IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Kali Linux releases first-ever defensive distro with score of new tools

Kali Purple marks the next step for the red-teaming platform on the project's tenth anniversary

The team behind the Kali Linux project has released a brand-new version called Kali Purple, designed specifically for defensive security practitioners - a first for the project.

Kali Purple was released as a technical preview this week and marks the first time the platform has catered to defenders, previously being used as a tool for red teamers and penetration testers.

Related Resource

Datto SMB cyber security for MSPs report

A world of opportunity for MSPs

Pink whitepaper cover with title and image of a padlock over a shield within a circleFree Download

As of now, Kali Purple is a proof of concept distro for security testing, described by Kali as a “reference architecture for the ultimate SOC In-A-Box”.

It will allow teams to engage in internal wargames, learn how to protect small-to-medium-sized IT environments, and practice threat hunting, among other activities.

The name references the addition of blue and purple team capabilities to Kali Linux’s existing suite of red team testing tools, expanding the distro from its offensive testing pedigree to encompass the entire security testing spectrum.

More than 100 defensive tools are included within Kali Purple. These include CyberChef, which can encrypt or decrypt data as well as compression and data analysis, Elastic’s security information and event management (SIEM), and the open source network intrusion detection system Zeek.

Kali Autopilot, a script builder for automated attacks is also included in Kali Purple. Through a community hub developers will be able to share scripts for blue teams to go up against, as well as practice packet captures to train in network analysis.

The developers outlined their goal of making Kali the best Linux distro for security tests, and expanding enterprise-grade security to all.

“Remember what we did a decade ago with Kali Linux? Or with BackTrack before that? We made offensive security accessible to everyone,” Kali wrote in its blog post.

“No expensive licenses required, no need for commercial grade infrastructure, no writing code or compiling tools to make it all work… just download Kali Linux and do your thing. We are excited to start a new journey with the mission to do exactly the same for defensive security: Just download Kali Purple and do your thing.”

Kali Purple has been structured around the National Institute of Standards and Technology’s (NIST’s) five functions as outlined in the Cybersecurity Framework: “identify, protect, detect, respond, and recover”.

In addition to the announcement of Kali Purple, the firm highlighted eight new tools included in Kali Linux 2023.1.

These include the aforementioned Cyberchef, as well as packet capture system Arkime, DevSecOps and vulnerability management tool DefectDojo, network scanner Dscan, Kubernetes package manager Kubernetes-Helm, password analysis and cracking kit 2 (PACK2), pen test data management tool RedEye, and cryptographic algorithm interface Unicrypto.

The update also brings a visual refresh to the distro, with new wallpapers and Kali Purple themes, as well as a new tiling and widget system with the introduction of the graphical workspace environment KDE Plasma 5.27.

Kali Purple is available as a pre-launch technical preview now, with a dedicated Discord server and wiki. Further details on its full launch are expected in the future.

Featured Resources

Defending against malware attacks starts here

The ultimate guide to building your malware defence strategy

Free Download

Datto SMB cyber security for MSPs report

A world of opportunity for MSPs

Free Download

The essential guide to preventing ransomware attacks

Vital tips and guidelines to protect your business using ZTNA and SSE

Free Download

Medium businesses: Fuelling the UK’s economic engine

A Connected Thinking report

Free Download

Recommended

Analysing the economic benefits of Trend Micro Vision One
Whitepaper

Analysing the economic benefits of Trend Micro Vision One

16 Mar 2023
Mint vs Ubuntu: Which one is better?
operating systems

Mint vs Ubuntu: Which one is better?

10 Mar 2023
Linux edges closer to full Apple silicon support with version 6.2
operating systems

Linux edges closer to full Apple silicon support with version 6.2

21 Feb 2023
Linux fixes maximum-severity kernel vulnerability
vulnerability

Linux fixes maximum-severity kernel vulnerability

23 Dec 2022

Most Popular

Getting the best value from your remote support software
Advertisement Feature

Getting the best value from your remote support software

13 Mar 2023
Microsoft set to block emails from unsupported Exchange servers
Security

Microsoft set to block emails from unsupported Exchange servers

28 Mar 2023
What the UK can learn from the rest of the world when it comes to the shift to IP
Sponsored

What the UK can learn from the rest of the world when it comes to the shift to IP

20 Mar 2023