSides LV, and DEFCON) occurring right now, they wanted to push out Kali Linux 2022.3 as a nice surprise for everyone to enjoy!
The highlights for Kali’s 2022.3’s release:
- Discord Server – Kali’s new community real-time chat option has launched!
- Test Lab Environment – Quickly create a test bed to learn, practice, and benchmark tools and compare their results
- Opening Kali-Tools Repo – They have opened up the Kali tools repository and are accepting your submissions!
- Kali NetHunter Updates – New releases in their NetHunter store
- Virtual Machines Updates – New VirtualBox image format, weekly images, and build-scripts to build your own
- New Tools In Kali – Would not be a release without some new tools!
Kali is on Discord
They have started up a new discord server, Kali Linux & Friends. This is their new place for the Kali community to get together and chat in real-time all about Kali Linux (as well as other community projects that OffSec has to offer).
This is a community server, all with common interests. They do not have the goal to get as many users as possible, instead, they are growing a place for each other to help one another. They are focusing on quality not quantity. Please bear in mind, if you are looking for help, first search for your problem, ask questions, then wait for the community support from your peers. Remember no one is under obligation to help you, and you are more likely to get assistance if you are polite and show you have put some effort into solving your own issue.
See Also: So you want to be a hacker?
Complete Offensive Security and Ethical Hacking Course
Test Lab Environment
“A craftsman is only as good as their tools.”
This is true, even outside of Information Security field, you need to understand your tools to master your craft. You can read their code to understand how they work (or a very detailed REAME at times), help screens and their manuals (if they have one) will give you a starting point on how to use them. But where do you use them especially when they are security tools? What output should the tool give? What is a successful run? How long does the tool take? What is its baseline? How can I get experience with it? All valid questions which need answers.
To try and achieve these answers, most seasoned professionals will practice first (hopefully in a known, controlled environment!). This is where a “Test Bed/Laboratory” comes into play. Theory is different to practical (You may remember this the first time you were tasked of something new to accomplish). You can take the static theory-based output from help screens, READMEs, and manual pages and hands-on enter the data into programs and monitor the dynamic output and practical response. Its one thing to read something, its another to do it. The result often gives people a deeper understanding.
Practice makes ~perfect~ permanent. So practice, practice, practice! Inquisitive minds can then start to experiment with new configurations, options, commands and flags. Then start to chain items together, or compare similar and alternative solutions, then compare the results, to become more educated and build up a benchmark of knowledge. This grows experience.
They are trying to make it a bit easier to build up your test lab. So we have packaged up:
- DVWA – Damn Vulnerable Web Application
- Juice Shop – OWASP Juice Shop
All you have to do is apt install <package>, else you can use the kali-linux-labs metapackage to get them all! This list will be growing in the upcoming Kali releases!
This list will be growing in the upcoming Kali releases!
*Note: At times, you may be running codes that are designed to be vulnerable. Please take the necessary steps to secure your environment.
Kali for Virtual Machines
They have already provided Kali Linux images for VMware and VirtualBox since the start. For this release, there’s been a few changes worth noting.
They now distribute the VirtualBox image as a VDI disk and a .vbox metadata file, or to say it short: the native format for VirtualBox images. It should be a bit faster to download, as those images have a better compression ratio compared to the OVA images that they used to provide. It should also be a bit more straightforward to use it, you just need to unpack the image in your VirtualBox folder and run it. In case you need help, refer to our documentation: Import Pre-Made Kali VirtualBox VM.
Additionally, they just started to provide weekly builds of our VM images. These images are built from the kali-rolling branch, meaning that they have the most up-to-date packages, but on the other hand they don’t receive as much testing as their quarterly releases.
Last but not least, the scripts that they use to build those images are now available on GitLab. If you need to build custom Kali VM images, this is the place to go!
Trending: Offensive Security Tool: Offensive-Azure
New Tools in Kali
It would not be a Kali release if there were not any new tools added! A quick run down of what has been added (to the network repositories):
- BruteShark – Network Analysis Tool
- DefectDojo – Open-source application vulnerability correlation and security orchestration tool
- phpsploit – Stealth post-exploitation framework
- shellfire – Exploiting LFI/RFI and command injection vulnerabilities
- SprayingToolkit – Password spraying attacks against Lync/S4B, OWA and O365
There have been numerous packages updates as well.
Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?
If you want to express your idea in an article contact us here for a quote: [email protected]
Source: kali.org
Recent News
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
