Book Review: "Kali Linux Revealed"
"Kali Linux Revealed: Mastering the Penetration Testing Distribution", by Raphael Hertzog, Jim O'Gorman (elwood), and Mati Aharoni (muts), with a forward by Johnny Long, was probably the most underwhelming infosec book I've read all year. I was expecting to learn about hacking and information security and instead got a book on mostly the Debian OS. Don't get me wrong, it's a decent book about Debian Linux fundamentals and provides pretty core information for any Linux user. 'Kali Linux Revealed' (KLR) is not really about information security or the curated collection of tools that makes the Kali distribution so renowned, as much as it is about the underlying operating system that Kali is now built on, Debian (as opposed to the previous BackTrack releases built on Knoppix). While the authors are up front about this in the introduction, I purchased the book based on the cover, so I hope this review makes it clear what the book entails for any other potential buyers out there. I purchased the book via Amazon at $26 for ~300 pages; Ultimately, I thought this was overpriced as the book presented some pretty standard material and could have been slimmed down considerably. I give the book 4/10 stars, as I felt it was less about hacking and information security and more about fundamental Debian Linux concepts. I recommend the book to novice hackers, such as those who are looking to get a deeper understanding of the Linux operating system, and specifically script kiddies who want to learn more about how Linux package management works, as opposed to individuals with strong foundations who are looking to learn more about information security. In my opinion, only a few chapters actually delved into advanced Kali specifics, namely Chapter 1, Chapter 7, and Chapter 9, mostly everything else was Debian focused with just a mention of Kali to stay relevant, as you can see from the chapter listing below:
Chapter 1: About Kali Linux
1.1 A Bit of History
1.2 Relationship with Debian
1.3 Purpose and Use Cases
1.4 Main Kali Linux Features
1.5 Kali Linux Policies
1.6 Getting Started
Chapter 2: Getting Started with Kali Linux
2.1 Downloading a Kali ISO Image
2.2 Booting a Kali ISO Image in Live Mode
2.3 Summary
Chapter 3: Linux Fundamentals
3.1 What Is Linux and What Is It Doing?
3.2 The Command Line
3.3 The File System
3.4 Useful Commands
3.5 Summary
Chapter 4: Installing Kali Linux
4.1 Minimal Installation Requirements
4.2 Step by Step Installation on a Hard Drive
4.3 Unattended Installations
4.4 ARM Installations
4.5 Troubleshooting Installations
4.6 Summary
Chapter 5: Configuring Kali Linux
5.1 Configuring the Network
5.2 Managing Unix Users and Unix Groups
5.3 Configuring Services
5.4 Managing Services
5.5 Summary
Chapter 6: Helping Yourself and Getting Help
6.1 Documentation Sources
6.2 Kali Linux Communities
6.3 Filing a Good Bug Report
6.4 Summary
Chapter 7: Securing and Monitoring Kali Linux
7.1 Defining a Security Policy
7.2 Possible Security Measures
7.3 Securing Network Services
7.4 Firewall or Packet Filtering
7.5 Monitoring and Logging
7.6 Summary
Chapter 8: Debian Package Management
8.1 Introducing APT
8.2 Basic Package Interaction
8.3 Advanced APT Configuration and Usage
8.4 Package Reference: Digging Deeper into the Debian Package System
8.5 Summary
Chapter 9: Advanced Usage
9.1 Modifying Kali Packages
9.2 Recompiling the Linux Kernel
9.3 Building Custom Kali Live ISO Images
9.4 Adding Persistence to the Live ISO with a USB Key
9.5 Summary
Chapter 10: Kali Linux in the Enterprise
10.1 Installing Kali Linux Over the Network (PXE Boot)
10.2 Leveraging Configuration Management
10.3 Extending and Customizing Kali Linux
10.4 Summary
Chapter 11: Introduction to Security Assessments
11.1 Kali Linux in an Assessment
11.2 Types of Assessments
11.3 Formalization of the Assessment
11.4 Types of Attacks
11.5 Summary
Chapter 12: Conclusion: The Road Ahead
12.1 Keeping Up with Changes
12.2 Showing Off Your Newly Gained Knowledge
12.3 Going Further
Overall, it was a decent book and reminded me of my college computer science days, learning about Linux operating system fundamentals. My biggest complaint with the book is that it spends the majority of it's time covering the Debian Linux OS features, as opposed to the stock security tools that make the Kali OS so uniquely different from other distros. My favorite part of the book was honestly the Intro by Johnny and some of the first chapter where you get the evolution of the tool set and specifically the transformation of BackTrack into Kali. I also enjoyed both the Securing and Monitoring Kali Linux and Advanced Usage chapters (7 and 9), probably being my overall favorite chapters of the book. I also really liked the part on managing and setting the state of a suite of Kali machines using Salt, in Chapter 10. And I did learn a ton about Debian and package management in general, although that's not what I was expecting when I picked this book up, hence the bluntly honest review to make it clear what this book contains and what it doesn't contain. Another reason I felt there was a lot of filler material / the book did not present new material, is that a good amount of the material has already been covered online and for free, such as the installation guides, the ARM builds, setting up persistent USBs, and even the VM prep stuff. The fact that all of that free material was repeated and the excessive number of screenshots made it feel like filler content at times. The Kali site itself includes all of these free docs and a free ebook that has many of the Kali specific parts listed and contains a heavy overlap of content with this book. Finally, I really didn't like the final chapter, which tried to summarize many core security and information assurance principles into a few super simple intros. I also do not agree that this book sets you up to take either the Pentesting w/ Kali Linux courses or the OSCP certification, as the authors suggest at the end of the final chapter, where they also mention their free course Metasploit Unleashed. This book is good for someone who is still learning about the operating systems and underlying technologies, a more junior person, whereas I would recommend the OSCP certification to someone who has more intermediate hacking experience and is looking to challenge themselves. Offensive Security launched a new cert along w/ the book, the KLCP (a Kali Linux Certified Professional) and an accompanying BlackHat training, but I'm not sure who the target audience is for $5k introductory course to Debian Linux? As far as I could tell, there is nothing presented in this book that is particularly new, unique, or that couldn't be found on The Internet for free.
comment:
This books covers how to install Kali Linux and how to deploy it in an enterprise environment. I bought it to learn more about the features of the distro itself and I am happy to have gained a good insight from that perspective.
I see however that some users were expecting more from this book i.e penetration testing tools. They are not covered in this book. Consider it an official insightful manual of the distribution and not the tools.
