The best distributions for penetration testing

There are several popular securty distributions containing most popular penetration testing tools and applications. Usually they are based on existing Linux distributions and are recycled versions of them. This article will present the most famous of them.

Kali Linux

The most popular distribution today. It is the successor to Backtrack Linux.
Kali Linux is an incredibly powerful penetration testing tool that comes with over 600 security utilities such as Wireshark, Nmap, Armitage, Aircrack, Burp Suite, etc.

There are several types of this distribution for various platforms, such as ARM, virtualization systems, instances for carrying out attacks from mobile platforms - Kali Nethunter.
')
At the moment, the distribution is implemented in the form of a rolling release, which ensures that you will always have the latest versions of the best tools and utilities for conducting penetration testing.

Download Kali Linux.

Blackarch

BlackArch Linux is designed specifically for pensters and security professionals. It supports i686 and x86_64 architectures. The installation package now includes 1359 penetration testing utilities and their number is constantly increasing. Based on Arch Linux.

The number of utilities is really quite impressive, but some of them have similar functionality and it can be quite difficult for a beginner to understand so many programs.

Download BlackArch.

Parrot Security OS

A growing distribution based on Debian-linux. Pretty easy to learn, suitable for both beginners and professionals. This distribution is aimed at both penetration testing and anonymous work on the Internet.

A fairly easy and efficient tool, many security specialists have found in it a replacement for the increasingly “voracious” Kali, especially since Parrot uses Kali repositories for updating.

Download Parrot Security OS.

Backbox

BackBox is a Ubuntu-based lightweight distribution. In direct comparison with Kali will lose on many points. It does not have so many different tools, utilities and frameworks available directly out of the box. No kernel and other tweaks optimizations.

Thanks to the lightweight shell, XFCE BackBox Linux is more suitable for everyday use as a workhorse on your personal computer. There is a mode - Anonymous mode - all system traffic is passed through a TOR proxy. The startup script changes the system's MAC address and hostname, and when you turn off mode, all temporary files are deleted using the integrated BleachBit package.

Backbox Linux can be a great alternative to Kali Linux for those who are looking for a balance between functionality and convenience of everyday use.

Download BackBox.

Pentoo linux

Pentoo is a security distribution based on the popular Gentoo Linux distribution, which fans are Pentoo developers. Contains many security utilities.

One of the features is the native support of Hardened Gentoo - several changes in the compiler and the kernel, which increase the overall security of the system against hacking.

Download Pentoo Linux.

Network security toolkit

Network Security Toolkit is one of many Linux distributions, such as the Live CD, aimed at analyzing network security. NST gives administrators easy access to a wide variety of open network applications, many of which are included in the hundred of the best security tools recommended by insecure.org. Based on Fedora Linux.

Possessing a balanced set of network monitoring, analysis and security tools, can provide clear advantages to the network administrator to control the security of the infrastructure entrusted to him.

Download Network Security Toolkit.

Deft linux

This distribution is designed on the Lubuntu platform and is equipped with a user-friendly graphical interface. In addition, a set of specialized utilities has been added to the product, starting with antiviruses, information search systems in the browser's cache, network scanners and rootkit detection tools and ending with the tools needed when searching for data hidden on disk.

The main purpose is to carry out measures on forensics - to analyze the consequences of hacking computer systems, determining lost and compromised data, and also to collect so-called. digital evidence of cybercrime.

Download DEFT Linux.

Samurai Web Security Framework

The main purpose of this distribution is testing for penetration of various web applications.

It is delivered as a virtual machine image containing the most popular Open Source utilities for gathering information and conducting various attacks against web applications.

Download Samurai Web Security Framework.

Pentest box

PentestBox is not like other security distributions that run on virtual machines. It would not be entirely correct to call this build a distribution, rather it is a set of * nix-like utilities running in a Windows environment.

It has its own shell, the interface is designed as a command line, contains a large number of utilities, the list of which can be independently supplemented / customized.

If you are a Windows user and you are frightened by the installation of virtual machines or Linux, you can try to work with this shell.

Download Pentest Box.

Santoku linux

The distribution is based on Ubuntu linux. Presented only as an X64 platform.

This assembly is designed for analyzing mobile devices and applications - carrying out security analysis, data retrieval, reverse engineering, forensica, also contains development tools.

Download Santoku Linux.

WifiSlax

This is a specialized distribution kit with a selection of tools for checking the security of WiFi networks and conducting forensic analysis. The distribution is based on Slackware linux.

Currently, it is one of the most commonly used tools for auditing WiFi networks, it includes most of the most popular tools for analyzing the security of wireless networks, and is supported by most network card manufacturers.

Download WifiSlax.