What’s New In Kali Linux 2017.3 | Added Features and Changes

The Kali Linux 2017.3 was released on 21, November 2017, and like every other update it comes with some new tools and improvements. We’ll uncover all those new tools and features, and also what changes developers have made after the 2017.2 version, which was released in September.

For those who don’t know, Kali Linux is a Debian based Linux distribution developed for penetration testing and digital forensics. It has more than 600 inbuilt penetration testing programs (like Nmap, Burp suite, Wireshark), and is a supported platform of Metasploit Framework, a tool for creating and testing security exploits.

We’ve wrapped all the new features and changes in the list format. So, let’s get started.

8. Maltego Metamorphosis

Maltego and CaseFile used are for open-source intelligence and forensics. These tools were two separate entities of Kali Linux until the 2017.2 version. Later, they were merged into one amalgamated application that still lets you run Casefile and Maltego Community Edition.

In the latest version, users can run Maltego XL and Maltego Classic with valid license. Both are premium version to visualize huge data sets and allow over 10,000 entities in a single graph.

7. OSRFramework

The new version features incredible open-source tool as repository of OSRFramework. It’s a set of scripts that can enumerate domains, users, and more than 200 separate services.

Specifically, it includes references to several applications related to DNS lookup, deep web search, regular expression extraction, information leaks, and much more. You can make queries graphically or interact with OSRFConsole or a Web Interface.

6. Sublist3r

Sublist3r is a based tool that allows you to enumerate subdomains across several sources at once, using open-source intelligence. It is especially designed for bug hunters and penetration testers to collect subdomains for the domain they are targeting.

The tool uses Google, Baidu, Bing, Yahoo, Ask, Virustotal, ReverseDNS, DNSdumpster and Netcraft for enumerating subdomains.

5. Upgraded Extension Directories

EXT4 directories consist of 2 billion entries rather than the previous 10 million limit. The INCOMPAT_LARGEDIR allows large-size directories to be created in ldiskfs, with a directory sizes more than 2GB and maximum Htree depth of 3 instead of current limit of 2. It is useful if you’re looking to exceed the current limit of nearly 10 million entries in a single directory.

4. CherryTree

Kali Linux 2017.3 features CherryTree that takes care of note-taking needs. If you have used any popular note application, it will be very easy for you to use CherryTree. Like others, it features syntax highlighting, rich text, storing data in a sqlite file for single xml.

3. InSpy

Kali Linux now comes with InSpy, a small Python-based utility that performs enumeration on LinkedIn and can find people based on email, company, or job title.

It has 2 functionalities – TechSpy and EmpSpy. TechSpy crawls job listing in LinkedIn for technologies used by the target organization, whereas InSpy crawls for employees working at the provided organization.

2. TLS support is built into Kernel

ULP infrastructure is used in software implementation of transport layer security. TCP proto_ops are replaced with tls equivalent of sendpage and sendmsg. Only symmetric crypto is performed in the kernel – setscokopt  passes keys after the completion of handshake. All control messages are supported through CMSG data. The actual symmetric encryption is same, however you have to pass message type separately.

1. CIFS Now Uses SMB By Default

Because of some security vulnerabilities in older CIFS (Common Internet File System) dialect, developers have moved the default dialect to more secure SMB3.0. In fact, both CERT and Microsoft now recommends not using the older CIFS dialect.

On the other hand, SMB3 (Server Message Block) is secure as well as widely available – it is used on Samba, Macs, Windows 8 and later. However, you can still explicitly mount with the less secure dialect by selecting ‘vers=1.0’ in CIFS mount.

Read: What’s New In Linux Kernel 4.12 – 15 Biggest Feature and Changes

Other Minor Updates

In addition to the new kernel, they have updated Kali Linux packages for PixieWPS, Cuckoo, Burp Suite, Reaver, The Social Engineering Toolkit, and more.

  • Veil-Evasion has been replaced with Veil 3.0
  • Jsp File Browser 1.2 – JSP web shell is added
  • Added hURL – hexadecimal & URL encoder + decoder
  • DBeaver is updated to 4.2.1, and dnsrecon to 0.8.10
  • Added Crowbar, a bruce forcing tool for penetration tests

For detailed information, take a look at the Kali Changelog.

Download This New Version

Like previous versions, Kali Linux 2017.3 is available in 32-bit and 64-bit format in the form of ISO images, ARM images, VirtualBox virtual machines and cloud instances. You can download the torrent file or HTTP version right from their official download page.

Written by
Varun Kumar

I am a professional technology and business research analyst with more than a decade of experience in the field. My main areas of expertise include software technologies, business strategies, competitive analysis, and staying up-to-date with market trends.

I hold a Master's degree in computer science from GGSIPU University. If you'd like to learn more about my latest projects and insights, please don't hesitate to reach out to me via email at [email protected].

View all articles
Leave a reply