Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!
Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it.
Kali Linux 2021.3 changes
The changes in this version include:
OpenSSL has been configured for wider compatibility, allowing the use of legacy protocols, meaning that Kali can now talk to older, legacy systems that use them.
The option allows users to search for additional attack surfaces. As the developers noted, “If your target has these End of Life services running, having then forgotten about them, what else could this undercover?”
The use of Kali (Live image) in virtualization environments (VMware, VirtualBox, Hyper-V and QEMU+Spice) has been made easier with, and so has configuring Kali for Hyper-V Enhanced Session Mode.
The developers have also released the first Kali NetHunter version for a smartwatch – the TicHunter Pro (running Wear OS).
“It is still experimental, hence the features are limited to USB attacks, and some basic functions. The hardware also has limitations, as such a small battery won’t supply enough voltage for any OTG adapters, so huge antennas won’t stick out of your wrist,” the developers noted. Future improvements include support for Nexmon and internal Bluetooth usage.
Kali Linux 2021.3 also comes with a number of new tools:
- Berate_ap (for orchestrating MANA rogue Wi-Fi Access Points)
- CALDERA (scalable automated adversary emulation platform)
- EAPHammer (for targeted evil twin attacks against WPA2-Enterprise Wi-Fi networks)
- HostHunter (a recon tool for discovering hostnames using OSINT techniques)
- RouterKeygenPC (for generating default WPA/WEP Wi-Fi keys)
- Subjack (a tool for pulling off a subdomain takeover)
- WPA_Sycophant (evil client portion of EAP relay attack)
The developers have also announced tweaks to Kali ARM images, a new site for exploring Kali Tools, and redesigned desktop and themes.
For more details, check out Offensive Security’s blog post.