新版Kali安装与介绍—2023.3可选Kali Purple，新增蓝队专用工具

1.Kali Purple是新时代的曙光，kali不仅是进攻，而且开始防守

什么是Kali Purple？Kali Purple最初是一个概念验证，演变成一个框架，然后是一个平台（就像今天的Kali一样）。目标是使每个人都可以使用企业级安全性。

Learning  #学习
Practicing SOC analysis and threat hunting  #实践 SOC 分析和威胁狩猎
Security control design and testing #安全控制设计和测试
Blue / Red / Purple teaming exercises #蓝色/红色/紫色团队练习
Kali spy vs. spy competitions ( bare knuckle Blue vs. Red ) #对抗比赛
Protection of small to medium size environments #保护中小型环境

超过100种防御工具，包括防御工具文档，例如：

Arkime - Full packet capture and analysis 全包捕获和分析
CyberChef - The cyber swiss army knife  网络瑞士军刀
Elastic Security - Security Information and Event Management  安全信息和事件管理
GVM - Vulnerability scanner  漏洞扫描程序
TheHive - Incident response platform  事件响应平台
Malcolm - Network traffic analysis tool suite  网络流量分析工具套件
Suricata - Intrusion Detection System  入侵检测系统
Zeek - (another) Intrusion Detection System (both have their use-cases!) 入侵检测系统
…and of course all the usual Kali tools 还有所有常用的 Kali 工具

┌──(kali㉿kali)-[~]
└─$ echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list
[...]

┌──(kali㉿kali)-[~]
└─$ sudo apt update && sudo apt -y full-upgrade
[...]

┌──(kali㉿kali)-[~]
└─$ cp -vrbi /etc/skel/. ~/
[...]

┌──(kali㉿kali)-[~]
└─$ [ -f /var/run/reboot-required ] && sudo reboot -f

┌──(kali㉿kali)-[~]
└─$ grep VERSION /etc/os-release
VERSION="2023.1"
VERSION_ID="2023.1"
VERSION_CODENAME="kali-rolling"

┌──(kali㉿kali)-[~]
└─$ uname -v
#1 SMP PREEMPT_DYNAMIC Debian 6.1.12-1kali2 (2023-02-23)

┌──(kali㉿kali)-[~]
└─$ uname -r
6.1.0-kali5-amd64