This guide shows you how to create a Kali Linux instance on AWS for free. Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools aimed at various information security tasks, such as Penetration Testing, Forensics and Reverse Engineering.
Some of the reasons why you may want a Kali instance on AWS:
- You’re on a pen test engagement with limited access to IT, or perhaps even only a mobile phone
- You’re on a time sensitive engagement and need quick access to a tool in Kali
- Your local connection has limited bandwidth and you need to run a large portscan or bruteforce attack.
Before carrying out any penetration testing you MUST first complete the AWS Vulnerability / Penetration Testing Request Form otherwise it’s highly likely your attempts will trigger their defensive monitoring software. (Guilty…)
Step 1: Create your free Amazon AWS account
This section assumes you already have a normal Amazon account, however don’t have an AWS account.
- Head on over to the AWS homepage and click Create a free account.
- Assuming you’re an existing Amazon user, login with your Amazon credentials now, otherwise sign up for a new account.
- Fill in your contact details on the next page.
- Fill in your payment details on the next page. (Note: your card will only be charged if you exceed the limitations of the free tier. We will create an alarm later to prevent this happening.)
- Fill in your mobile number and wait for Amazon to ring. Once on the call, enter your 4 digit pin to confirm your identity. The page will automatically refresh.
- Keep the Basic support plan selected and and click Continue.
- Once successful, click the Complete Sign Up button in the top right hand side and login again if prompted.
You should now be in the AWS Management Console.
If this is your first time using AWS, you may want to create a billing alarm to warn you when you have hit the limit of the free tier. If you don’t, AWS will start charging. Follow Step 4 for instructions on setting up your billing alarm.
Step 2: Prepare EC2
The next step is to generate SSH keypairs so that we can SSH into our Kali instance.
- Open the Amazon EC2 console and make a note of the Region displayed in the top right.
- In the navigation pane, under Network & Security, choose Key Pairs.
- Choose Create Key Pair and enter a name, then choose Create.
The private key file is automatically downloaded by your browser. Keep that file somewhere safe as you won’t be able to re-download it.
Step 3: Launch a Kali instance
The next step is to launch our first Kali instance.
Note: Although it will show an estimated cost of around $8 per month, as long as you remain within the limits of the free tier, described here, you won’t be charged. Follow the billing alarm instructions in Step 4 to be warned if you’re about to be charged.
- Head over to the AWS Marketplace and click Continue to clone the Kali Linux image.
- Under Region, make sure the region you noted down in the previous section is highlighted
- Under EC2 Instance Type, select t2.micro. This is the only type that is available on the free tier
- Click Launch with 1-click and then go back to your EC2 management console to see the instance being created
- One the Status becomes Ready, click the Connect button at the top for instructions on how to connect to your instance. On a Linux machine, simply navigate to where you saved your .pem file and run this command:
ssh -i "NameOfYourKey.pem" ec2-user@PublicDNSofYourInstance
- Once on the machine, it’s a good idea to update your packages to the latest version (~20 minutes)
sudo apt-get update && sudo apt-get upgrade -y
That’s it. You now have a fully featured Kali Linux machine, online with a public IP, ready for use whenever you need it. I’d suggest you keep it powered off when not in use so that you don’t exceed the limits of the free tier.
(Optional) Step 4: Create Billing Alarm
Before you create a billing alarm, you must enable billing alerts. You need to do this only once. After you enable billing alerts, you can’t turn them off.
- Open the Billing and Cost Management console.
- On the navigation pane, choose Preferences.
- Select the Receive Billing Alerts check box.
- Choose Save preferences.
Once you have enabled billing alerts, you can create a CloudWatch billing alarm.
- Open the CloudWatch Console.
- If necessary, change the region on the navigation bar to US East (N. Virginia). The billing metric data is stored in this region, even for resources in other regions.
- On the navigation pane, under Metrics, choose Billing.
- In the list of billing metrics, select the check box next to Currency USD, for the metric named EstimatedCharges, as shown in the following image.
- Choose Create Alarm.
- Define the alarm as follows.
- Set total AWS charges for the month exceed: to $.01.
- Choose the New list link next to the send a notification to box.
- When prompted, enter your email address
- Choose Create Alarm.
- In the Confirm new email addresses dialog box, confirm the email address (or it won’t send an alarm!). To view the status of your alarm, choose Alarms in the navigation pane.