Kali Linux 2021.3 released with new pentest tools, improvements

​Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface.

Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.

With this release, the Kali Linux Team introduces the following new features:

OpenSSL - Wide compatibility by default New Kali-Tools site - Kali-Tools has had a complete refresh Better VM support in the Live image session - Copy & paste and drag & drop from your machine into a Kali VM by default New tools - From adversary emulation, to subdomain takeover to Wi-Fi attacks Kali NetHunter smartwatch - first of its kind, for TicHunter Pro KDE 5.21 - Plasma desktop received a version bump

OpenSSL: All legacy protocols enabled

Many Linux distributions disable older insecure protocols in OpenSSL, such as TLS 1.0 and TLS 1.1, to secure devices and websites properly.

However, as Kali Linux is a penetration test distribution, it makes more sense to enable all protocols so that you can target all systems, even older devices using insecure protocols.

With this release, Offensive Security is configuring OpenSSL for wide compatibility, which means that they are enabling older ciphers and insecure protocols to increase the attack surface.

Increased virtualization support

The Kali Live image gained increased support for running in virtualized environments such as VMware, VirtualBox, Hyper-V, and QEMU+Spice.

Offensive Security states that you can now use the Live image in a virtualized environment and automatically get copy and paste and drop and drop functionality without the need to install guest additions or other guest software.

In BleepingComputer's tests running the Kali Linux 2021.3 Live build in the latest version of VirtualBox on Windows, resizing the display and copy and paste worked out of the box.

However, we could not get the drag and drop feature to work.

New tools added in Kali Linux 2021.3

It wouldn't be a new Kali Linux version without some new tools and utilities, which are listed below:

Berate_ap - Orchestrating MANA rogue Wi-Fi Access Points CALDERA - Scalable automated adversary emulation platform EAPHammer - Targeted evil twin attacks against WPA2-Enterprise Wi-Fi networks HostHunter - Recon tool for discovering hostnames using OSINT techniques RouterKeygenPC - Generate default WPA/WEP Wi-Fi keys Subjack - Subdomain takeover WPA_Sycophant - Evil client portion of EAP relay attack

Revamped Kali-Tools site

Offensive Security has revamped the Kali-Tools site with a design refresh and speed improvements. In addition, OffSec hopes to make this documentation repository available offline soon.

Enhanced ARM support

The Kali Linux team continues to improve support for ARM devices with the following changes:

Our Kali ARM build-scripts have been re-worked. Thanks to @cyrus104, we now have a build-script to support the Gateworks Newport board, and he also added documentation for it. @Re4son contributed a build-script for the Raspberry Pi Zero W based “Pi-Tail” (Find more information here). Additionally, the RaspberryPi Zero W based “P4wnP1” build-script has undergone some major changes. All images should finally resize the file-system on the first boot. We now re-generate the default snakeoil cert, which fixes a couple of tools that were failing to run previously. Images default to iptables-legacy and ip6tables-legacy for iptables support. We now set a default locale of en_US.UTF-8 on all images, you can, of course, change this to your preferred locale. The Kali user on ARM images is now in all of the same groups as base images by default, and uses zsh for the default shell. You can change your default shell by using the kali-tweaks tool which also comes pre-installed. Raspberry Pi images can now use a wpa_supplicant.conf file on the /boot partition. Raspberry Pi images now come with kalipi-config, and kalipi-tft-config pre-installed. Pinebook Pro’s kernel has been updated to 5.14, and you now get messages on the LCD screen as it’s booting, instead of a blinking cursor until X starts.

How to get Kali Linux 2021.3

To start using Kali Linux 2021.3, you can upgrade your existing installation or download ISO images for new installs and live distributions.

For those updating from a previous version, including installs on the Windows Subsystem for Linux (WSL), you can use the following commands to upgrade to the latest version.

echo "deb http://http.kali.org/kali kali-rolling main non-free contrib" | sudo tee /etc/apt/sources.list sudo apt update && sudo apt -y full-upgrade cp -i /etc/skel/.bashrc ~/ cp -i /etc/skel/.zshrc ~/ chsh -s /bin/zsh [ -f /var/run/reboot-required ] && sudo reboot -f

Once you are done upgrading, you can if the upgrade to Kali Linux 2021.3 was successful by using the following command:

grep VERSION /etc/os-release

A full changelog for Kali 2021.3 can be found at Kali's website.