The Offensive Security has just released the second 2023 update of its ethical hacking operating system. Cali 2023.2 it introduces many new features, but the project highlights two above the rest: an image to run the operating system on Hyper-V and that they have started to use the PipeWire audio server. It must be remembered that this is the first version after the tenth anniversary version, that which also introduced another image, but this one was thought to be more secure, to protect our equipment.
Kali 2023.2 also introduces new versions of the desktops, or rather, updated desks. As always, they have taken the opportunity to introduce new tools to test our systems. Do not forget that Kali Linux, like Parrot, is offered with the label of "ethical hacking".
Highlights of Kali Linux 2023.2
With this release, The Offensive Security has released a image for Hyper-V from Microsoft. It may be less known (I think it is), but it is software for running virtual machines. This type of image would be the counterpart of the VirtualBox OVA: it is opened and the operating system is already available without the need to install it. This image has Enhanced Session Mode enabled by default.
Kali Linux 2023.2 will change how things sound, or at least what is used to make them sound. PipeWire replaces PulseAudio. For those who don't know, and I quote the original article, PipeWire is a server to manage audio, video streams and hardware on Linux. It was released in 2017 and is under active development. This change is for the Xfce edition, as GNOME already used it by default.
Xfce is the default graphical environment from Kali, and by itself does not support PipeWire, but PipeWire provides a compatibility layer, pipewire-pulse. This is what makes things work.
Continuing with the desktops, Kali Linux 2023.2 has improved its support for i3. Initially, it is not installed by default, but the packages can be installed kali-desktop-i3 and kali-desktop-i3-gaps. Now the work has been done so that everything from the first package can be installed, so the user experience should be good with less effort. This is welcome, as i3 can be difficult to set up and easy to get lost in dependencies.
More news on the desks
Xfce
New extension for the Xfce file manager: GtkHash. It provides the option to quickly compute checksums, for which you just have to right click on the files and then open them with the corresponding tab. It is not necessary to do it via terminal.
GNOME 44
Kali Linux 2023.2 already has GNOME 44, a desktop with a more polished experience that improves on the work done in previous versions. On the other hand, it has been included the extension of the advanced stacking which is already available in Ubuntu 23.04 as an option and will arrive installed by default in Ubuntu 23.10.
Finally, regarding the image, with this release work has begun to update and improve the Kali menu. The first goal is to improve how tools are listed at the top of kali.org/tools.
New tools in Kali Linux 2023.2
- Cilium-cli – Installation, management and troubleshooting of Kubernetes clusters.
- Cosign – Container signature.
- Eksctl – Official CLI for Amazon EKS.
- Evilginx – Standalone man-in-the-middle attack framework used to spoof login credentials in conjunction with session cookies, allowing bypass of 2-factor authentication.
- GoPhish – Open source phishing toolkit.
- Humble – A fast, security-oriented HTTP header parser.
- Slim(toolkit) – Don't change anything in your container image and minify it.
- Syft – Generation of a software BOM from container images and file systems.
- Terraform – Create, change and improve infrastructure in a secure and predictable way.
- Tetragon – eBPF-based security observability and application runtime.
- TheHive – Free, open source, scalable security incident response platform.
- Trivy – Find vulnerabilities, misconfigurations, secrets, containerized SBOM, Kubernetes, code repositories, clouds, and more.
- Wsgidav – Generic and extensible WebDAV server based on WSGI.
More information, download, images and content: The Offensive Security.