Why to choose Kali Linux for forensic investigation?

It's a misconception that Kali Linux means HACKING. A Debian based open source maintained Linux platform by Offensive Security is the most useful tool for network security, forensic analysis and penetration testing.


Kali Linux is NOT for hacking or cracking or stealing someone's data or getting someone's Facebook or Gmail password. It's purely a myth. However, unlike Debian, it is focused on forensics. For this reason, Kali preinstalls packages relevant for forensics. Kali also actively seeks bugs in forensics-related packages. Thus Kali saves you from finding and installing forensic packages. It also keeps you informed about bugs in these packages. Furthermore, it provides a community platform for those interested in forensics.

Here are the reasons of using Kali -

  • Pre-installed tools - 300+ PenTesting tools are available in the Kali, which is a big collection.
  • Tools are easily available to install
  • Updated VMware and VirtualBox Images
  • Customizations of Kali ISOs(If need be, you can also build your customizations of Kali Linux. These ISOs may be bootstrapped directly from the repositories maintained by the Offensive Security).
  • Metasploit Framework in Kali (The discussion on Kali (or Backtrack for that matter) can be incomplete without a mention of how nicely the Metasploit Framework is integrated with this distro. While 'msfconsole' brings it up, 'msfupdate' can update the Metasploit framework. Just like in Backtrack, POSTGRESQL is used to store the database.The guys from offensive security and rapid7  behind the Metasploit project.)
  • 300+ PenTesting tools - This is somewhat a big collection, and the chances are that we wouldn't need all of them and we may be needing some that aren't included by default. However, packages can at all times be grabbed from the repositories at will, so that is never an issue.

Tools in Kali Linux

Tools are mostly the same as those found in Backtrack. However, within the Kali Linux menu, 10 Safety tools have been highlighted as the Top 10. Anybody who has worked on BT would have no trouble guessing which tools would be out there on Kali and which have to be grabbed from the repositories. More than three hundred tools come packaged with Kali that is sufficient to serve the needs of most PenTests. The Top 10 tools in Kali Linux are as follows:

  • Aircrack-ng – Package for wireless Cracking
  • Burp Suite – For Web Applications Pentesting
  • Hydra – For on-line Brute-Forcing of Passwords
  • John – For offline Password Cracking
  • Maltego – For Intelligence Gathering
  • Metasploit Framework – For Exploitation
  • Nmap – For Network Scanning
  • Owasp-zap - For finding vulnerabilities in web applications
  • Sqlmap – For exploiting SQL Injection Vulnerabilities
  • Wireshark – Network Protocol Analyzer

For more information visit - https://www.kali.org/
The docker image for Kali + Metasploit Framework - https://github.com/ravindrasingh22/kali-docker/