Kali Linux 1.0 is a Debian derivative based on Debian Wheezy. Therefore, most of the Kali packages are imported unmodified from the Debian repositories. In some cases, newer packages got imported from Unstable or Experimental, either because it improved the user experience, or because it was required to fix some bugs.

Forked Packages

Some packages obviously had to be forked in order to implement some of the Kali-specific features but Kali strives to keep that number of packages to a minimum by improving the upstream packages when possible (either by integrating the feature directly, or by adding the required hooks so that it’s trivial to enable it without actually modifying the upstream packages).

Each package forked by Kali is maintained in a Git repository with a “debian” branch so that updating a forked package can be easily done with a simple git merge debian in the master branch.

New Packages

On top of this, Kali brings many new Debian packages, which are specific to the penetration testing and security auditing field. A large percentage of these packages are free according to Debian’s Free Software Guidelines and Kali intends to contribute those to Debian and to maintain them directly within Debian.

As a consequence of this, Kali packages strive to be compliant to the Debian Policy and follow the best practices in use in Debian.