Kali Linux Reviews

We have some entirely backend services that function as an integration layer, where multiple applications exchange data through it. For any frontend and API control such as Acunetix or Qualys, they are not supported for those kinds of backend services. For that purpose, we are using Kali Linux. Kali Linux has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.

For backend service, Kali Linux is a very good tool, so I can recommend it for that.

Kali Linux has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.

The toolset on the security framework in Kali Linux is fulfilling our purpose of doing the assessment. We are good with that.

Kali Linux has the capability to expand more.

We don't know if Kali Linux has the port scanning capability yet, but that is an area of improvement because we are working with DMZ zones and customized ports. If we can add featured customized port scanning and DMZ zone capability, then it will be a very great tool. It might be there, but we are not exploring it yet.

We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we can use a customized port such as 9876, that capability would be great.

The only point that I didn't find on Kali Linux for now is the ability to customize port scanning.

It has been only five to six months, and the team is getting used to it now.

I should rate the stability of the product as average, good. I would rate it eight, minus two because I don't know about other capabilities.

Kali Linux has the capability to expand more, so I would rate it nine.

I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat.

The initial setup of Kali Linux is okay—not pretty complex or very simple.

It could be simplified from Kali's side for a GUI user, but if we are doing it as command mode, it is okay. We don't find it very hard to install or pretty complex.

For a regular user, they might find it complex. For the technical staff, it's not very complex.

Our DevOps team is doing it, so it is somewhat customized.

I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat. We can say the competitors of Acunetix, such as Burp Suite and Qualys Guard, those are the real competitors. Kali Linux is good because Sysbench is one kind of tool that has the capability of port scanning, but we don't know much about Sysbench as of now.

We are not working with the multi-language support function as of now because we are very new to it, so we are exploring the stuff entirely.

We are not working with the resource constrainer system function. We just use scanning for incoming and outgoing data services as of now.

We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we are able to use a customized port such as 9876, that capability would be great.

I prefer not to comment further because we are very new to the tool. We don't explore 100%, so I can't comment on it with my capacity right now.

I'm not sure about the pricing model because we got a community version of Kali Linux. The customer has purchased it, so I'm not sure about the pricing.

On a scale of one to ten, I rate Kali Linux an eight.

I have been using Kali Linux for almost three to four years now.

I use Kali Linux for penetration testing purposes as well as red teaming activity. I also use it for solving machines in Hack The Box or TryHackMe.

There is a particular machine in Hack The Box which requires you to connect to their machines and perform reconnaissance as well as identify vulnerabilities in the system and exploit them in order to get the flags. That would be my recent use case.

For my coursework, which was a long time ago, I used Kali Linux for vulnerability scanning.

I think the plethora of tools that come built-in with Kali Linux is really helpful. There are a lot of categories which it provides, starting from reconnaissance to exploit. Since all of them are already built-in, I don't have the necessity to go and install every single one of them. Kali Linux has a really good suite of tools already built-in, which is one of the best features that comes to my mind.

I would definitely say the reconnaissance-based tools are my favorite in Kali Linux. There are a lot of reconnaissance tools available. Outside of that, I also use Metasploit and other exploitation tools. However, it predominantly lies with reconnaissance and exploitation.

One feature I found cool was that you can disguise Kali Linux as just another operating system, such as Windows, when you are using it outside.

A good amount of time is saved when it comes to scanning and reconnoitering infrastructure with Kali Linux.

Kali Linux has a variety of tools and a variety of word lists present, which makes it a lot easier to choose between options. For example, for subdomains, there are a bunch of them. Particularly for finding the fields of requests, there are many options. All of this makes it easier rather than going to the web to search for a particular list and curating the list for a particular thing. In that case, I would say it is saving me a good amount of time.

I feel there is not much for me to say in this because as far as all the products that I have used within Kali Linux, it has never probably been hung up on me or it was pretty smooth overall. I do not really recollect any instance where I felt this could be improved or that could be improved.

The overall theme of Kali Linux seems pretty good. However, something about it might be improved, maybe the overall smoothness of it, because there are sometimes when I try to run a lot of applications, it tries to hang up on me. That might be an area for improvement.

I have been using Kali Linux for two and a half years.

To most parts, Kali Linux is stable in my experience nine out of ten times.

I have no scalability issues with Kali Linux.

I had worked with Parrot OS, but I did not like the interface, so I switched to Kali Linux.

I cannot speak for the organization as a whole, but Kali Linux is used quite a lot in my team, and particularly by me. It does help me to increase my pace when it comes to the reconnaissance process and also while solving machines in Hack The Box.

Kali Linux is a very good tool and a good overall operating system to use when it comes to penetration testing, as it has a wonderful set of tools. You just need to search for the right tools within it because it offers a plethora of tools. It might be a good way to start identifying what the tools are best suited for your environment and what your needs are.

I have not had to get back to them anytime regarding support for Kali Linux. My overall rating for this product is nine out of ten.

Kali Linux serves as the base OS across all my cloud environments. A typical task or project where Kali Linux plays a key role is that I have designated it as the base OS, which is the underlying operating system I use for all my cloud-native applications, with Kali Linux running across all the cloud nodes used for cloud-native products.

Kali Linux has positively impacted my organization significantly as it aids in red team work and penetration testing. It is not just red team work, as it also involves the blue team who defends and remediates issues, so having these tools available allows us to proactively identify issues rather than reactively, which is typically more difficult. Without these tools, the identification process is complicated and often only occurs after damage is done, making it critical that we utilize red team tools on a regular basis, allowing us to test, identify issues quickly, automate scans, and promptly notify teams to address fixes.

The best features that Kali Linux offers stand out because it is built out of offensive security and blue team validation. It is not only about red team tools but also includes a massive security tool set, boasting over 600 plus tools available via Kali Linux, which we utilize for recon, scanning, exploitation, penetration testing, among others, with various tools such as clients that we can run, along with Metasploit, Burp Suite, SQLMap, Aircrack, Reaver, Hashcat, Hydra, and others to test different scenarios.

Out of all those tools and capabilities, my favorite tools in Kali Linux that I find myself relying on the most are Burp Suite, which I frequently use, and based on Burp Suite issues, I can start the recon and then proceed to exploit using Metasploit or SQLMap, which are the second steps I take.

Kali Linux can be improved, as I have encountered challenges with dependencies that can be overwhelming. It is not always easy to deploy or run the tools without running into dependency issues, particularly on third-party private networks, so having pre-built packages could improve this situation.

I have been using Kali Linux for around 10 years.

Kali Linux is stable.

The scalability of Kali Linux is good.

Customer support for Kali Linux has been great.

Positive

Before Kali Linux, I used more Windows-based tools, which posed significant challenges.

Deploying Kali Linux in my environment was easy, with no hurdles.

My experience with the configuration process was smooth, without any challenges.

I have seen a return on investment with Kali Linux, particularly in terms of needing fewer employees and the time saved, especially securing the business and protecting customer data.

My experience with pricing, setup cost, and licensing is overall good.

We use a variety of other tech products, including a bunch of AWS services, CrowdStrike, Rapid7, Trend Micro, Datadog, Axonius, Splunk, and several others.

I am interested in analyst insights about other solutions.

My advice to others looking into using Kali Linux is that it is a good security tool.

I have shared all valuable information, so I have no additional thoughts about Kali Linux.

I found this interview to be conducted well, and you are doing good.

I would appreciate a short poem or haiku that summarizes my review. I give this review a rating of five out of five.

My main use case for Kali Linux during my educational and research projects was primarily for vulnerability research and cybersecurity research. I used it for understanding the ecosystem and learning about operating systems.

A specific example of how I used Kali Linux for vulnerability research involved exploring the security research products that Kali Linux offers. I watched tutorials to understand how these tools work, and then I conducted practical vulnerability testing to understand the functionality. For learning Linux, I chose Kali Linux because it had many required tools prepackaged, which made it an appealing option. I used it to understand how the Linux ecosystem works, how the kernel functions, and how commands operate. I conducted most of my Linux-related education through Kali Linux.

I believe the best features Kali Linux offers are being a Linux distribution with many prepackaged tools needed for vulnerability research, which is invaluable.

Out of the prepackaged tools, I found everything was very beneficial during my research.

Kali Linux has impacted my work and personal projects positively by providing an accessible platform to understand the entire Linux ecosystem. It has helped me with engaging side projects, not in a business capacity, but in all other ways it has been helpful.

I think Kali Linux is good, but there is a widespread misunderstanding related to Kali Linux because many people believe Kali Linux is a tool for hackers and that anything can be hacked using it. This is a misconception that needs to be addressed.

I have been using Kali Linux for two years, but I want to highlight that my use case was not within my current organization. It was primarily for my educational and research purposes and is not related to my current working organization.

In my experience, Kali Linux is stable.

Kali Linux's scalability for my needs was adequate. I used it for educational purposes, so the scalability requirements were minimal and met my needs.

Before Kali Linux, I used many other distributions such as Linux Mint, Ubuntu, and other Linux distributions. However, Kali Linux had many prepackaged solutions specialized for vulnerability research, which is why I chose to use it.

My experience with pricing, setup cost, and licensing for Kali Linux has been that it was free to use.

Before choosing Kali Linux, I evaluated other options such as Linux Mint and Ubuntu.

My advice to others looking into using Kali Linux is to learn it thoroughly because many people believe Kali Linux is an operating system for hackers and that anything can be hacked with it. This is not accurate. Kali Linux is a tool for security research and vulnerability researchers. I encourage you to approach it with this understanding and then start exploring it. Use it only as an educational tool and not for malicious purposes. I would rate this product a seven out of ten.

My main use case for Kali Linux is for penetration testing.

A quick specific example of how I've used Kali Linux for penetration testing is that there are some tools which could be used to simulate a threat or an attack on, for example, a web browser, and try to pinpoint the issues that happen. There are many tools in Kali Linux that allow an individual to do that.

The best features Kali Linux offers are that it is focused on cybersecurity and has a lot of tools related to cybersecurity.

The specific cybersecurity tools in Kali Linux I find most valuable or use most often include Nmap.

Kali Linux has positively impacted my work by facilitating and simplifying the setup for an operating system and installing tools. It is all in one package, so getting started to do the job happens without the headache of installations, setup, and preparations.

It helps me save a lot of time. For example, I have saved at least one week of installations and operations compared to Ubuntu.

I think there are a lot of efforts which are really great for improving Kali Linux. Increasing the tutorials and the help inside Kali Linux would make it more useful.

I have been using Kali Linux for two years.

Kali Linux is stable.

Kali Linux's scalability is really good; I am using it in a very good way.

I have not needed to reach out for help regarding customer support.

I previously used Ubuntu and installed some tools there, but I switched to Kali Linux because it contains everything at once.

My experience with pricing, setup cost, and licensing has been good because I am using the free version.

I have seen a return on investment by using fewer resources and saving a lot of time.

My experience with pricing, setup cost, and licensing has been good because I am using the free version.

I did not evaluate other options before choosing Kali Linux.

My advice to others looking into using Kali Linux is to try to learn a lot about it before using it. When you start using it, you will find it very useful. I would rate my overall experience with Kali Linux as a 9.

In my cybersecurity work, I use Kali Linux for web application penetration testing, network testing, vulnerability assessment of any devices or domains, multiple testing types, and code testing. Those are certain basic use cases.

I used Kali Linux in multiple companies like banks, IT companies, and even smaller companies like music departments or other departments. But mostly, I use it for IT companies and banks.

The systems that are not completely updated create vulnerabilities on the system or on the domain. So first, we have to upgrade all the systems and apply complete security patches. In Windows, there are security patches; in Linux, there are also security patches. We'll upgrade the system. 

Additionally, Kali Linux is wonderful. If there is a specific requirement for a lower version, then we have to put a specific script over the database or over the code so nobody can directly access that code.

I frequently use SQLmap for web application testing, along with other tools like Burp Suite and Vega.

When we execute commands on tools and the few scripts that I have prepared, we will use SQLmap to execute those scripts on the target system. This helps us find loopholes. Like, a report may show TXG is open or that the configuration password is in cleartext. 

Based on this, we suggest vendors make the required changes, or if they are using an older version, they might need a newer upgrade. So there's a lot of capability in it. We suggest upgrading that version, and after completing the vulnerability assessment, we prepare a diagnostic report with suggestions. 

Once we provide complete details, then they take some time to fix those vulnerabilities. After that, we'll again execute the vulnerability assessment as a second phase. If everything goes fine, then we will give them certification that their system and application are now secure.

Sometimes, I do face challenges. There's an issue where sometimes during the initial installation, it doesn't install properly. It gives multiple errors like packages not installing, so we have to install those tools separately. For instance, if we want to install a network or other tools, we have to install those complete toolkits manually.

So, the challenge is with the initial setup, where I sometimes get errors. 

Regarding wireless attacks, OS attacks, and social engineering... the tools should be easier to learn because I know everything very well, but some people in my team struggle to understand. If there were GUI interfaces for the tools, it would help me guide my team in using them step-by-step. Command lines are very difficult for other team members who know the tool's purpose but not the Linux commands. GUI interfaces need more improvement.

So, the UI interface needs improvement to make it more visible and easier for users. Expert users can do everything without any issues, but new users will struggle.

I've been working with Kali Linux for the last 10 to 12 years. I use the latest version. 

The stability is good because I've been using it for the last ten years. I've completed many successful projects, providing good vulnerability assessments to my clients and vendors.

It is a scalable solution. I would rate the scalability an eight out of ten.  

We have about four to five users using Kali Linux. Two or three are basic users; they need to learn first before they can execute the scripts.

We do not plan to increase the further usage because we do not have the need. I and some other partners have good experience with it, and we are managing those parts.

I tried to connect to customer support through email, but I received responses very slowly. In those situations, I do my own research and development to fix those particular errors.

For their understanding of the errors and providing solutions, I'd give them a ten out of ten. But about response time, I'll give it a five because it's very slow.

Neutral

From my perspective, I can set up Kali Linux with information gathering, vulnerability analysis tools, and application analysis tools. I'm able to configure those. 

However, now many people are interested in cybersecurity. So, I suggest that Kali Linux should improve things like the GUI interface, make it easier to use, and include a training portal that's easier for basic users to understand.

I use it sometimes on-premises and sometimes on the cloud.

Sometimes the setup takes only one hour, no more than that. But if we start getting errors, then it can take four to five hours to complete the setup of Kali Linux.

The price is good because Kali Linux already provides a good bundle of tools. The price is sufficient if you want a good operating system with the necessary tools. So, the cost is not an issue.

Kali Linux is much better than others because it gives you a good set of tools. It is preferred for vulnerability assessments and cybersecurity. You don't have to spend a lot of money on different tools like Tenable. We don't need those because everything is already there in Kali. You just need to explore, configure it properly, and it will provide you with good results.

Overall, I would rate it an eight out of ten because any new user or someone without deep expertise won't be able to understand how to scale or manage it, but an experienced person can. 

In general, Kali Linux is used for hosting applications, developing new applications, and operating systems. It's also used in containers and nodes. The tool offers a smaller footprint than Windows because it lacks the functionality of graphical user interfaces. One advantage of Kali Linux is its lower maintenance requirements than Windows, with slower update cycles and easier maintenance procedures.

The tool's most valuable features are low maintenance and stability. 

The tool is already stable and well-developed, so there's minimal feedback for enhancement or change. However, it should improve security, which is crucial, especially with the increasing use of Kali Linux in cloud environments.

I have been using the product for a few months. 

I rate the tool's stability a ten out of ten.

Kali Linux is scalable and has a smaller footprint. It can be run on multiple instances of your applications.

We have community support. I haven't faced any problems with support. 

The tool's deployment is quick and straightforward compared to Windows. It takes about five to ten minutes to complete. 

Kali Linux offers a perpetual license, meaning you pay for it once and can use it. While free versions of Linux are available, Kali Linux, being an enterprise edition, usually comes with a perpetual license. I rate its pricing a five out of ten. 

Pre-installed tools can provide basic training and security measures, which is helpful. However, these tools may not be sufficient to secure your workload fully. That's why it's important to complement them with other specialized security tools to enhance your overall security.

Before using Kali Linux, make sure you know its pros and cons. It's a good system to learn because it's the best choice for some situations. It has default firewall settings that block everything by default. It's up to the user to decide how much they want to open up.       

Learning Kali Linux takes time because it relies on command-line tasks instead of graphical interfaces. Practice is key to becoming comfortable with it.

I use the solution in my company for vulnerability assessment, to run penetration testing, and to do automated scans of the websites for malware. In general, the tool is useful to check for vulnerabilities in websites and applications.

The interface is good and straightforward to use.

In the older versions of the solution, there were problems with the UI. Improvements are only required in the UI of the product's older version. In the latest version of the product, the UI is good. If you know how to use the product, the UI part is okay.

There can be some lagging issues because the product gets stuck at times, making it an area of concern where improvements are required.

I have experience with Kali Linux since 2017.

It is a stable solution. Stability-wise, I rate the solution an eight out of ten.

At times, the product gets stuck, and there are some lagging-related issues, but it is something that depends on the system you are running the product on, so you can change the system if required.

It is a scalable solution.

Only I use the product in my company.

The tool is not hard to deploy. You just need to download Kali Linux Images and decide on how you want to deploy it. You can deploy the tool directly on a laptop, or you can deploy it through VirtualBox from VMware. For deployment, I just need to open Kali Linux Image on VirtualBox.

It is an open-source tool.

I have found the tool to be the most effective when we want to run the vulnerability assessment provided by the solution in our company for certain websites and applications so that we can find or detect issues. In our company, Kali Linux is used for most of the use case scenarios where vulnerability assessment is required.

The areas I found to be the most effective from the perspective of security tasks are Zed Attack Proxy (ZAP), Metasploit, Wireshark, Nikto, and SQLMAP.

There have been a lot of benefits from the pre-installed tools in the product, in terms of security auditing part in our company. There are also other operating systems on which you can run Kali Linux, where users are provided with a massive range of tools like BlackArch Linux and ParrotOS, which are useful for certain use cases.

The product is good to start with, and it is good for penetration testing and vulnerability assessment. It is good for those who want to go into the line of website security. New users of the product should know the basics of Linux to be able to use the solution because it is an area that could be hard for many.

The value derived from the use of the product in our company stems from the results it provides us. The reason to use the product is to get answers when you run a vulnerability assessment from a security perspective. The product provides an outcome that can be used to access the security posture of an application, and it can also help you find loopholes. In general, it can be used to test applications.

I rate the tool a ten out of ten.