Kali Linux is a penetration testing operating system packed with tons of tools and Software. Therefore, it is important to verify the Kali Linux after downloading it. In this guide, we will walk you through how to Download and Verify the Kali Linux ISO image files.
Before you start installing Kali Linux on your computer, you should always verify that you’re going to use is exactly Kali Linux or something else. Hackers can do anything with your download, therefore you should Verify Kali Linux ISO with the SHA256sum key. An attacker can use a “man-in-the-middle” attack to modify your download. Therefore, you must browse the website having a trusted SSL certificate.
How to Download Kali Linux
- First, go to the following link – https://www.kali.org/get-kali/
- Choose your platform such as ARM, Bare Matel, etc.
- Select the Architecture (32-bit, 64-bit, ARM).
- Click the Download button to download the Kali Linux Installer.
- Click the SUM and copy the SHA256sum.
Once you complete the steps, jump to the next step.
How to Verify Kali Linux ISO with SHA256sum
Once you’ve downloaded the Kali Linux image, you can verify this with the SHA256sum hash you copied in the previous step. It can be verified using one of the methods below.
I always recommend you should download the Kali Linux image via Torrent. Once you’ve downloaded the Image from Torrent, you will get a Hash File as well. To verify an image with the given hash file follow the below steps.
Verify using Windows PowerShell
- First of all, open the folder where you downloaded the Kali Linux ISO.
- Hold the shift key and right-click on the blank area, then select PowerShell from the context menu.
- Run the following command to check if Certutil is Installed on your PC.
- Next, run the following command to verify the hash. Replace the “Kali-Linux” with the Kali Linux ISO Image file path you downloaded.
certutil -hashfile kali-linux.iso sha256
- In order to verify MD5 and SHA1 hash, you can type MD5 or SHA1 at the last of the command like this. certutil -hashfile kali-linux.iso MD5
- This will calculate the SHA256 Hash key and show you the result. Now compare this key with the SHA256sum key text file(Can open with Notepad) you downloaded along with Kali Image.
- Once you’ve verified keys, Congratulations!
Verify using Gpg4win
- First of all, download the Gpg4Win Here, and Install it on your PC.
- Once the Installation is finished, open the folder where you downloaded the Kali Linux.
- Right-click the Kali Linux.iso and select More GpgEX options > Create Checksums.
- This will generate the Sha256sum.txt file, you can open this file to get a key.
- Now you can match this key with downloaded key.
Once you have verified the Kali Linux Image file, you can install it on your PC. If you want to use Kali Linux along with Windows 10, follow this guide: How to Install and Dual Boot Kali Linux with Windows 10
I hope this guide is helpful for you. If you have any questions; feel free to ask in the comment section below.