#1 Middle East & Africa Trusted Cybersecurity News & Magazine |

30 C
Dubai
Monday, October 14, 2024
Cybercory Cybersecurity Magazine
HomeTopics 5Security Operation CenterThe Latest Kali Linux 2024.3 Release Brings Major Transitions and Updates -...

The Latest Kali Linux 2024.3 Release Brings Major Transitions and Updates – Here’s What You Need to Know

Date:

Related stories

OpenAI Thwarts 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

In an era where artificial intelligence (AI) is revolutionizing...

Hacker Attack Disrupts Russian State Media on Putin’s Birthday

On October 7, 2024, a significant cyberattack disrupted Russian...
spot_imgspot_imgspot_imgspot_img

Kali Linux, the go-to operating system for penetration testers and cybersecurity professionals, has rolled out its 2024.3 release. Packed with significant updates and transitions, this release marks an important milestone as the community works through multiple stack migrations, including the much-anticipated Python 3.12 transition. With this release, users gain access to new tools, optimizations, and enhancements, all while preparing for the substantial changes on the horizon in the 2024.4 release.

For seasoned users, this version may feel like a transitional period, with several backend adjustments aimed at improving future stability and security. Let’s dive into the key highlights and important details of Kali Linux 2024.3.

Download | Upgrade

Changelog Highlights
The new Kali Linux 2024.3 release features numerous transitions and updates, primarily focused on backend improvements. Key updates include:

  1. Qualcomm NetHunter Pro Devices: Qualcomm Snapdragon SDM845 SoC is now supported, enhancing the compatibility of the NetHunter suite with popular devices like OnePlus 6 and Xiaomi Pocophone F1.
  2. 11 New Tools Added: The release introduces several new tools to bolster the capabilities of penetration testers, such as goshs (an HTTP server with extended features), hekatomb (credential extraction from domain computers), and sippts (auditing tools for SIP-based VoIP systems).
  3. Multiple Transitions: Following the t64 transition, the release also tackles updates in GCC 14, glibc 2.40, and Python 3.12. However, Python 3.12 won’t become the default until the 2024.4 release. Until then, Python 3.11 remains the default interpreter in this version.
  4. Kali Kernel Now at 6.8: The release also sees Kali Linux upgrade to the 6.8 kernel, further solidifying its standing as a cutting-edge OS for cybersecurity professionals.

New Tools and Features
Several new tools have been added in this release, many of which come from community contributions. Some highlights include:

  • goshs: A more feature-packed alternative to SimpleHTTPServer.
  • graudit: A source code auditing tool to identify vulnerabilities.
  • netexec: Network service exploitation automation tool.
  • sqlmc: Scans domain URLs for SQL injection vulnerabilities.

With each new release, Kali demonstrates its commitment to providing users with the most comprehensive toolkit for digital forensics, security research, and penetration testing.

Kali NetHunter and ARM Updates
The 2024.3 release brings substantial updates for the NetHunter platform as well, adding support for additional devices with Qualcomm Snapdragon SDM845 SoCs, such as OnePlus 6/6T, Xiaomi Mi MIX 2S, and Fairphone 4. Meanwhile, Kali ARM builds have seen improvements in both compatibility and performance, including support for Raspberry Pi 4 Compute Module Wi-Fi and a speed boost for Raspberry Pi 5 with A2 microSD cards.

The Python 3.12 Transition
One of the most impactful changes coming in the next release is the Python 3.12 update, which removes several deprecated APIs. This means some packages may break if they haven’t been updated to handle the new Python version. In this release, Python 3.11 remains the default interpreter to give developers and users time to adjust. By the next release (2024.4), Python 3.12 will be standard, and pip package installation will no longer be supported.

10 Best Practices for Using Kali Linux

  1. Regular System Updates: Always keep your Kali installation updated by regularly running sudo apt update && sudo apt -y full-upgrade to get the latest patches, tools, and security fixes.
  2. Use Virtual Machines or Containers: To maintain a secure testing environment, use Kali Linux in virtual machines like VirtualBox or VMware. Alternatively, you can run it in containers (Docker) to isolate activities.
  3. Configure Proper Network Security: Avoid running Kali Linux on open or insecure networks. Ensure that you have a firewall set up and consider using VPNs for added privacy during penetration testing.
  4. Enable Multi-Factor Authentication (MFA): Secure your Kali system by enabling multi-factor authentication, especially for remote access services like SSH.
  5. Utilize Non-Root User: Avoid running Kali as the root user for everyday tasks. Set up a regular user account for non-admin tasks to prevent unintended system damage.
  6. Use Encrypted Storage: When installing Kali Linux, enable full disk encryption to safeguard data on your system. For sensitive data storage, consider using tools like VeraCrypt.
  7. Backup Configurations Regularly: Backup important configurations, tools, and scripts so you can quickly restore them in case of corruption or system failure.
  8. Participate in the Kali Community: Get involved in the Kali community by reporting bugs and contributing to the development of tools, scripts, or documentation.
  9. Use Sandboxed Browsing for Research: To protect your Kali installation from malicious websites, use a sandboxed browser when researching vulnerabilities or attack vectors.
  10. Practice Ethical Hacking: Ensure all your testing activities comply with legal and ethical guidelines. Always have authorization before performing any penetration testing on networks or systems.

10 Best Tools in Kali Linux 2024.3

  1. Nmap: A versatile network scanning tool for discovering hosts, ports, and services on a network.
  2. Metasploit: A powerful penetration testing framework that helps security professionals exploit vulnerabilities and test system security.
  3. Wireshark: A network protocol analyzer that allows you to capture and inspect network traffic in real time.
  4. Burp Suite: A web application security scanner that helps identify and exploit web vulnerabilities.
  5. Hydra: A password-cracking tool that supports numerous protocols for brute force password attacks.
  6. John the Ripper: A fast password cracker that can be used to test the strength of password hashes.
  7. SQLmap: An automated tool for detecting and exploiting SQL injection vulnerabilities in databases.
  8. GoBuster: A directory brute-forcing tool used for web application security assessments.
  9. Aircrack-ng: A complete suite of tools to assess Wi-Fi network security and perform WEP/WPA/WPA2 attacks.
  10. Netcat: A versatile networking tool used for debugging and investigating network connections.

10 Steps to Use and Understand Kali Linux 2024.3

  1. Install Kali Linux:
    • Download the latest Kali Linux ISO from the official website.
    • Use a hypervisor like VirtualBox or VMware to create a virtual machine, or install it directly on a physical machine.
  2. Update the System:
    • After installation, update your Kali system by running:bashCopy codesudo apt update && sudo apt -y full-upgrade
  3. Familiarize Yourself with Kali’s Interface:
    • Explore the GNOME or Xfce desktop environments (depending on your installation) to understand basic navigation and system utilities.
  4. Explore Pre-Installed Tools:
    • Access the Kali menu to view all categories of tools, such as Information Gathering, Vulnerability Analysis, and Exploitation Tools.
  5. Install Additional Tools:
    • Install any missing tools you might need by using:bashCopy codesudo apt install <tool-name>
  6. Run Nmap for Network Scanning:
    • Perform a basic network scan using Nmap:bashCopy codesudo nmap -sP <target-IP-range>
  7. Test Web Application Security with Burp Suite:
    • Launch Burp Suite and configure your browser proxy to intercept web traffic for analysis and exploitation.
  8. Crack Wi-Fi Passwords Using Aircrack-ng:
    • Use Aircrack-ng to capture Wi-Fi packets and attempt to crack a WEP/WPA/WPA2 password:bashCopy codesudo airmon-ng start wlan0
  9. Use Metasploit for Vulnerability Exploitation:
    • Launch Metasploit and use it to find and exploit system vulnerabilities:bashCopy codesudo msfconsole
  10. Stay Informed and Update Frequently:
    • Read Kali’s official blog and documentation to stay up to date with the latest releases and changes. Always use the latest tools for efficient and secure testing.

10 Tips to Prepare for Future Transitions and Avoid Cybersecurity Threats

To ensure that your systems remain secure and up-to-date, especially with major updates like the Python 3.12 transition, here are ten tips for cybersecurity professionals:

  1. Stay Updated: Always keep your systems and tools updated with the latest versions, including any patches or fixes from Kali’s repository.
  2. Test Compatibility Early: If you rely on custom tools or scripts, test them with Python 3.12 in a sandbox environment before the final rollout to ensure compatibility.
  3. Backup Regularly: Make sure you back up your important files and configurations before upgrading Kali to avoid data loss.
  4. Harden Network Security: Implement strong firewall rules, VPN configurations, and secure SSH access to protect against unauthorized access.
  5. Use Multi-Factor Authentication: Enforce multi-factor authentication (MFA) wherever possible to secure accounts and access points.
  6. Review and Update Scripts: Scripts relying on deprecated APIs should be reviewed and updated for compatibility with the new Python versions.
  7. Contribute to Bug Reports: Encounter bugs or issues? Contribute feedback to the Kali community via bug reports to improve future releases.
  8. Stay Informed: Regularly check Kali’s blog and documentation for any upcoming changes, and be proactive in adapting to them.
  9. Test New Tools: Take the time to explore new tools added to Kali, as they can significantly expand your cybersecurity capabilities.
  10. Secure Development Environments: Ensure your testing and development environments are isolated from production systems to prevent accidental exposure of vulnerabilities.

Conclusion
The Kali Linux 2024.3 release sets the stage for some major transitions, most notably the move to Python 3.12. While this update primarily focuses on backend optimizations, users should be prepared for a wave of new updates and features coming in the next release. The additions of new tools and enhancements to the NetHunter platform ensure that Kali remains at the forefront of cybersecurity tools.

As we look forward to 2024.4, this is an exciting time for Kali users, who are encouraged to test new features and report bugs to make the platform even more robust.

Want to stay on top of cybersecurity news? Follow us on Facebook, X (Twitter), Instagram, and LinkedIn for the latest threats, insights, and updates!

Ouaissou DEMBELE
Ouaissou DEMBELEhttps://cybercory.com
Ouaissou DEMBELE is an accomplished cybersecurity professional and the Editor-In-Chief of cybercory.com. He has over 10 years of experience in the field, with a particular focus on Ethical Hacking, Data Security & GRC. Currently, Ouaissou serves as the Co-founder & Chief Information Security Officer (CISO) at Saintynet, a leading provider of IT solutions and services. In this role, he is responsible for managing the company's cybersecurity strategy, ensuring compliance with relevant regulations, and identifying and mitigating potential threats, as well as helping the company customers for better & long term cybersecurity strategy. Prior to his work at Saintynet, Ouaissou held various positions in the IT industry, including as a consultant. He has also served as a speaker and trainer at industry conferences and events, sharing his expertise and insights with fellow professionals. Ouaissou holds a number of certifications in cybersecurity, including the Cisco Certified Network Professional - Security (CCNP Security) and the Certified Ethical Hacker (CEH), ITIL. With his wealth of experience and knowledge, Ouaissou is a valuable member of the cybercory team and a trusted advisor to clients seeking to enhance their cybersecurity posture.

Subscribe

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

spot_imgspot_imgspot_imgspot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here