Kali Linux 2023.3 Released along with many tools and feature updates which can be useful for security researchers, penetration testers, bug bounty hunters and many other security personnels.
To highlight a few major changes from the previous release, there is a major stack change or Internal infrastructure to be precise. Additionally, Kali purple has been included with a new “Autopilot” feature and new 9 tools have been added to Kali linux.
Internal Infrastructure Under Development
The Kali team has been doing a re-work, re-design and re-architecture of their infrastructure ever since the release of Debian 12. “This [internal infrastructure] is where a good amount of our focus has been for this release-cycle (and also the next one unfortunately). We are hoping that the majority of it will be done by the end of the year (so we can get back to what we do best!)” reads the post by Kali.
The Kali team stated that they are working on to simply their software stacks by reducing to,
- One OS version (Debian 12)
- One CDN/WAF (Cloudflare)
- One Web server service (Nginx)
- One Infrastructure as Code (Ansible)
In addition to this, it was also mentioned that certain softwares will be replaced during the Phase #2 of this development.
Kali Linux 2023.3 – Kali Autopilot
Kali Purple was released during the release of Kali 2023.1 which is a defensive security that includes several Intrusion Detection Systems and network monitoring tools. However, in addition to the pre-built defense, Kali Autopilot has also been introduced
This Kali Autopilot is an attack framework that can follow predefined attack scenarios. This feature can help security personnels to simulate and confirm whether the SIEMs, IDS, WAFs and other things have been set up properly and working. This can otherwise be said that an attacker’s intrusion can be simulated and every security tool can be verified if working fine.
Example attack scripts can also be downloaded and they are currently available for juice-shop and DVWA (Damn Vulnerable Web Application).
New Tools In Kali
At Kali Linux 2023.3 release, Around 9 new tools have been included in Kali which focussed on network security, Kubernetes, virtual machines and C2 framework.
- Calico, which was a widely-used networking and network security solution for Kubernetes, virtual machines and bare-metal workloads has been included along with the current Kali release.
- ImHex, a cross-platform Hex editor tool for reverse engineers and programmers
- cri-tools, a package which consists of CLI for Kubelet and validation tools for Kubelet CRI (Container Run-time Interface).
- kustomize which is a tool used to customize raw YAML configuration files without editing the original YAML file.
- Villain, a Command & Control framework tool capable of handling multiple reverse shells.
- rz-ghidra, a sleigh disassembler integration for rizin (a radare2 based reverse engineering framework for analyzing binaries)
- Rekono, a tool for automating a complete penetration testing process by combining multiple tools and their outputs.
- unblob, a tool which is capable of parsing unknown binaries for more than 30 archive, file system formats and compressions.
- Hubble, a networking and security service related platform for cloud-native workloads for Kubernetes using eBPF (extended Berkeley Packet Filter).
Furthermore, some packages were dropped from Kali due to various reasons like
- king-phisher, was dropped since the tool was no longer maintained by the author. However, it is replaced by GoPhish.
- plecost which was a wordpress fingerprinter tool was dropped since it does not work with python 3.11 and there was no response from the original author. However, WPscan can be used as an alternative for this tool.
In addition to these things, there have been several new updates with Kali Nethunter, ARM and packaging tools. For more detailed information on the new Kali release, the Kali release page can be utilized.