qubes-doc/managing-os/pentesting/kali.md

---
layout: doc
title: How to create a Kali Linux VM
permalink: /doc/pentesting/kali/
redirect_from:
- /doc/kali/
---

**General Remainder:**

- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

- Adding additional repositories or tools for installing software extends your trust to those tool provider.

Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.

How to Create a Kali Linux VM
=============================

This guide is being created to give guidance on ways in which you could create a [Kali Linux](https://www.kali.org/) penetration testing VM (Qube) in Qubes OS.

Kali Linux is the most widely used penetration testing Linux distribution.

There are multiple ways to create a Kali Linux VM. One way is to create a HVM and use the offical ISO to install the system or convert a [Virtual Image](https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/). Another way is to clone the Qubes OS Debian image and turn it into a Kali Linux distribution.

Kali Linux HVM
--------------

1. Download the Kali installation DVD

2. Create a new HVM

3. Start the HVM with attached CD/DVD

        qvm-start <hvm-name> --cdrom <vm-name>:/home/user/Downloads/<iso-name>.iso

Create Debian Based Kali Template
---------------------------------

1. *(Optional)* Install `debian-8` template (if not already installed)

2. Update your `debian-8` template

        sudo apt-get update
        sudo apt-get dist-upgrade

3. Clone `debian-8` template (two options)

    1. Via Qubes VM Manager

        ![Clone Debian Template](/attachment/wiki/Kali/clone-kali.png)

    2. Via command line

            qvm-clone debian-8 kali

4. Start and upgrade the `kali` Template from Debian 8 to Debian 9

        sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list
        sudo sed -i 's/jessie/stretch/g' /etc/apt/sources.list.d/qubes-r3.list
        sudo apt-get update
        sudo apt-get dist-upgrade
        sudo apt-get autoremove

    **Note:** From now on there are two possible ways either doing everything manually or automatically with [Katoolin](https://github.com/LionSec/katoolin).

    Katoolin is a script (written in Python) which helps you to install Kali tools.

5. *manually* - Add Kali Linux repositories

    1. Add Kali Linux repositories to `/etc/apt/sources.list`

            deb http://http.kali.org/kali kali-rolling main contrib non-free
            deb http://repo.kali.org/kali kali-bleeding-edge main

    2. Add kali signing key

        - The signing key can be found here [Download Kali Linux Images Securely](https://www.kali.org/downloads/)

                sudo apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6
                sudo apt-get update



6. *katoolin* - Install Katoolin and add Kali Linux repositories

    1. Install Katoolin

            sudo apt-get install git
            git clone https://github.com/LionSec/katoolin.git
            sudo cp katoolin/katoolin.py /usr/bin/katoolin
            sudo chmod +x /usr/bin/katoolin
            rm -rf katoolin

    2. Add Kali Linux repositories

        - start katoolin

                sudo katoolin

        - select 'Add Kali repositories & Update'

                1) Add Kali repositories & Update
                2) View Categories
                3) Install classicmenu indicator
                4) Install Kali menu
                5) Help

                kat > 1

            ![Add Kali repositories and Update menu](/attachment/wiki/Kali/katoolin-add-update-repo-menu.png)

        - select 'Add kali linux repositories'

                1) Add kali linux repositories
                2) Update
                3) Remove all kali linux repositories
                4) View the contents of sources.list file

                What do you want to do ?> 1

            ![Add Kali repositories](/attachment/wiki/Kali/katoolin-add-repos-menu.png)

        - update Kali repositories


                1) Add kali linux repositories
                2) Update
                3) Remove all kali linux repositories
                4) View the contents of sources.list file

                What do you want to do ?> 2

        - quit katoolin by pressing `CRTL` + `c` keys

                What do you want to do ?> ^CShutdown requested...Goodbye...

7. Cleanup and update `kali` template

    sudo apt-get dist-upgrade
    sudo apt-get autoremove

8. Shutdown and trim `kali` template

    - Shutdown `kali` template

            sudo shutdown -h now

    - In `dom0` console:

            qvm-trim-template kali

9. Start image

10. *manually* - Install tools

    **Warning:** `kali-linux` and `kali-linux-full` does currently not work properly. Please use `Katoolin` or `PTF`.

    1. List available packages

            sudo apt-cache search kali-linux

    2. Select and install tools

        - install base system

                sudo apt-get install kali-linux

        - or install all tools

                sudo apt-get install kali-linux-full

        - or select specific (example):

                sudo apt-get install kali-linux-top10 kali-linux-web
11. *katoolin* - Install tools

    1. View Categories

        - start katoolin

                sudo katoolin

        - select `2) View Categories`

    2. Select the categories/tools you want to install

        - For more information on how to use Katoolin see [How to Auto Install All Kali Linux Tools Using “Katoolin” on Debian/Ubuntu](http://www.tecmint.com/install-kali-linux-tools-using-katoolin-on-ubuntu-debian/)

        - **Note:** The `all` option does not work for `Information Gathering`, `Web Apps`, `Forensic Tools`, `Reverse Engineering` and `Extra`.

12. Create a AppVMs based on the `kali` template

    - (Optional) Attach necessary devices


Alternative Options to Kali
---------------------------

- [BlackArch](/doc/blackarch/)
- [PenTester Framework (PTF)](/doc/ptf/)
- [Pentesting](/doc/pentesting/)