Apple just dropped a bombshell for developers and security researchers: Kali Linux now runs in native containers on Apple Silicon Macs, bypassing Docker altogether. This shift marks a seismic evolution in macOS’s support for Linux tools.
Next Gen Containers: Better Than Docker Desktop
At WWDC 2025, Apple unveiled a containerization stack that runs each container inside its own mini virtual machine. That means better isolation, near-native I/O speeds, and sub-second cold starts, far superior to Docker’s shared-kernel model.
The system employs:
- A new container CLI as the user interface
- Swift-based Containerization framework managing containers
- Virtualization and Hypervisor frameworks creating lightweight micro virtual machines
Launch Kali on macOS in Seconds
On macOS Sequoia (version 15.5 or later), Apple Silicon users can spin up Kali Linux with a few commands:
brew install –cask container
container system start
container run –rm -it kalilinux/kali-rolling
Within moments, you’re in a fully interactive Kali shell with ARM64 kernel and host-mounted directory access for persistent work.
Isolation Meets Security
By running each container in its own micro virtual machine, Apple eliminates Docker’s lateral movement risk. That’s a game-changer for red teams and penetration testers working with untrusted code.
Early adopters report better sandboxing, faster performance, and tighter integration with native macOS systems.
Networking and Platform Limits
Some containers lack IPs or DNS support in Sequoia; full support is expected in macOS Tahoe 26.
Only Apple Silicon Macs are supported; Intel Macs are not.
Until now, running Kali on macOS meant slow virtual machines or resource-heavy Docker setups. Apple’s implementation delivers agility, efficiency, and security, all while preserving familiar Docker workflows using OCI-compliant images.