Kali Linux now runs natively on macOS, thanks to Appleโs new containerization framework introduced at WWDC 2025. This is part of a broader move to support developer and security workflows natively on macOS, without needing Docker Desktop or third-party hypervisors.
The feature, currently available in macOS Sequoia 15.5 and coming fully integrated in macOS โTahoeโ 26, allows Apple Silicon Macs to run OCI-compliant Linux distributions like Kali Linux inside lightweight, secure virtual machines.
What Is Apple Containerization?ย
Appleโs container system is similar in concept to Windows Subsystem for Linux 2 (WSL2). The new tool, simply called Container, is a command-line interface built to work with Appleโs new Containerization framework.
Under the hood, it launches a tiny virtual machine (VM) per container using Appleโs Virtualization.framework and Hypervisor.framework, delivering strong isolation, fast start-up, and a familiar Docker-style experienceโall using native macOS components. However, the key difference is that each container gets its own secure VM, offering better security boundaries.
The stack consists of:
- Container: the command-line interface users interact with.
- Containerization: the framework that manages containers and connects to macOSโs virtualization APIs.
- framework: Creates the VMs.
- framework: Talks to the macOS kernel to handle VM execution.
How To Run Kali Linux On macOS
To get started, you need to install the CLI tool via Homebrew on machines running macOS Sequoia 15.5 or later on Apple Silicon (arm64) and initialize Apple’s container framework.
brew install –cask container
container system start
Then, run Kali Linux in a container using the following command:
container run –rm -it kalilinux/kali-rollingย
The first time you launch the container system, it installs a minimal Kata Containers kernel, which is used inside the VM. Once done, you are dropped into a full functional Kali Linux shell, complete with the latest Linux kernel — ready for pentesting or development.
You can also mount your macOS working directory into the container with a command such as:
container run –remove –interactive –tty –volume $(pwd):/mnt –workdir /mnt docker.io/kalilinux/kali-rolling:latestย
This command allows Kali to read/write files directly from your Mac.
Known Limitationsย
While the feature is promising, it is still in developer preview, and there are a few caveats, like issues with network interfaces in macOS Sequoia 15: containers may not get an IP address or lose DNS access.
Kaliโs development team has acknowledged these limitations, recommending users refer to Appleโs documentation for troubleshooting.
“Currently there are a few known limitations of Containerization, especially using macOS โSequoiaโ 15, such asย containerโs network access not getting an IP address or no network access. We recommend reading and following Appleโs advice if you run into these issues,โ wrote the Kali Linux team in a blog post.
Final Thought
Appleโs new containerization marks a major shift toward supporting Linux workflows natively on macOS, offering near-native performance and better isolation than Docker or heavy VMs, and thereby bridging the gap between Mac hardware and Linux tools.
