Dear Kali Linux Security Team,

​I am a security researcher and a dedicated user of Kali Linux. During my reconnaissance phase, I identified several points that might interest your security team regarding the kali.org infrastructure. My goal is to contribute to the security of the tools I use daily.

​1. Exposed Build Logs (Information Disclosure)

I discovered accessible log files on image-amd64.kali.org.

​Example: kali-linux-2026-W13-qemu-amd64.log ​Risk: These logs contain detailed build information, environment details, and internal paths which could assist an attacker in mapping the internal infrastructure.

​2. Open Ports on Sensitive Subdomains (Potential Misconfiguration)

Port scanning on jenkins.kali.org revealed open ports that are typically internal.

​Ports: 8080 (http-proxy) and 8443 (https-alt). ​Observation: While Cloudflare currently returns a 522 error or an "ok" response, having these ports externally visible might lead to bypasses or future exploitation if the proxy configuration changes.

​3. DNS Inconsistencies (Potential Subdomain Takeover Risk)

The subdomain staging.kali.org is discoverable but currently returns an NXDOMAIN error.

​Risk: If this subdomain was previously pointed to a third-party service (e.g., AWS, GitHub Pages) and the DNS record remains, it might be vulnerable to a subdomain takeover.

​I have not attempted any form of exploitation. I am reporting these for your review to help harden the environment. Please let me know if you need further details or more screenshots of these findings.

​Best regards,

Revan Manafli