Kali Linux 2017.2 – Released with Powerful New Tools

Comments Off on Kali Linux 2017.2 – Released with Powerful New Tools

In addition to all of the standard security and package updates that come to us via Debian Testing, we have also added more than a dozen new tools to the repositories, a few of which are listed below. There are some really nice additions so we encourage you to ‘apt install’ the ones that pique your interest and check them out.

  • hurl – a useful little hexadecimal and URL encoder/decoder
  • phishery – phishery lets you inject SSL-enabled basic auth phishing URLs into a .docx Word document
  • ssh-audit – an SSH server auditor that checks for encryption types, banners, compression, and more
  • apt2 – an Automated Penetration Testing Toolkit that runs its own scans or imports results from various scanners, and takes action on them
  • bloodhound – uses graph theory to reveal the hidden or unintended relationships within Active Directory
  • crackmapexec – a post-exploitation tool to help automate the assessment of large Active Directory networks
  • dbeaver – powerful GUI database manager that supports the most popular databases, including MySQL, PostgreSQL, Oracle, SQLite, and many more
  • brutespray – automatically attempts default credentials on discovered services

 

 

On top of all the new packages, this release also includes numerous package updates, including jd-gui, dnsenum, edb-debugger, wpscan, watobo, burpsuite, and many others. To check out the full list of updates and additions, refer to the Kali changelog on bug tracker.

Ongoing Integration Improvements

Beyond the new and updated packages in this release, we have also been working towards improving the overall integration of packages in Kali Linux. One area in particular is in program usage examples. Many program authors assume that their application will only be run in a certain manner or from a certain location. For example, the SMBmap application has a binary name of ‘smbmap’ but if you were to look at the usage example, you would see this:

Examples:

 

$ python smbmap.py -u jsmith -p password1 -d workgroup -H 192.168.0.1

$ python smbmap.py -u jsmith -p ‘aad3b435b51404eeaad3b435b51404ee:da76f2c4c96028b7a6111aef4a50a94d’ -H 172.16.0.20

$ python smbmap.py -u ‘apadmin’ -p ‘asdf1234!’ -d ACME -h 10.1.3.30 -x ‘net group “Domain Admins” /domain’

 

If you were a novice user, you might see these examples, try to run them verbatim, find that they don’t work, assume the tool doesn’t work, and move on. That would be a shame because smbmap is an excellent program so we have been working on fixing these usage discrepancies to help improve the overall fit and finish of the distribution. If you run ‘smbmap’ in Kali 2017.2, you will now see this output instead:

Examples:

 

$ smbmap -u jsmith -p password1 -d workgroup -H 192.168.0.1

$ smbmap -u jsmith -p ‘aad3b435b51404eeaad3b435b51404ee:da76f2c4c96028b7a6111aef4a50a94d’ -H 172.16.0.20

$ smbmap -u ‘apadmin’ -p ‘asdf1234!’ -d ACME -h 10.1.3.30 -x ‘net group “Domain Admins” /domain’

 

We hope that small tweaks like these will help reduce confusion to both veterans and newcomers and it’s something we will continue working towards as time goes on.

If you already have Kali installed and running to your liking, all you need to do in order to get up-to-date is run the following:

apt update

apt dist-upgrade

reboot

 

Download Kali Linux 2017.2

 

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress