The penetration testing and security auditing platform called Kali Linux is now available in the Windows 10 Store as a Linux environment that can be used with the Windows Subsystem for Linux (WSL). The problem is someone forgot one little thing. Some of Kali's more popular packages are detected as hacktools and exploits by Windows Defender.

Kali Linux in Windows 10 Store

For those not familiar with Kali Linux, it is a Linux distribution geared towards penetration testing, forensics, reversing, and security auditing. Using Kali you can download a variety of security related programs such as Metasploit, Armitage, Burp, and more and use them to test your network for security holes.

In order to use Kali, you will first need to install the Windows Subsystem for Linux from the Windows Features control panel.  Once installed, you can go to the Windows Store, search for Kali Linux, and install it for free.

Once you get Kali running and start installing tools, though, you run into a problem. Kali will appear to hang and ultimately error out, while Windows Defender begins to display virus alerts.

It appears that the developers in Microsoft's WSL team forgot to tell the Windows Defender team about Kali Linux's availability. This is because some of Kali's packages will be detected as hacktools, viruses, and exploits when you try to install them!

Windows Defender Quarantined These Kali Packages
Windows Defender Quarantined These Kali Packages

If you take a look at one of the detected threats details, you can clearly see that some of the Metasploit components are being detected by Windows Defender when we try to install it in Kali.

Windows Defender Detecting MetaSploit
Windows Defender Detecting MetaSploit

While it makes sense that Windows Defender will detect these programs as HackTools, because they are, it also makes it difficult to use Kali Linux in the Windows Subsystem for Linux.

For now, if you want to install Kali and its packages, you will need to disable the real-time protection of Windows Defender, which is not always a smart thing. Then you can start getting to the fun stuff by installing various packages in Kali Linux.

Metasploit in Kali Linux WSL
Metasploit in Kali Linux WSL

If you are interested in using Kali Linux, Offensive Security has posted a demonstration video of its use within Windows 10.

Have fun using Kali Linux to learn security within Windows 10!