← Back to Blog
WSL2 + Kali Linux: Your Security Research Playground
Windows Subsystem for Linux (WSL) has transformed how we work with Linux on Windows. Combined with Kali Linux, it creates a powerful, portable security research environment. Here’s how I set up my security playground.
Why WSL2 for Security Research?
Traditional Approach
- Dual boot → Reboot to switch OS
- VM → Heavy resource usage
- Live USB → Not persistent
WSL2 Approach
- Run Linux within Windows
- Native performance
- File system integration
- Easy clipboard sharing
- Persistent storage
Installation
Step 1: Enable WSL2
# Run as Administrator
wsl --install
# Or manually enable features
dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
Step 2: Install Kali Linux
# From Microsoft Store
wsl --install -d kali-linux
# Or download manually
wsl --import kali-linux .\kali-linux .\kali-linux.tar.gz
Step 3: Update and Install Tools
# Update Kali
sudo apt update && sudo apt upgrade -y
# Install Metasploit
sudo apt install metasploit-framework
# Install common tools
sudo apt install nmap hydra sqlmap burpsuite wireshark
# Install Kali Linux tools meta-package
sudo apt install kali-linux-large
Win-KeX: Kali in a Window
For a desktop-like experience, Win-KeX is excellent:
# Install Win-KeX
sudo apt update
sudo apt install -y wget
wget https://raw.githubusercontent.com/Win-KeX/Kali-Linux/master/wk
chmod +x wk
sudo ./wk install
# Launch GUI
kex --wm
Essential Security Tools
Network Scanning
# Nmap
nmap -sV -sC -O target.com
# Masscan (faster)
sudo masscan -p1-65535 10.0.0.1/24
Web Application Testing
# SQLMap
sqlmap -u "http://target.com/page?id=1" --dbs
# Burp Suite
burpsuite
# OWASP ZAP
zaproxy
Password Attacks
# Hashcat (GPU-accelerated)
hashcat -m 0 hashes.txt wordlist.txt
# John the Ripper
john --format=raw-md5 hash.txt
Wireless
# Aircrack-ng suite
airmon-ng start wlan0
airodump-ng wlan0mon
aireplay-ng --deauth 0 -a MAC target
Integration Tips
VS Code Integration
// .vscode/launch.json
{
"configurations": [
{
"name": "Remote-WSL",
"type": "node",
"request": "launch",
"wsl": {
"distribution": "Kali-Linux"
}
}
]
}
Windows-Kali File Sharing
# Access Windows from Kali
cd /mnt/c/Users/YourName
# Access Kali from Windows
# Simply navigate to \\wsl$\kali-linux\
GPU Pass-Through
For hashcat, GPU acceleration:
# Check GPU visible to WSL
wsl -d kali-linux nvidia-smi
My Setup
┌─────────────────────────────────────┐
│ Windows 11 │
├─────────────────────────────────────┤
│ VS Code + Remote WSL │
│ - Python development │
│ - Script editing │
│ - Terminal integration │
├─────────────────────────────────────┤
│ WSL2 (Kali Linux) │
│ - Security tools │
│ - Network testing │
│ - CTF practice │
├─────────────────────────────────────┤
│ Win-KeX (GUI Mode) │
│ - Burp Suite │
│ - Wireshark │
│ - Desktop applications │
└─────────────────────────────────────┘
Legal Note
Always have written permission before testing any system you don’t own. Unauthorized access is illegal.
Use Cases
- Learning — Practice in safe environments
- CTFs — Capture The Flag competitions
- Home Lab Testing — Test your own infrastructure
- Bug Bounty — Legitimate security research
- Certifications — OSCP, CEH, CISSP practice
Troubleshooting
WSL2 Not Starting
# Restart LxssManager
Get-Service LxssManager | Restart-Service
Network Issues
# Restart network in WSL
sudo systemctl restart networking
Performance
# Increase memory
wsl -s kali-linux
# Edit .wslconfig in Windows home
Conclusion
WSL2 + Kali Linux provides an incredible security research environment that’s:
- Easy to set up
- Lightweight
- Integrated with Windows
- Persistent
Whether you’re learning penetration testing, practicing for certifications, or securing your own systems, this setup has you covered.
What security tools do you use? Let’s connect and discuss!
| Connect: LinkedIn | GitHub |