Top Distributions for Penetration Testing
There are several popular securty distributions that contain most of the popular utilities and penetration testing applications. Usually they are based on existing Linux distributions and are their revised versions. This article will present the most famous of them.
The most popular distribution to date. It is the successor to Backtrack Linux.
Kali Linux is an incredibly powerful penetration testing tool that comes with over 600 security utilities such as Wireshark, Nmap, Armitage, Aircrack, Burp Suite, etc.
There are several types of this distribution for various platforms, such as ARM, virtualization systems, and instances for conducting attacks from mobile platforms - Kali Nethunter.
Currently, the distribution is implemented in the form of a rolling release, which ensures that you will always have the latest versions of the best tools and utilities for penetration testing.
Download Kali Linux.
BlackArch Linux is designed specifically for Pentesters and security professionals. It supports i686 and x86_64 architectures. The installation kit now includes 1359 tools for penetration testing and their number is constantly increasing. Based on Arch Linux.
The number of utilities is really quite impressive, but some of them have similar functionality and for a newcomer it can be quite difficult to figure out so many programs.
Parrot Security OS
The growing security distribution based on Debian-linux is gaining popularity. Pretty easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.
Quite an easy and effective tool, many security experts found in it a replacement for the increasingly "gluttonous" Kali, especially since Parrot uses Kali repositories for updates.
Download Parrot Security OS.
Ubuntu-based BackBox lightweight distribution. In direct comparison, Kali will lose on many points. It does not have so many different tools, utilities, and frameworks available right out of the box. No kernel optimizations and other tweaks.
Thanks to its lightweight shell, XFCE BackBox Linux is more suitable for everyday use as a workhorse on your personal computer. There is a mode - Anonymous mode - all system traffic is passed through a TOR proxy. The startup script changes the MAC address of the system and hostname, and when the mode is turned off, all temporary files are deleted using the integrated BleachBit package.
Backbox Linux can be a great alternative to Kali Linux for those who are looking for a balance between functionality and usability.
Pentoo is a security distribution based on the popular Gentoo Linux distribution, whose fans are Pentoo developers. Contains many security utilities.
One of the features is the native support of Hardened Gentoo - several changes in the compiler and kernel that increase the overall security of the system from hacking.
Download Pentoo Linux.
Network Security Toolkit
The Network Security Toolkit is one of many Linux distributions such as the Live CD, designed to analyze network security. NST gives administrators easy access to a wide variety of open network applications, many of which are included in the top 100 security features recommended by insecure.org. Based on Fedora Linux.
Having a balanced set of tools for network monitoring, analysis and security, it can give obvious advantages to the network administrator for monitoring the security of the infrastructure entrusted to him.
Download Network Security Toolkit.
This distribution is developed on the Lubuntu platform and comes with a convenient graphical interface. In addition, a set of profile utilities has been added to the product, starting with antiviruses, information search systems in the browser cache, network scanners and utilities for detecting rootkits and ending with the tools necessary when searching for data hidden on the disk.
The main purpose is to carry out measures for forensics - to analyze the consequences of hacking computer systems, to identify lost and compromised data, as well as to collect the so-called digital evidence of cybercrime.
Download DEFT Linux.
Samurai Web Security Framework
The main purpose of this distribution is testing for penetration of various web applications.
It comes in the form of a virtual machine image containing the most popular Open Source utilities for collecting information and conducting various attacks on web applications.
Download Samurai Web Security Framework.
PentestBox is not like other security distributions that run on virtual machines. It would not be entirely correct to call this assembly a distribution, it is rather a set of * nix-like utilities running in a Windows environment.
It has its own shell, the interface is made in the form of a command line, it contains a large number of utilities, a list of which you can independently supplement / customize.
If you are a Windows user and you are afraid of installing virtual machines or Linux, you can try to work with this shell.
Download Pentest Box.
The distribution is based on Ubuntu linux. Presented only in the form of the X64 platform.
This assembly is intended for the analysis of mobile devices and applications - conducting security analysis, data extraction, reverse engineering, forensics, and also contains development tools.
Download Santoku Linux.
This is a specialized distribution kit with a selection of tools for checking the security of WiFi network systems and conducting forensic analysis. The distribution is based on Slackware linux.
Currently, this is one of the most commonly used tools for auditing WiFi networks, it includes most of the most popular utilities for analyzing the security of wireless networks, most network card manufacturers are supported.