Skip to content
person encoding in laptop

How to Set Up a Headless Raspberry Pi as a Kali Linux Pentesting Platform

March 30, 2026 Hardware hacking Kali Linux Pentest raspberry pi

Introduction

A Raspberry Pi running Kali Linux is one of the most cost-effective and versatile tools in any security researcher’s kit. For under £50, you get a compact, portable machine capable of running the full suite of Kali’s penetration testing tools – no bulky laptop required. Going “headless” (no monitor, keyboard, or mouse attached) makes it even more powerful: you can tuck it discreetly into a bag, deploy it on a network, and control it entirely over SSH from your Mac or iPhone. This guide walks you through setting the whole thing up from scratch.

What You’ll Need

Before you start, gather the following: a Raspberry Pi 3 or 4 (the Pi 4 with 2 GB RAM or more is recommended for running Kali comfortably), a microSD card of at least 16 GB (32 GB preferred), a power supply, and a Mac or Linux machine to flash the image. You’ll also need a network connection – either via Ethernet cable or Wi-Fi – to access the Pi remotely once it’s running.

You do not need a monitor or keyboard for this setup, which is the whole point. Everything from initial configuration through to running tools is handled over SSH.

Flashing Kali Linux to the SD Card

Head to the official Kali Linux downloads page at kali.org/get-kali and download the Raspberry Pi image. Make sure to select the correct version for your Pi model – the ARM images are clearly labelled. Once downloaded, you’ll need to flash the image to your microSD card.

On a Mac, the easiest method is to use Balena Etcher, a free graphical tool. Install it, open it, select your downloaded Kali image, choose your SD card as the destination, and click Flash. The process takes a few minutes. Once complete, Etcher will verify the write automatically.

Before ejecting the card, you need to enable SSH so that you can connect without a monitor. On the boot partition (which will be visible in Finder), create an empty file called ssh with no extension. On a Mac terminal, you can do this with:

touch /Volumes/boot/ssh

If you want the Pi to connect to Wi-Fi automatically on first boot, you can also create a wpa_supplicant.conf file on the boot partition with your network credentials.

First Boot and Connecting via SSH

Insert the SD card into your Pi, connect an Ethernet cable to your router, and power it on. Give it around 60–90 seconds to boot fully. You then need to find its IP address – the easiest methods are checking your router’s DHCP client list or using a network scanner like nmap or the Angry IP Scanner app.

Once you have the IP address, connect from your Mac terminal:

ssh kali@<IP_ADDRESS>

The default Kali credentials are username kali and password kali. Change these immediately after your first login using passwd.

Initial Kali Configuration

With SSH access established, run a full system update before doing anything else:

sudo apt update && sudo apt full-upgrade -y

This will take a while on first run, particularly on a Pi 3, so be patient. Once complete, you have a fully updated Kali Linux environment. From here, all of Kali’s tools – Nmap, Metasploit, Burp Suite, Aircrack-ng, and hundreds more – are available to install via apt.

One particularly useful addition for a headless setup is a VNC server, which gives you access to the full Kali desktop from your Mac or iPhone without needing a physical display:

sudo apt install tightvncserver -y

Making It Portable

One of the main advantages of a headless Pi as a pentesting platform is portability. A fully charged USB power bank can run a Pi 4 for several hours, making it genuinely field-deployable. Combined with a small Wi-Fi adapter that supports monitor mode (the Alfa AWUS036ACH is a popular choice), you have a capable wireless security testing kit that fits in a jacket pocket.

For persistent remote access, consider setting up a tool like autossh with a reverse tunnel, or a simple Tailscale VPN configuration. Both options give you reliable remote access without exposing the Pi directly to the internet.

Conclusion

A headless Raspberry Pi running Kali Linux is one of the most practical additions you can make to your home security lab. The setup process is straightforward, the hardware cost is minimal, and the result is a portable, always-available pentesting platform you can access from any device on your network. Whether you’re practising CTF challenges, auditing your home network, or learning the tools that security professionals use daily, this combination of hardware and software gives you an excellent foundation to build on. If you have any questions about the setup process, drop them in the comments below.

Tags

ethical hacking hardware hacking Kali Linux pentesting Raspberry Pi

You must be <a href="https://jonathansblog.co.uk/wp-login.php?redirect_to=https%3A%2F%2Fjonathansblog.co.uk%2Fheadless-raspberry-pi-kali-linux-pentesting">logged in</a> to post a comment.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by