Kali Linux Nethunter for Android Download

Kali Linux Nethunter for Android Download
Content List
Kali NetHunter is a free and open-source mobile penetration testing platform based on Kali Linux.

NetHunter related news and updates for mobile pentesting devices running Kali Linux...


Kali NetHunter is available for un-rooted devices (NetHunter Rootless), rooted devices with custom recovery (NetHunter Lite), and rooted devices with custom recovery and a NetHunter specialized kernel (NetHunter).

The core of Kali NetHunter, which is included in all three versions, is made up of the following components:

Kali Linux container including all of Kali Linux's tools and apps

Hundreds of security applications are available in the Kali NetHunter App Store.

Kali Linux Nethunter for Android Download

Android app for accessing the Kali NetHunter App Store

Kali NetHunter Desktop Experience (KeX) allows you to conduct complete Kali Linux desktop sessions with screen mirroring via HDMI or wireless screencasting.

Figure 2: The Kali NetHunter Desktop Experience (KeX) is shown on an HDMI monitor.

The Kali NetHunter Software Store is accessible through the specialized client app as well as the online interface.

Figure 3: App Store for Kali NetHunter

Both rooted versions provide extra tools and services. A modified kernel may enhance that capability by including extra network and USB device drivers, as well as wifi injection support for specific wifi chips.

Figure 3: The Kali NetHunter App is available in both rooted and non-rooted versions (NetHunter Lite & NetHunter).

NetHunter supports various other classes in addition to the penetration testing tools supplied with Kali Linux, such as HID Keyboard Attacks, BadUSB Attacks, Evil AP MANA attacks, and many more.

Check out our NetHunter Components page for additional information on the moving pieces that make up NetHunter. Kali Offensive Security and the community collaborated to create NetHunter, an open-source project.

NetHunter Editions 1.0

NetHunter may be installed on practically any Android smartphone by utilizing one of the editions listed below:

Usage - Edition

The table below highlights the functional differences:

NetHunter Rootless-core NetHunter's for unrooted, unmodified devices.

NetHunter Lite - The whole NetHunter package for rooted phones that do not have a modified kernel.

NetHunter - The whole NetHunter package, including a modified kernel for compatible devices.

NetHunter - Rootless - NetHunter Lite - NetHunter App Store is a feature of NetHunter.

All Kali packages may be accessed through the Kali cli command.

KeX Metasploit without DB

Metasploit and DB

NetHunter App needs TWRP WiFi Injection from the Root

Attacks on HID

NetHunter Rootless installation instructions may be found here: NetHunter-Rootless

The NetHunter-App-specific chapters apply solely to the NetHunter and NetHunter Lite versions.

The Kernel-specific chapters apply specifically to the NetHunter version.

Devices and ROMs Supported by NetHunter 2.0

NetHunter Lite may be installed on any rooted Android smartphone with a custom recovery. The complete NetHunter experience necessitates the use of a device-specific kernel designed specifically for Kali NetHunter. Over 164 kernels for over 65 devices are available in the NetHunter GitLab repository. On the NetHunter download page, Offensive Security provides over 25 images for the most common devices. GitLab CI generates the following live reports automatically:

NetHunter photos released quarterly are included here. Statistics for the NetHunter kernel NetHunter kernel table including

3.0 Obtaining NetHunter's Official Release NetHunter images for your particular supported device are available for download from the Offensive Security NetHunter project website, which may be found at the following URL:


Once the zip file has been downloaded, compare the NetHunter zip image's SHA256 sum to the numbers listed on the Offensive Security NetHunter download page. If the SHA256 sums do not match, do not proceed with the installation process.

4.0 NetHunter Construction

If you wish to create a NetHunter image from our Gitlab repository, you may do so using our Python build scripts. For additional information, see our Building NetHunter page. Additional instructions for utilizing the NetHunter installer builder or adding your own device may be found in the README file in the nethunter-installer git directory.

5.0 Setting up NetHunter on top of Android

After you've either obtained or produced a NetHunter image, the following steps are to prepare your Android device and then install the image. "Preparing your Android smartphone" contains the following steps:

unlocking your smartphone and installing vanilla AOSP or LineageOS (CM). (For supported ROMs, see point 2.0.)

As a custom recovery, install Team Win Recovery Project.

installing Magisk in order to root the device and disable force If TWRP is unable to access the data partition, encryption may be necessary.

All that remains is to flash the NetHunter installer zip file onto your Android smartphone after you have a custom recovery.

6.0 Post-Installation Configuration

Start the Kali Chroot Manager by opening the NetHunter App.

Using the NetHunter Store app, download the Hacker Keyboard from the NetHunter Store.

Install any more programs from the NetHunter Store as needed.

Configure Kali Services like SSH.

Configure your own commands.

Set up the Exploit-Database.

Attacks and Features in Kali NetHunter 7.0

Application Kali NetHunter

Home Screen - Displays a general information panel, network interfaces, and the status of HID devices.

Kali Chroot Manager - This tool is used to manage to chroot meta package installs.

Kali Services - This allows you to start and terminate different chrooted services. At boot, you may enable or deactivate them.

Custom Commands - Customize the launcher with your own commands and features.

MAC Changer - Modify the MAC address of your Wi-Fi network (only on certain devices)

Set up a quick VNC session with your Kali chroot using KeX Manager.

Control the USB device setups using USB Arsenal.

**HID [Attacks]** - A variety of HID attacks in the Teensy style.

DuckHunter HID - HID assaults in the manner of Rubber Ducky

BadUSB MITM Attack - Need I say more?

MANA Wireless Toolkit - Create a malicious Access Point with a single click.

MITM Framework - Instantly inject binary backdoors into downloaded executables.

NMap Scan - An interface for quickly scanning Nmap files.

Metasploit Payload Generator - Automatically generates Metasploit payloads.

Searchsploit - Quickly find vulnerabilities in the Exploit-Database.

Third-Party Android Apps in the NetHunter App Store

8.0 NetHunter Terminal Application NetHunter is being ported to new devices.

Check out the links below if you're interested in porting NetHunter to additional Android smartphones. If your port succeeds, please let us know so that we may include these kernels in future versions!

Getting Started with Kernel Modifications Adding Your Device

9.0 Wireless Hardware Cards That Are Known To Work

RTL-SDR - SDR (based on RTL2832U)

NetHunter Apps 10.0

All programs may be downloaded and installed via the NetHunter Store client.

You may get the NetHunter Store App here.

You may find the NetHunter Web Store here.

The source code for the NetHunter Apps is available on GitLab here.


Kali NetHunter has gone through a lot of changes recently. The added features that have been introduced are excellent, now supporting over 50 devices and functioning on Android smartphones ranging from KitKat (v4.4) to Pie (v9.0).

But we're not going to stop there. We are really thrilled to announce the Kali NetHunter App Store after a lot of hard work!


Initially intended to make it easier to handle packages on NetHunter devices, we quickly recognized that the NetHunter shop should also be accessible for non-NetHunter devices. So here it is, accessible to everyone who wants the best of both worlds:

The Google Play Store's ease of use and simplicity

Sideloaded programs' freedom, anonymity, and privacy

App Store for Kali NetHunter

The Kali NetHunter App Store is a one-stop store for Android security apps. It is the perfect Google Play Store alternative for any Android smartphone, whether rooted or not, NetHunter or stock. If you're looking for a security app for your Android smartphone, the NetHunter Store is the place to go.

The NetHunter shop runs on a slightly modified version of F-Droid, due to the efforts of the F-Droid community, particularly Peter Serwylo, whose assistance was vital. While F-Droid installs its clients with telemetry deactivated and requests approval before sending crash reports, we went a step farther and deleted the whole code — only to ensure that our privacy is not jeopardized by mistake. In addition, we expanded the inclusion rules to enable proprietary programs into the marketplace.

  • Request for Proposals

If you are an application developer and would want your software to be featured in the NetHunter App Store, please contact us through a Request for Packaging or on the forums.

Please keep in mind that we accept binary APK files as well as links to git repositories where we develop the apps ourselves. Third-party APK files should ideally be signed by the original author, but applications produced from source by us are built using Gitlab CI and signed by us.

If you want us to add an application that you did not create, please let us know and we will endeavor to get the author's permission to publish it in our store.

More information about contributing applications is available here.

  • Request for Comments

We welcome all Android users to visit the NetHunter App Store (https://store.nethunter.com), download the Store app, give it a try, and then join us in the forums to provide comments and become active.

  • Contributors Are Needed

NetHunter is a collaborative effort. It is run by the community for the community and is a lot of fun. The project's goal is to bring Kali Linux on Android devices and to provide a user experience that makes Android a viable alternative for some areas of penetration testing and hacking. Working on the NetHunter project, which includes the NetHunter Store, exposes you to a broad range of technologies, including:

  • Android app creation

Android rooting and making custom recovery installs

Kernel and kernel drivers, specifically WiFi

Kali Linux

All of the tools that come with Kali Linux

Web-based technologies

Package management on Android...

as well as several others

But, maybe most importantly:

Putting everything together and hacking radio frequency (RF), Wi-Fi, apps, and whatever else you can get your hands on!

If you are good at any of the above or want to become better at any of them, please join us in the forums or on IRC Freenode #NetHunter.



NetHunter has been actively developed for over a year and has gone through nothing short of a full makeover since its previous release. We took our time with v3.0, and the end result is a completely redesigned NetHunter Android app with a more refined UI and a fully functional feature set.

We can now proudly look at NetHunter and firmly consider it to be a solid, commercial quality mobile penetration testing platform thanks to the excellent NetHunter community effort spearheaded by binkybear, fattire, and jmingov. As a result, we are really happy about the introduction of NetHunter 3.0 today - let the games begin!


The NetHunter Android app has been completely redesigned and is now much more "application centered." Many new features and attacks have been introduced, as well as a slew of bug patches contributed by the community. The NetHunter program has fully matured and is now a really useful tool for managing complicated threats. Furthermore, you may now manage your Kali chroot autonomously, including rebuilding and removing the chroot as required. You may also install specific metapackages in your chroot, however, the default kali-nethunter metapackage should cover all the essentials.

Support for Android Lollipop and Marshmallow

Yes, you read it correctly. NetHunter now supports Marshmallow (Android AOSP 6. x) on compatible devices - but we aren't always supporters of the "latest is best" concept. The OnePlus One phone remains our favorite smartphone owing to the combination of size, CPU/RAM resources, and Y-Cable charging capabilities.

New Build Scripts, Easier Device Integration

Our redesign also includes the code that creates the pictures, which we totally ported to Python and dramatically reduced the build time. The build process may now generate compact NetHunter images (70MB) that do not contain a Kali chroot — enabling you to download a chroot later through the Android app.

We've also made it much easy to create ports for additional devices that NetHunter can operate on, and we've already had a number of intriguing PRs about Galaxy device compatibility...

  • Superb NetHunter documentation

We may be prejudiced in our documentation, and it may not be "fantastic," but just "good"... However, it is much improved over what it was before and may be accessed in the form of the NetHunter Github Wiki. We've covered issues like downloading, creating, and installing NetHunter, as well as a basic summary of each NetHunter Attack and Feature.

Installer for NetHunter Linux Root Toolkit

We now have an official NetHunter installation that operates natively on Linux or Mac OS X. The installer is composed of a collection of Bash scripts that may be used to unlock, flash to stock, and install the NetHunter image on compatible OnePlus One or Nexus devices. Please accept the NetHunter LRT, designed by jingo.


To get the NetHunter Zip of Joy (rather than the Kali ISO of Doom), go to the Offensive Security NetHunter download page and save the image to your device. It's worth noting that several Nexus pictures come in both Lollipop and Marshmallow flavors. Once you've downloaded it, visit the NetHunter Wiki for installation instructions.


We published a blog article a few days ago regarding "What it Means to Be an OSCP" in our opinion. If you're an OSCP and want to win an awesome OnePlus One NetHunter smartphone, check out our previous blog article!


Without some screenshots, no self-respecting release could really be considered complete...

So, here they are; have fun!



Kali NetHunter 1.2 is now out, with a slew of enhancements, bug fixes, and, yes, Android Lollipop compatibility. NetHunter now supports the Nexus 6 and Nexus 9 smartphones as well! This is fantastic news for anybody who has purchased one of the new Nexus smartphones and wants to install Kali NetHunter on it. What else has changed in NetHunter? We can't wait to tell you everything about it:

Nexus 5/6/7/9/10 Lollipop Support

NetHunter for the Nexus 9

Except for the OnePlus phone and the Nexus 7 2012 tablet, we've added Lollipop compatibility to practically all of the devices we support. The OnePlus runs a Cyanogen 11 image, but the Nexus 7 2012 is just not strong enough to run Lollipop, resulting in a poor user experience. We've thoroughly tested our Lollipop releases and haven't found a compelling reason to upgrade to Android 5.0 on our own production devices. Don't get us wrong: Android 5.0 is lovely and shiny...but not yet mature enough for our needs. The good news is that the Nexus 6 and Nexus 9 are now supported and can run the Kali Linux NetHunter successfully. Overall, we're pleased with the new Nexus 6 and Nexus 9 pictures, which bring in a new era of upgraded hardware for our Mobile Attack Platform. One important caveat: the Nexus9 devices do not currently work correctly with Atheros USB chipsets.

Hello there, My Little Friend Duck Toolkit.

The integration of Ducky Toolkit HID attack syntax into NetHunter and support for "Ducky Script" was a reoccurring request in our NetHunter email inbox. This enables the simple and quick construction of a wide range of HID payloads for a number of applications ranging from surveillance to exploitation. More information on this may be found in the Ducky Script Syntax guide. If you're not acquainted with the Hak5 USB Rubber Ducky and are interested in HID attacks, you should look into it. Furthermore, you may construct sophisticated payloads using the Ducky Toolkit Website and produce more complex payloads automatically, which can be highly time saving with a little fine tweaking.

Ducky HID Script Converter

Windows has been updated. Installer NetHunter

NetHunter Windows Installer

Installing NetHunter might be difficult for novice users. To aid with this, we've created a simple installer that we've been upgrading with each NetHunter version. This 1.2 version is no exception, so if you want to install NetHunter on your Nexus or OnePlus smartphone as quickly as possible, download our NetHunter Installer. You'll be able to install either a KitKat or a Lollipop image on devices that support it. We've also introduced the ability to upload custom NetHunter pictures through the installer for those who like to create their own. Otherwise, you may go to the NetHunter Download Page to manually download and install an image.

Download NetHunter 1.2.5 sha1sum: 5aa614f99b6180292b523ff934dc79dd7275e6f8

Is there anything different?

Kali.org's New Design

We have redesigned our main Kali site and the Kali documentation site to be lot clearer and simpler to read. As a bonus, the Kali Documentation site update included the first trickle of Kali Linux Dojo articles and videos - check them out in the new Kali Linux Dojo area.

We're always striving to enhance and improve our Kali documentation, as well as keep it current. We hope you like the new design as much as we do!

Please keep in mind that this article refers to an out-of-date method and files and is intended for historical reasons. For the most up-to-date information, please see the NetHunter Downloads page.

Duck encoder, Ducky script converter, Kali NetHunter 1.2, NetHunter



With the first rounds of the 2015 fire, we are pleased to offer some NetHunter-related news! One of the things we love most about Kali Linux is how our Kali projects are always bigger than the sum of their parts. This is most visible in our Kali NetHunter Project, which is the first open-source Android-based penetration testing tool for Nexus and OnePlus smartphones. What's up, OnePlus phones? Yes! Our new NetHunter v1.1 version has some exciting news — and so we begin.

nethunter-one plus is compatible with the Nexus 4 and the OnePlus One.

We've been working hard since our previous release to include support for the new (and old) Nexus devices, as well as the OnePlus One phone (OPO) platform. The OPO phone is stunning. With a good, huge screen and some really excellent technical characteristics, it costs around half the price of rival Nexus smartphones. Despite our initial reservations about this new hardware platform, it has evolved into our preferred device for running Kali Linux NetHunter.

Furthermore, we've updated our Nexus 4 NetHunter images and are pleased to report that Nexus 4 is now a fully supported platform - start delving back into those dark drawers...that Nexus 4 isn't yet worthless!

Executable Backdooring over HTTP bdf-MITM-kali

This is definitely one of the nicest features/tools released to Kali (and, by extension, NetHunter) in the last month - an improved version of the "BackDoor Factory (BDF)" and its associated "BackDoor Factory Proxy" toolset. We packaged these tools in Kali specifically for use with the NetHunter platform, and our testing with them yielded some excellent results. For those unfamiliar with the BackDoor Factory framework – created by @midnite run – it enables us to inject shellcode of our choosing into different binary files, while the BFD Proxy allows us to backdoor these binary files through an HTTP connection on the fly. You should have a good understanding of the capabilities of this toolkit by now, particularly when paired with a mobile platform like NetHunter – but we produced a beautiful graphic just in case.

Simply put, we can now use our NetHunter devices to run MANA, an improved wireless AP client hijacking toolset, in tandem with BDF to produce a mind-numbing effect – transparently hijacking wireless client connections and injecting malicious code into any binary files downloaded from the Internet via HTTP. Here's a demonstration of MANA and BDF proxy in action:

fixed nethunter app is a new management app.

When we first introduced NetHunter, we included a basic web interface to aid in the management and operation of specific products. We didn't like this notion, but it did help us design a management interface that we wanted to offer quickly. We've been working on a better and more reliable native Android app to replace the online interface since then, and we're now ready to show it off. This new NetHunter app, which has all of the capabilities of the old web application interface and more, has been introduced to the recent v1.1 version.

HID Attacks with Multi-Language Support hid keyboard layout

Many people have contacted us since our previous release, requesting HID attack support for keyboard layouts other than US en. We've implemented language support for French, German, Swedish, and Spanish keyboard layouts thanks to their help. We'd want to take this time to thank everyone who helped with these efforts, and we hope to see such strong community support in the future!

NetHunter Windows Installer has been updated.

We've updated our NetHunter Windows installer to include the new v1.1 images, as well as some new features, such as the ability to install a custom NetHunter zip. We don't yet support Lollipop (Android 5.0) with our NetHunter images, but we're working on it – as well as Nexus 6/9 compatibility. The most convenient method to install NetHunter on your Nexus or OnePlus smartphone is to use our Windows Installer, which can be safely downloaded from our NetHunter installer page. If you wish to manually install the newest NetHunter v1.1 zip, go to our Offensive Security custom Kali downloads page.

Dude, What happened to my Dojo?

Yes, we know – the Kali Dojo materials were supposed to be released in mid-December 2014, but life got in the way. We're working on creating an open online version of this workshop rather than simply sharing the slides and associated website, which is why it's taking a little longer than intended. Please be patient as we continue to work on this fantastic project. We'll let you know when it's ready!



The Kali Linux NetHunter platform contains numerous secret features that we have yet to reveal. One of them is the DriveDroid program and patch set, which has been included in NetHunter since version 1.0.2. Using this program, we may instruct NetHunter to simulate a bootable ISO or USB using pictures of our choice. That's true, NetHunter may be used as a boot device, storing a library of bootable ISOs and images... So here we go:


Yes, this is a real possibility. We can simply create a modified Kali ISO with a pre-installed self-installing file and have NetHunter boot it on a target system. You launch DriveDroid, choose the self-installing ISO, connect the USB cord, and reboot the target computer....and all of a sudden, the Kali Linux install screen flashes by, and the installation begins without user intervention...


While NetHunter HID assaults may give us pre-programmed keyboard strokes that compromise the target system, what happens if the target machine is switched off or otherwise needs a login to access? At this time, the NetHunter HID assault would be worthless. Kon-Boot is a must-have tool for anybody doing physical security assessments. To refresh your memory, Kon-Boot is a boot-kit that will discreetly boot and circumvent the authentication procedure of Windows/OSX-based operating systems without overwriting your existing credentials.

We bought a commercial edition of Kon-Boot and attempted to use the given Kon-Boot image file as our bootable USB payload. When we connected our NetHunter device's USB cord to a target machine, the Kon-Boot image booted, allowing us to skip the Windows 8.1 login screen. To see it in action, watch the video below:

With NetHunter and Kon-boot from Offensive Security, you can bypass Windows and OSX login.

Although this technology isn't new, its implementation is fantastic and nicely matches the NetHunter array of tools and capabilities. Furthermore, it has been combating tested in real-world onsite physical pentests that we have conducted and has shown to be incredibly successful.


As NetHunter development continues, we will do our best to keep you up to speed on all of the present and forthcoming features of this fantastic platform. Follow us on Twitter to keep up to speed on our blogs and posts:

Follow @offsectraining on Twitter.

Follow @kalilinux on Twitter.