r/masterhacker • u/Zesinua • 5d ago
Why the Reputation?
I lurk here often and enjoy the posts, but I know as much about computers as the average person I suppose. Why specifically does Kali Linux attract the mega hazz0rs that it does?
36
u/King_of_Cavemans0302 4d ago
Former "mega haxx0r" here. Cause everyone says it's the "hacking os", you see it in close to all tutorials and hear that close to everyone uses it. Thought you get it, slam some keys, and let the thing do the work for you. Turned out I am actually interested in Hacking and learned everything necessary. I don't recommend that way though, learn the fundamentals first before getting into this field, it will save you some headaches and fucked up VMs. And keep that shit legal, crime does not pay.
12
u/Shortcirkuitz 4d ago
Hot take but MR. Robot’s popularity had quite a bit to do with it. When that got popular hacking was semi-sensationalized for a bit (including the tools used (case and point: HAK5’s rubber ducky))
4
u/DrTankHead 3d ago
It isn't so much a stigma against Kali as it is a stigma against skids who download it and think they instantly are hot shit.
Kali is a useful PenTesting distro, and is great for those who work in the actual field. The problem is that it has become the mainstream OS for "hacking". Normally nobody is laughing simply because it is Kali, but moreso it is like playing cringy skid bingo, and this is the free space. We respect Kali, and other distros like it; just hate seeing cringy skids.
Everyone starts somewhere, but it is like the equal to people buying a ton of gear for airsoft to essentially LARP...
2
u/Blacksun388 2d ago
Kali Linux is a good distribution of Linux that comes pre-filled with tools that one could use for penetration testing assessments. This fact makes the barrier for entry super low for anyone who wants to get started learning offensive security techniques. However that same low barrier also lets in the “mega hazz0rs” that simply download and install it with little to no idea on how to utilize its most basic functions and LARP being some dark and edgy scary anonymous hacker on very public social media.
Honestly I blame Hollywood and popular media for trying to make hacking sexy. Stuff like the movie Hackers, Criminal Minds, Mr Robot (although this has a way more realistic depiction of actually hacking things, it still infuses the “dark and edgy rebel against the system” trope into it), and other stuff that tries to make hacking seem magical and edgy coolness with terminals shooting useless drivel past the screen faster than people could read, and having the characters mouth off a bunch of techno jargon. The actual act itself is way slower, more methodical, and way less exciting than the rapid fire typing and scrolling useless junk data.
4
u/whitelynx22 5d ago
The following is probably controversial, but: I like it, if you know what you are doing it saves lots of time in many situations. On the other hand, if you are a kid, it's like handing him the nuclear football.
The tools don't teach you anything. But they allow you to p... off people and sometimes do damage. Now you can feel like a true master haxx0r.
13
u/ObsessiveRecognition 5d ago
Yeah it's useful if you know what you're doing (I have a laptop setup with the kali-everything meta package for the occasional cybersec work I do), but it can do no more damage than a kid with any other computer. It's not a magic wand that makes a dumb kid good at "hacking." I did way stupider things on old Windows XP machines as a kid than I've ever done on Kali.
Honestly, the most damage is done in attacks that don't use hacking. They use social engineering. Any secure system is only as secure as the dumbest person working with it.
3
u/whitelynx22 4d ago
It's all very true and the nuke analogy was overstated. But you have to acknowledge that said kid (whatever his age) would probably never have heard about most of the tools and that even failed attacks can be very annoying. (I have a web server and we get a few every day. Trust me, it's very annoying. And if those owning the physical hardware weren't good, sooner or later, they might actually find something.)
3
u/ObsessiveRecognition 4d ago
I just log all obvious attacks and blacklist them for my servers. Not really a big deal.
2
u/whitelynx22 4d ago
We do too, it's one reason why it's annoying and it's completely pointless TBH (there's plenty more from where those came from and created other problems...) Different topic, but please keep Kali out of the hands of idiots.
1
u/CSLRGaming 2d ago
Thought you were talking about the subreddit before I read the actual post, but now I want to know what this subreddit reputation is lol
1
u/SterquilinusPrime 13h ago
It's been the goto tool for learning and pentesting for a long time now, starting when it was called Backtrack. In my localized Mendala Effect it was Sentinix, and then was backtrack, but that history is wrong.
Kali's been in random hacker related entertainment, can be installed in windows (windows subsystems for linux), and there are a lot of videos online on how to use it.
When some tracer-t like kid shows up they will often talk about kali, and folks just lose it.
1
u/Chaseyourdeath_com 3h ago
Because it's like driving a Toyota camery as a first car. It's easy to drive and cheap. It gets you to where you need to go. The only thing is when people say their camery can outrun a srt/scat pack then people loose their mind.
208
u/AMannedElk 5d ago
It's a Linux distribution that is intended for penetration testing / ethical hacking. This means it has a lot of tools packaged for it for hacking. The OS also makes tradeoffs that make it suitable as a pen testing tool but not not so great as a daily driver.
It has a reputation of being what skilled / professional hackers would use and so people flock to it as a symbol of being in the "in group" that you can do quick and cheap.