Go back

Install Browser Based Kali Linux on Google Cloud(GCP)

  1. Open Browser Based Kali Linux marketplace listing on GCP Marketplace.


  1. Click Get Started.
  • It will take you to the agreement page. On this page, you can change the project from the project selector on top navigator bar as shown in the below screenshot.

  • Accept the Terms and agreements by ticking the checkbox and clicking on the AGREE button. /img/common/gcp_agreement_page.png

  • It will show you the successfully agreed popup page. Click on Deploy. /img/common/gcp_agreement_accept_page.png

  • On deployment page, give a name to your deployment.

  • Tick the existing account radio button and select your existing service account from the "Select a service account" dropdown as shown below.
  • If you don't see the service account in "Select a service account" drop down, then please follow the below steps to add one. if you can see a service account in the dropdown, skip ahead to the next step to select the region for your deployment.
  • below steps are one time only and you need appropriate IAM permissions to execute these steps. If you encounter IAM permission errors, reach out to your organization's IAM admin to execute these steps :
    1. Note Project id : First note down the project-id of the project where you are deploying our solution . Project id can be found by clicking on the project dropdown and copying id from the poped up window.

    2. Activate cloud shell by clicking the shell icon at the top right corner.
    3. In the cloud shell, run below command to switch to the project where you are deploying this solution , replace PROJECT_ID with the actual project id copied in step a.
    4. gcloud config set project "PROJECT_ID"

    5. Then run below command to create new service account, replace highlighted bold text with suitable values.
    6. gcloud iam service-accounts create "your-service-account-name" --description="service account for your-google-cloud-login-emailid " --display-name="your-service-account-name"

    7. Then run below command to associate the newly created service account with your google cloud login id, replace highlighted bold text with values provided in above steps
    8. gcloud iam service-accounts add-iam-policy-binding your-service-account-name@projectid-copied-in-step-a.iam.gserviceaccount.com --member="user:your-google-cloud-login-emailid" --role="roles/iam.serviceAccountUser"

    9. Then run below 3 commands one after the other , replace highlighted bold text with your service account name provided in previous steps.
    10. gcloud projects add-iam-policy-binding tcw-project-381520 --member=serviceAccount:your-service-account-name@projectid-copied-in-step-a.iam.gserviceaccount.com --role=roles/config.agent

      gcloud projects add-iam-policy-binding tcw-project-381520 --member=serviceAccount:your-service-account-name@projectid-copied-in-step-a.am.gserviceaccount.com --role=roles/compute.admin

      gcloud projects add-iam-policy-binding tcw-project-381520 --member=serviceAccount:your-service-account-name@projectid-copied-in-step-a.iam.gserviceaccount.com --role=roles/iam.serviceAccountUser

    11. Once the above steps are done, wait for 60 seconds then refresh the deployment page and you should see the newly created service account in "Select a service account". Continue with the next steps below.
  • Select a zone where you want to launch the VM(such as us-east1-)
  • Optionally change the number of cores and amount of memory. (This defaults to 1 vCPUs and 3.75 GB ram.)


  • Optionally change the boot disk type and size. (This defaults to “Standard Persistent Disk” and 60 GB respectively)
  • Select the default network and subnetwork which has ports 22 (for ssh) and 443 (for HTTPS) exposed.
  • Click Deploy when you are done. Browser Based Kali Linux VM will begin deploying.


  1. A summary page displays when the compute engine is successfully deployed. Click on the Instance link to go to the instance page .

  2. To access the Kali Linux GUI via browser, Copy the External IP address of the VM from the VM’s overview page and enter the address as https://vm_public_ip/vnc.html in the browser. Hit enter.

Note: Please use https and not http in the URL when accessing Kali Linux GUI, e.g. https ://


  1. While accessing GUI via browser, ssl certification warning will be shown. Click on Advanced and then select Accept the risk and Continue


  1. After accepting the ssl certification warning it will show you the below screen. Please click on Connect button.


  1. Now you are connected to out of box Kali GUI Linux environment via Browser.

Note: If your Kali Linux GUI environment is not comming or you are getting timeout error in browser then please follow from Step 11 onwards to restart the kali-linux container from terminal.


  1. After your first login, Open terminal and run below command to change the root user password.
x11vnc -storepasswd


  1. Once the passwd is set, reboot the vm and re-login with root user and new password. - /img/gcp/kali-in-browser/passwd.png

  2. Now your are connected to out of box Kali GUI Linux via browser which comes with preinstalled kali tools and apps. /img/gcp/kali-in-browser/applications.png

  3. To SSH to the VM go to the instance page, click on the “SSH” button, select “Open in browser window”.


  1. This will open SSH window in a browser.
  • To connect to Kali command line, run below command
  sudo docker exec -it kali-linux /bin/bash


  • If above command returns “Error response from daemon:” error or if you see docker command not found error as shown below then wait for few minutes and run below commands to start the kali container then run above command again.


sudo docker start kali-linux
sudo docker exec kali-linux /entrypoint.sh &



Go back