I’ve been keeping my eye on WSL (Windows Subsystem for Linux) since it first came out a while back, and it looks like a new version is up on the Windows Insider Program.
Looks like those over at Kali are already evaluating its potential both as a tool as well as a potential source of endpoint protection bypass. Regarding the separate process space, they write:
This is interesting, as it might actually open up Kali WSL 2 to be a useful endpoint protection bypass. If you get code execution on a Windows 10 system that supports WSL 2, could you install a Kali instance and pivot from there instead of the base operating system? This remains to be seen as this is still in development and Microsoft seems to want to unify the Linux and Windows experience as much as possible,. The end point protection programs might become “WSL Aware”, which makes this is an interesting item to watch.
I’ll have to get my hands on it and play around today and see how much better it is compared to WSL. I’ve already heard some rumblings that the larger footprint of WSL2 eats more resources, but we’ll see.
Source Article: WSL2 and Kali