Kali Linux, a penetration testing app from Offensive Security, became available in the Microsoft Store on Monday.
Windows 10 users can download and install the Kali Linux app onto the Windows Subsystem for Linux.
Microsoft last summer announced that WSL, which makes it possible to run operating systems like Ubuntu, would become a fully supported part of the Windows 10 Fall Creators Update.
The availability of Kali Linux is especially appealing to penetration testers and security professionals whose toolsets have been limited due to enterprise compliance standards.
Before installing Kali Linux on WSL, users first need to update their Windows 10 machine. They can then open an administrative PowerShell window and install the Windows Subsystem with this one-liner:
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
A reboot will be required when finished.
Users then can download the app from the Microsoft Store and proceed with the installation.
There are some drawbacks to running Kali natively on Windows, as it lacks raw socket support. However, the extension allows for some additional security features, including opening a series of new command tools.
Increased Adoption
“I think the target will be enterprise and managed services security folks,” said Paul Teich, principal analyst at Tirias Research.
“Kali Linux on WSL will enable them to better test security on their Win10 laptops, desktops and workstations from one pane of glass,” he told LinuxInsider.
The release will ‘lower the barrier to entry” for those who are interested in penetration testing, according to James Lerud, head of behavioral research team at Verodin.
“Newcomers will need to learn basic Linux and scripting skills, but many feel more comfortable in a Windows environment,” he told LinuxInsider.
While not as flexible as other implementations of Kali Linux, its availability on WSL opens a number of leading open source penetration testing and security tools to users in Windows environments, noted Mark Nunnikhoven, vice president of cloud research at Trend Micro.
“This makes it easier for IT security teams in enterprises to access these tools in a streamlined environment,” he told LinuxInsider. “No longer will they require a weighty virtual machine or additional equipment.”
New Kernel
Kali Linux version 2018.1, released last month, followed the release of version 2017.3 last fall. The latest version is the first release since the Meltdown and Spectre vulnerabilities were disclosed.
The new version has a 4.14.12 kernel, which includes two major new features: secure memory encryption in AMD processors and increased memory limits.
The new secure memory encryption means that in newer AMD processors there will be automatic encryption and decryption of DRAM, which will protect against cold-boot attacks.
The increased memory limits mean that while older 64-bit processors had a limit of 64 TB of physical address space and 256 TB of virtual space, the new processors will enable 5-level paging, which is supported in 4.14.4. Therefore, the new processors will support 4 PB of physical memory and 128 PB of virtual memory.
Besides the updated kernel, a number of packages were upgraded, including zaproxy, secure-socket-funneling, pixiewps, seclists, burpsuite, dbeaver and reaper.