Cyber Tool Stack
All tools

Kali Linux

By OffSec

A free Debian-based distribution maintained by OffSec and preloaded with reconnaissance, exploitation, and forensics tools. Kali's own infrastructure is GPL-licensed and many bundled tools are open source, but the distribution also includes software under other terms, so it does not have one project-wide open-source license.

Verified Source: 1

Product type
Distribution
Deployment
On-prem
Organization size
IndividualSMBMid-marketEnterprise
Pricing tier
Free

Capability checklist

ASM/BAS

How Kali Linux measures up against the full Attack Surface Management & Breach/Attack Simulation taxonomy.

External attack surface discovery — supported
Continuously finds internet-facing assets, domains, and shadow IT before attackers do.
Exposure prioritization — not supported
Ranks discovered exposures using adversary and exploitability context.
Breach and attack simulation — not supported
Safely simulates real attack techniques against live defenses to test control effectiveness.
Security control validation — supported
Measures whether existing tools actually detect or block the simulated attacks.
Attack path mapping — not supported
Shows the chained steps an attacker could take from an exposure to real impact.
Continuous testing — not supported
Re-runs simulations on a schedule to catch drift and regressions over time.

Alternatives

Other Attack Surface Management & Breach/Attack Simulation tools with overlapping capabilities, sized for similar teams.

Appears in stacks

Real-world stacks that include Kali Linux.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.