Penetration Testing Linux distros are a group of
special purpose Linux distros
used for analyzing and evaluating security measures of a target. This
kind of distributions are usually live-cd or usb drive based, but the
newer ones has the ability to be installed as a standalone Linux
distribution on your computer. The main users of pen-test distribution
are network and computer security enthusiasts, security students and
audit firms who does security audits with the customer’s permission on
their network. Pen-testing distros has come a long way since I first used them about
10 years ago. They used to be unstable and almost always live-cd only.
It wasn’t easy to have the packages updated with the latest binaries. We
don’t have those problems anymore as nowadays its much easier to
create a custom distro with custom repositories. Lets look at some of the more widely used pen-test distros out there:
1 BackTrack:
Probably the most widely known pen-test distro out there and one of the
oldest distro still being actively developed. There is a thumb-drive
and Live DVD version, plus the ability to do a full install in your
hard-drive. The distribution is based on Ubuntu with custom packages
that gets updated on a regular basis.
Download backtrack 5 r3.iso(free download click on direct download)
2 Knoppix-STD:
Another old-timer live distro based on knoppix. STD stands for Security
Tools Distro, to avoid any confusion. Contains 1000s of security tools
but not advised to be installed as a stand-alone OS.
Download Knoppix-STD.iso (free)
3 Backbox Linux:
Another Ubuntu based distro but uses XFCE as its window manager and
relies on its own repo to constantly keep its tools updated.
Download backbox
4 Blackbuntu:
Built on Ubuntu 10.10 and Gnome, this distro was specifically designed
to train students and researchers of information security
5 Samurai Web Testing Framework: Based on Ubuntu and gnome based live CD. Designed specifically for information gathering and pen-testing web apps.
6 NodeZero Linux:
Yet another Ubuntu LTS based distro but the emphasis is on native
install not a live distro. Currently work is being node to get its own
package repository for regular updates.
7 WEAKERTH4N:
Based on Debian Squeeze and Fluxbox, its possible to have native HDD
install. There is an emphasis on supporting more radios and Wireless
pen-test tools out of the box.
8 CAINE :
Based on Ubuntu and MATE Desktop Environment, this is a highly
customized pen-test distro that sets it apart from other distro with a
useful forensic report generation tool.
9 Pentoo:
A livecd based on Gentoo and XFCE. Also available as an overlay for
existing Gentoo installations. Has the ability to crack passwords using
GPGPU out of the box.
10 Bugtraq:
Not to be confused with Bugtraq security mailing list. The current
version Bugtraq 2 Black Widow available with XFCE, Gnome and KDE based
on Ubuntu, Debian and OpenSuse. Unique scripts for SVN updates tools,
delete tracks, backdoors, Spyder-sql.
11 Matriux :
“With Matriux, you can turn any system into a powerful penetration
testing toolkit, without having to install any software into your
hardisk. Matriux is designed to run from a Live environment like a CD /
DVD or USB stick or it can easily be installed to your hard disk in a
few steps. Matriux also includes a set of computer forensics and data
recovery tools that can be used for forensic analysis and investigations
and data retrieval.”
12 Matriux :
“DEFT 7 is based on the new Kernel 3 (Linux side) and the DART (Digital
Advanced Response Toolkit) with the best freeware Windows Computer
Forensic tools. It’s a new concept of Computer Forensic system that use
LXDE as desktop environment and WINE for execute Windows tools under
Linux and mount manager as tool for device management.”
13.
parrot security os:
Parrot Security OS is an advanced operating system developed
by Frozenbox Network and designed to perform security and
penetration tests, do forensic analisys or act in anonimity.
14:
kali linux: From the creators of BackTrack comes Kali Linux, the most advanced and
versatile penetration testing distribution ever created. BackTrack has
grown far beyond its humble roots as a live CD and has now become a
full-fledged operating system. and if you want custom kali for development board like ras pi, beagle board, chrome book, or samsung note 10.1 go
here.
15:
Anonymous os : kaos.theory's Anonym.OS LiveCD is a bootable live cd based on OpenBSD
that provides a hardened operating environment whereby all ingress
traffic is denied and all egress traffic is automatically and
transparently encrypted and/or anonymized.
16:
gnacktrack: GnackTrack is a Live (and installable) Linux distribution designed
for Penetration Testing and is based on Ubuntu. Although this sounds
like BackTrack, it is most certainly not; it’s very similar but based on
the much loved GNOME!
17:
Live Hacking CD: Live Hacking CD is a new Linux distribution packed with
tools and utilities for ethical hacking, penetration testing and
countermeasure verification. Based on Ubuntu this ‘Live CD” runs
directly from the CD and doesn’t require installation on your
hard-drive. Once booted you can use the included tools to test, check,
ethically hack and perform penetration tests on your own network to make
sure that it is secure from outside intruders.
18:
Network Security Toolkit: Is bootable ISO live CD/DVD (NST Live) based on Fedora. The toolkit
was designed to provide easy access to best-of-breed Open Source
Network Security Applications and should run on most x86/x86_64
platforms.
19:
OWASP Live CD: OWASP Live CD is a project that collects some of the best open source security projects in a single CD. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. This allows its users to test for various security issues in web applications and web sites.
20:
Arudius: Arudius is a Linux live CD with tools for penetration testing and
vulnerability analysis. A so-called “Linux live CD” is essentially a
Linux operating system that is bootstrapped and run directly from a
standard CD-ROM. This allows for improved portability of the operating
system and for running a variety of Linux software on almost any
physical system without affecting the host operating system installed on
the hard disk. This is the concept that Arudius exploits as well.
Currently, Arudius features more than 140 different security tools and
packages.
21:
Secmic: Secmic is a live Linux security distribution that may be used by
security professionals or for educational purposes. It is free to
download, and always will be. It comprises over 200 security oriented
open source applications and maintains Ubuntu/Kubuntu update
compatibility; meaning you will be able to receive security updates
directly from the Ubuntu/Kubuntu repositories. b43 / wl hybrid
compatibility is included with this Remastersys backup.
22.
Security tools distribution STD: is a Linux-based Security Tool. Actually, it is a collection of
hundreds if not thousands of open source security tools. It’s a Live
Linux Distro, which means it runs from a bootable CD in memory without
changing the native operating system of the host computer. Its sole
purpose in life is to put as many security tools at your disposal with
as slick an interface as it can.
23:
NetSecL: NetSecL Linux is by default with hardened configuration leaving the
distribution at a security level where it is still usable and providing
the tools needed to test your security. GrSecurity and it’s firewall are
features that makes the distribution unique along with specially
compiled packages:Amap, Ettercap, Hydra, Kismet, Nessus, Nmap,
Metasploit, PADS.
24:
VAST: VAST is a VIPER Lab live distribution that contains VIPER developed
tools such as UCsniff, videojak, videosnarf and more. Along with VIPER
tools and other essential VoIP security tools, it also contains tools
penetration testers utilize such as Metasploit, Nmap, and Hydra.This
distribution is a work in progress.
25:
Katana : Katana is a portable multi-boot security suite which brings together
many of today’s best security distributions and portable applications to
run off a single Flash Drive. It includes distributions which focus on
Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and
Malware Removal. Katana also comes with over 100 portable Windows
applications; such as Wireshark, Metasploit, NMAP, Cain & Able, and
many more.
26: fast track: fast-track is automated penetration testing suite developed by david kennedy.
This security suite help the penetration tester to identify and exploit
servers using various techniques. Combining the power of Metasploit
Framework and the automation of the attacks, all the pen test process
will result effective and time saving (where it’s OK to finish under 3
minutes).
If there is any interesting pentest distro I might have missed, feel free to share in the comments.