+ 4

What's the point of using Kali Linux when you can install Kali Linux tools on any debian based OS (ex:Ubuntu) ?

3rd Jul 2018, 3:38 PM

Retul

2 Answers

+ 6

That's actually a great question. People who use Kali Linux are usually penetration testers. There has been a lot of popularity so many script kiddies use Kali so they can perform newb attacks. Hackers also use Kali to speed up their attacks since it has most tools in one place. However, what you will see if you meet higher level pentesters and hackers is that they usually stay away from Kali and end up using things like Ubuntu or other distros and simply download and customize their own list of tools. More often than not, they also build their own tools or modify existing tools to streamline their workflow. In essence, if you see someone using the basic Kali distro, you can make an assumption about that person: 1) they're a professional pentester (usually not the case), 2) they're a script kiddie who learned how to use a couple of tools on the distro and want to look like a real hacker (usually the case), 3) they may be a pentester but they are more of a script kiddie because they do pentests but have no idea how the tools work and have next to no idea how to build their own tools without Kali, or 4) they are a pentester or hacker and just want to speed up their workflow by having the tools they know how to build but don't have the time or energy to build themselves in one centralized platform.

3rd Jul 2018, 11:10 PM

Xpl0it

+ 3

9 times out of 10, its usually a script kiddie who just wants to look cool and look like a real hacker. You can usually pick out a script kiddie because if you press them on how a tool they are using works, they will give you an answer about what the tools does, not how it does it. Ex: Question - How does aircrack-ng work? script kiddie answer: it steals the wifi packets and lets you use them to crack the .cap file so you can find the password real hacker/pentester answer: well it depends on the type of encryption but let's say we are talking about wep encryption. Aircrack will communicate with the router or other device by trying to initialize a handshake. It'll send an RST packet to kick the device off momentarily and wait for the other devices to send their SYN packets to the router. Once they send the SYN packets, the router will send back a ACK packet and the devices will return either the ACK packet or both the SYN and ACK packet which is the 3 way handshake. There is also a 4 way handshake which works basically the same way. Aircrack lets you intercept the handshake by capturing those packets of the handshake and use them to fake (fakeauth) your device or to crack the actual packets from the handshake so you can find the key for future use. As you can see, theres a major difference in how a script kiddie and a hacker/pentester answer questions like this. In short, don't be a skiddie. They're lame and they are usually stupid.

3rd Jul 2018, 11:10 PM

Xpl0it