Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia utilizing Apple’s new containerization framework.
Throughout WWDC 2025, Apple introduced a brand new containerization framework that permits Apple Silicon {hardware} to run remoted Linux distros in its virtualized setting, just like Microsoft Home windows Subsystem for Linux 2 (WSL2).
To get began, customers on macOS Sequoia with Apple Silicon can set up the container CLI by way of Homebrew and initialize Apple’s container framework:
brew set up –cask container
container system begin
You may then launch Kali Linux utilizing the next command, which hundreds the container from the DockerHub container library and executes inside a macOS VM.
container run –rm -it kalilinux/kali-rolling
It’s also possible to use a container to mount an area listing into the Kali VM with a command like:
container run –remove –interactive –tty –volume $(pwd):/mnt –workdir /mnt docker.io/kalilinux/kali-rolling:newest
This command means that you can entry recordsdata on the host gadget from inside the container.
Nonetheless, there are some limitations to the brand new characteristic, because it’s solely accessible on Apple Silicon and doesn’t assist Intel Macs.
Additionally, the Kali crew reviews that there are some bugs with the brand new implementation round networking.
“At present there are a few identified limitations of Containerization, particularly utilizing macOS “Sequoia” 15akin to container’s community entry not getting an IP deal with or no community entry,” reads Kali’s announcement.
“We suggest studying and following Apple’s recommendation when you run into these points.”
Cybersecurity skilled Taha Ex additionally warns that some Kali use instances that require {hardware} passthrough won’t work because of the container being remoted from {hardware}.
The flexibility to rapidly launch Kali Linux in macOS, even when in a virtualized setting, and with some limitations, makes it simpler for Mac customers to carry out safety testing.
Comprise rising threats in actual time – earlier than they affect your enterprise.
Learn the way cloud detection and response (CDR) provides safety groups the sting they want on this sensible, no-nonsense information.
