Kali & Whonix: Perfect shadow for bug hunters and pen-testers

We all might have conscious about privacy. When I say privacy, I mean internet privacy. And when you think about privacy, the first thing that comes to most of our mind would be Tor a.k.a The Onion Routing. With Tor, you are almost safe if you manage to set up Tor properly and use tor only via the Tor browser. But browsers can still leak your information via many doors such as DNS leak, WeRTC,etc.

But this not only the case. With just Tor,  even if the above leaks are fixed, we are limited to have privacy only for the Tor Browser. Rest of the applications, even if tor can be configured for them, remains a pain in the ***. I always wished for Tor being bundled as a standalone OS so that I don’t need to worry about time consuming yet failing tor configurations. Then there was Tails and related stuff.  But still, when you want to do some pen-test stuff and do bug hunting your favourite OS will mostly be Kali Linux. How would it feel if you can run you entire Kali OS via Tor?

Introducing Whonix



According to the developers, Whonix is a free and open-source desktop operating system (OS) that is specifically designed for advanced security and privacy. Based on Tor, Debian GNU/Linux and the principle of security by isolation, Whonix realistically addresses common attack vectors while maintaining usability.

How Whonix works?

By default, Whonix assumes that Whonix-Gateway and Whonix-Workstation are connected by (virtual) LAN cable. Wireless technologies are not recommended as a malware compromised Whonix-Workstation could access (other) wireless access points and subsequently connect without Tor. Using a (virtual) cable enforces that Workstation can only connect through Gateway.

In simple terms, Whonix-workstation is a standalone OS and Whonix-Gateway is a gateway (consider it as a modem). Both Workstation and Gateway has to be run using a Virtualbox or VMware. Here Virtualbox will run using the host OS’s internet connection. Whonix Gateway will torify the internet connection. This Gateway will have a unique IP and the workstation will be configured using this gateway IP address. So, when you think from the OS’s perspective, you get a completely anonymous internet service. As a result, we can run all the OS supported applications within this Tor sandbox.

Now, if you replace Whonix workstation with Kali Linux, you get a completely anonymous Kali Sandbox. That sounds cool rite? Let’s do it step by step.

How to setup Kali Linux with Whonix?

  1. Download Virtualbox
    Ubuntu users:
    $ sudo apt install virtualbox

    Windows users may download VirtualBox from the website and install.

  2. Downlaod the Whonix Gateway from their website. We don’t need the Workstation since we are using Kali instead. It will be a virtualBox compatible .ova file.
  3. Open VirtualBox and import the Gateway.
  4. Install the Gateway with default settings. After installation, it will automatically connect to Tor. Please comment below if it didn’t work for you. After that, power off the gateway.
  5. Download Kali Linux iso from their website. I prefer downloading the iso and not the ova.
  6. Import Kali iso to VirtualBox.
  7. Now before installing Kali Linux, change the network adaptor settings to follow Gateway. To do this, right click on the Kali Linux VirtualBox appliance and click Network. Change the field “attached to”  to internal. And make sure the name is Whonix.
  8. Now, install Kali Linux as normal.
  9. After installation is complete, power off the appliance.
  10. Now boot up Gateway again, followed by Kali Linux.
  11. Go to Kali Linux network settings and edit the settings of wired connection to follow the below configuration
    IP address:

    Here is the default Gateway IP of Whonix.

  12. That’s it. Hopefully you are connected to the Tor network now.

Video Tutorial

To make things easier, I have created a video tutorial as below. Do try the steps and let me know if you people face any issues in between.


Leave a Comment

Recent Posts

How to migrate from LastPass to Bitwarden

As a LastPass user, you might have noticed the changes introduced last day. The message… Read More

2 years ago

Amazon AWS network security checklist

This post presents with a few bunches of AWS network security checklist. It is basically… Read More

3 years ago

The long curated web security checklist based on OWASP

What is this web security checklist? Here is a curated web security checklist for developers… Read More

3 years ago

Penetration Testing for dummies – Part 3: Networking basics

In the last part of the blog series we have seen the history of internet… Read More

4 years ago

Penetration Testing for dummies – Part 2: Understanding web applications

Welcome back budding pen-testers. :) In the first part of the blog series we have… Read More

4 years ago

How to enable SSH on Google Cloud Compute Engine

Last day I was riddling with Evilginx, a phishing attack tool. It needs to be… Read More

4 years ago