Back

Kali Linux in Microsoft Azure (Video)

Kali Linux in Microsoft Azure VideoKali Linux is one of the most versatile and highly regarded pentesting platforms available The suite of ov...

5 min read
Published on Dec 10, 2018
Kali Linux in Microsoft Azure (Video)

Kali Linux in Microsoft Azure (Video)

Kali Linux is one of the most versatile and highly regarded pentesting platforms available. The suite of over 600 tools is built on Debian Linux, and can run from a thumb drive, a Raspberry PI, a VM, or just about any old machine you have lying around. You can also run Kali Linux in Microsoft Azure, and installing it in your subscription is a simple on-click affair from the Azure Marketplace. In this Tech Tack, Microsoft Technical Architect David Branscome walks us through setting up Kali Linux, introduces a few of the available tools, and explains the rules of engagement for pentesting in Azure and Office 365. Check out our blog on Pentesting Office 365 and Azure for more information on available tools to assure that your environment is secure.    

What is Kali Linux

  • Advanced Penetration testing platform
  • Based on Debian Linux
  • Contains over 600 pentesting tools
  • Built by Offensive Security and frequently updated
  • You can download Kali Linux and install the ISO on your own machine, or you can provision it in Azure.

How do I provision Kali Linux in Microsoft Azure

  • Kali Linux is available in the Azure Marketplace and is free (as in beer)
  • From the marketplace, click the Get It Now button.
  • When you request the Kali Linux Machine, you will be prompted to ask which account to use when acquiring apps on the Azure Marketplace.
  • Once you select the account, it will provision Kali Linux in your Azure Subscription.
  • Kali Linux does not come with a default GUI, you will need to SSH into your box.

Connecting to Kali Linux in Azure using SSH

  • Download and install PuTTY (or similar)
  • Get your Kali Linux IP address from the Azure Portal
  • Connect using the reference IP address. SSH port and credentials.

Configuring Kali Linux in Azure

Once you provision your instance of Kali Linux in Azure you will need to configure it.

  • By default, the KALIADMIN account created during provisioning does not have root access to update and configure the instance.
  • Set root password using “sudo passwd root” command
  • Login as root to configure using “su root” command
  • Perform updates (as root) using “apt update && apt dist-upgrade” command
  • Once updates are complete, you will want to set up a remote desktop using the following commands:
    • apt-get install xrdp
    • systemctl enable xrdp
    • echo xfce4-session >~/.xsession
    • service xrdp restart
  • You will need to enable the RDP port in Azure to your Kali Box. Under networking on your Kali Box in Azure, enable an inbound port rule for TCP 3389. It is strongly suggested to harden your source and destination rules.

Getting a GUI interface in Kali Linux on Azure

Installing a GUI is easy. Simply run the command (as root) “apt-get install -f gdm3” to install the Gnome Desktop Manager. (There are many choices for Linux desktop interfaces available)

Kali Linux in Microsoft Azure Demo

To connect to your Kali Linux box in Azure, download the RDP file from your Azure Portal to your local machine.

Once logged in, you can find most of the available tools in the application menu broken into the following categories:

  • Information Gathering
  • Vulnerability Analysis
  • Database Assessment
  • Password Attacks
  • Wireless Attacks
  • Reverse Engineering
  • Exploitation Tools
  • Sniffing and SPoofing
  • Post Exploitation
  • Forensics
  • Reporting Tools
  • Social Engineering Tools

Performing a Credential Harvesting Attack Test in Kali Linux

For the demo, David sets up a spoofed website for a credential harvesting attack using the social engineering toolkit from TrustedSec. This tool will clone a live website on your local box to be used for credential harvesting via a phishing or wateringhole attack.

Steps:

  1. Select Social Engineering Toolkit from the application menu
  2. Select - Social Engineering Attacks
  3. Select - Website Attack Vectors
  4. Select - Credential Harvesting Attack
  5. Select - Site Cloning Tool
  6. Select the local IP address. (Your Kali Linux IP Address)
  7. Select a webpage to clone (David used Facebook.com/login.php for demo purposes)
  8. Leave the application running
  9. Use the local IP address in a browser to test the spoofed site. The site will not let you login, but once the credentials are submitted, the end user will be redirected to the actual Facebook page.
  10. When your are finished running the attack, hit Ctrl-C to end the program and generate your report.
  11. The location of the report will be returned from the terminal.

The report contains much more than just username and password.  It will also show mouse movements and a limited set of system information. Towards the bottom, are a number of “PARAM:” listings. Username and password will be found under PARAM, and the field name used on the replicated site. For facebook it is “PARAM: email” and “PARAM: pass”.

What kind of pen tests are permitted by Microsoft?

As of June 15, 2017 microsoft no longer requires pre-approval to conduct penetration tests against Azure resources. If you with to formally document your pentesting engagements, you can fill out the https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement. Standard tests that can be performed include:

  • Endpoint tests to uncover Open Web Application Security project (AWASP) top 10 vulnerabilities
  • Fuzz testing of your endpoints
  • Port scanning of your endpoints

DOS / DDOS attack testing on Azure is NEVER permitted, as this can cause service issues for other Azure customers.  

About Agile IT Tech Talks

Agile IT Tech Talks are weekly sessions where we bring in subject matter experts for short, highly focused educational segments, followed by up to an hour of open Q&A where Agile IT clients can discuss their own environments with our engineers and a group of peers. While we release the demos and sessions on our blog, the Q&A benefit is only available to Agile IT Managed Service and Cloud Service Customers. Agile IT is a four time cloud partner of the year and offers fully managed security as a service. To find out more, Request a Quote:

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Azure Backup Needs Assessment | Plan Your Cloud Data Protection

Assessing Your Organization's Backup Needs for Azure Workloads

Learn how to assess your backup needs for Azure workloads, from compliance and recovery objectives to choosing the right tools for data protection and resilience.

Sep 26, 2025
6 min read
CUI Compliance and the Role of MSPs

Overview of CUI Compliance and the Role of MSPs

Explore the essentials of CUI compliance and how MSPs support DFARS, NIST 800-171, and ITAR requirements through secure IT services and expert guidance.

Sep 26, 2025
7 min read
Evaluating Data Retention Policies for Microsoft 365 and Azure

Evaluating Data Retention Policies for Microsoft 365 and Azure

Learn how to evaluate and manage data retention policies in Microsoft 365 and Azure to meet compliance, security, and operational needs.

Sep 26, 2025
6 min read
How MSPs Help Meet CUI Compliance Requirements

How MSPs Help Organizations Meet CUI Compliance Requirements

Learn how MSPs help organizations meet CUI compliance by offering expertise, secure environments, and ongoing support for DFARS and NIST 800-171 standards.

Sep 26, 2025
7 min read
MSP vs. In-House Support for CUI Data Management

MSP vs. In-House Support for CUI Data Management

Compare MSP vs. in-house support for CUI data management. Explore cost, expertise, compliance readiness, and which approach best protects sensitive government data.

Sep 18, 2025
8 min read
How to Plan an Effective Backup Strategy for Microsoft 365

How to Plan an Effective Backup Strategy for Microsoft 365

Learn how to plan and implement a backup strategy for Microsoft 365 that protects critical data in Exchange, SharePoint, Teams, and OneDrive against loss, ransomware, and compliance risks.

Sep 17, 2025
6 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don’t want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122