Overview
Kali Linux (formerly known as BackTrack Linux) is an open-source, Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. It does this by providing common tools, configurations, and automations which allows the user to focus on the task that needs to be completed, not the surrounding activity.
Kali Linux contains industry specific modifications as well as several hundred tools targeted towards various Information Security tasks, such as Penetration Testing, Security Research, Computer Forensics, Reverse Engineering, Vulnerability Management and Red Team Testing.
Kali Linux is a multi-platform solution, accessible and freely available to information security professionals and hobbyists.
Highlights
- Advanced penetration testing platform
- Hundreds of security tools
- Cloud-Init support for customized configuration
Details
Unlock automation with AI agent solutions

Features and programs
Financing for AWS Marketplace purchases
Pricing
- ...
Dimension | Cost/hour |
---|---|
t2.medium Recommended | $0.00 |
t2.micro AWS Free Tier | $0.00 |
t3.micro AWS Free Tier | $0.00 |
m3.xlarge | $0.00 |
m5dn.2xlarge | $0.00 |
hs1.8xlarge | $0.00 |
u-24tb1.metal | $0.00 |
g4dn.2xlarge | $0.00 |
c5ad.xlarge | $0.00 |
cc2.8xlarge | $0.00 |
Vendor refund policy
This is a free product
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
This listing is based on Kali Linux (2025.2 - rolling) AMD64
Release: 2025-06-13 Changelog: https://www.kali.org/blog/kali-linux-2025-2-release/Â
Credentials information: https://www.kali.org/docs/introduction/default-credentials/Â
For more information about upgrading, please see: https://www.kali.org/docs/general-use/updating-kali/Â
Additional details
Usage instructions
Once your instance is running, connect to it with your SSH private key using the "kali" account. For more information, please see: https://www.kali.org/docs/introduction/default-credentials/Â
For more information about our AWS cloud image, please see: https://www.kali.org/docs/cloud/aws/Â
If you are performing penetration testing, please refer to the AWS Testing Request for more information: https://aws.amazon.com/security/penetration-testing/Â
Resources
Vendor resources
Support
Vendor support
Kali's Community:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products

Customer reviews
Provides valuable real-time data scanning for vulnerability assessment
What is our primary use case?
We have some entirely backend services that function as an integration layer, where multiple applications exchange data through it. For any frontend and API control such as Acunetix or Qualys, they are not supported for those kinds of backend services. For that purpose, we are using Kali Linux . Kali Linux has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.
For backend service, Kali Linux is a very good tool, so I can recommend it for that.
What is most valuable?
Kali Linux has the capability of real-time data scanning for vulnerability assessment for backend services. That is actually very far more valuable.
The toolset on the security framework in Kali Linux is fulfilling our purpose of doing the assessment. We are good with that.
Kali Linux has the capability to expand more.
What needs improvement?
We don't know if Kali Linux has the port scanning capability yet, but that is an area of improvement because we are working with DMZ zones and customized ports. If we can add featured customized port scanning and DMZ zone capability, then it will be a very great tool. It might be there, but we are not exploring it yet.
We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we can use a customized port such as 9876, that capability would be great.
The only point that I didn't find on Kali Linux for now is the ability to customize port scanning.
For how long have I used the solution?
It has been only five to six months, and the team is getting used to it now.
What do I think about the stability of the solution?
I should rate the stability of the product as average, good. I would rate it eight, minus two because I don't know about other capabilities.
What do I think about the scalability of the solution?
Kali Linux has the capability to expand more, so I would rate it nine.
Which solution did I use previously and why did I switch?
I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat.
How was the initial setup?
The initial setup of Kali Linux is okay—not pretty complex or very simple.
It could be simplified from Kali's side for a GUI user, but if we are doing it as command mode, it is okay. We don't find it very hard to install or pretty complex.
For a regular user, they might find it complex. For the technical staff, it's not very complex.
What about the implementation team?
Our DevOps team is doing it, so it is somewhat customized.
Which other solutions did I evaluate?
I won't compare Kali Linux with Linux from other vendors because we are installing it on top of Red Hat. We can say the competitors of Acunetix , such as Burp Suite and Qualys Guard, those are the real competitors. Kali Linux is good because Sysbench is one kind of tool that has the capability of port scanning, but we don't know much about Sysbench as of now.
What other advice do I have?
We are not working with the multi-language support function as of now because we are very new to it, so we are exploring the stuff entirely.
We are not working with the resource constrainer system function. We just use scanning for incoming and outgoing data services as of now.
We are not exploring 100% of Kali Linux capabilities. If real-time customized port scanning can be added, for example, instead of a default port such as 8080 or 443, if we are able to use a customized port such as 9876, that capability would be great.
I prefer not to comment further because we are very new to the tool. We don't explore 100%, so I can't comment on it with my capacity right now.
I'm not sure about the pricing model because we got a community version of Kali Linux. The customer has purchased it, so I'm not sure about the pricing.
On a scale of one to ten, I rate Kali Linux an eight.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
đź’ˇ For anyone still trying to figure out the correct SSH username:
Just adding to the conversation because this wasn’t smooth sailing for me either — but also, I’m a beginner.
When I first launched the AMI in us-east-1, I tried logging in with the username kali and it didn’t work. So I tried the other usual suspects: root, ec2-user, admin — nothing worked.
Eventually, after some trial and error (terminating the instance and starting fresh using the same key pair), I used root again and saw the message from the Kali devs saying that kali is the correct username. I tried it again — and this time it worked.
The first time I used root I didn’t get that message at all. The second time I did. No idea why kali didn’t work initially, or why I didn’t get the dev message the first time. Maybe the instance wasn’t fully initialized yet, maybe I made a typo, maybe it’s just AWS being AWS.
If you’re hitting the same wall, don’t assume you’re doing something wrong — it might just take a few tries. It may have absolutely nothing to do with whether you “read the instructions.” I read them too. Still had issues.
✅ Try terminating the instance and launching a fresh one. That’s what finally worked for me.
Just keep troubleshooting. You’ll get in. 💻🔥
Doesn't come with standard PenTest tools
The people that are complaining about not being able to SSH in to the server really shouldn't be using a penTest tool. Follow the instructions people!
My issue is that the OS did not come with Nikto or Metasploit. I had to change the repo list and install it myself. The whole point of Kali is that it comes with hundreds of these tools pre-installed...
does what its supposed to
people complaining about ssh are just silly. I am able to ssh no problem to this and i have rolled out many
Works well
I suspect the people marking this 1 star did not read the instructions and see the user required is kali not root or ec2-user.