If you talk to as many hackers as I do, ethical hackers that is, you quickly get used to one thing: the popularity of one particular operating system. You would probably guess that it’s going to be a flavor of Linux, and you would be right. The flavor that hits the hacker taste buds is, more often than not, Kali Linux. It’s more of a hacking tool than just an OS, as it comes with hundreds of preinstalled penetration testing applications, the Metasploit Framework (used for creating and executing security exploits) supports it as a platform and, oh yes, it can now pretend to be Windows 10.
This might, at first, come as something of a surprise considering that hackers tend not to think of Windows as being that secure an operating system. So why does Kali Linux 2019.4 now come with a feature that can toggle it quickly into a Windows 10 clone?
What is Kali Undercover?
The feature itself is officially known as Kali Undercover, a theme that can be applied to make the Kali user interface appear to be plain vanilla Windows 10 instead if you don’t look too closely. This theme is part of the fourth, and final, Kali Linux release of 2019 that went public November 26. This update was a big one and has received a mixed reception from the hacking Twitterati who either love the new “Xfce” desktop environment which moves away from the previous Gnome default which is described as coming with “overhead that is not useful for a distribution like Kali,” in the release blog. The new Xfce desktop “does only what it’s needed for, and nothing else,” and is best described as a lightweight yet performance-boosting environment. Offensive Security, the penetration testing and security training company that maintains and funds Kali Linux development, knows the new user interface (UI) won’t be for everyone. “UI can be a bit like religion,” Offensive Security said, “if you don’t want to leave Gnome don’t worry.” That’s because there’s still a Gnome build available, although over time it is expected to morph into something closer to the Xfce user experience regardless.
If Kali Linux is a religion, then Windows 10 is most likely the anti-Christ; so why would any hacker want to run in this mode? There’s a clue leading to the answer in the fact that this is an undercover theme. Ethical hackers that are doing their penetration testing work in a public place will likely not want anyone knowing what they are doing, and the distinctive “Kali Dragon” default theme rather gives the game away to anyone involved with information security. “We made a little script that will change your Kali theme to look like a default Windows installation,” Offensive Security said, “that way, you can work a bit more incognito.” Blending in with the masses when in public is an excellent asset for the successful pen tester, and running what appears to be Windows 10 is as good a cloak of invisibility as anything. Once back out of public scrutiny, running the Undercover script again toggles right back into the more familiar Kali theme. True heretics, if we are to keep the religious analogy going, have been able to install and run Kali Linux natively from Windows 10 using the Kali for Windows app since February 2018.