A penetration test is a test carried out on a system or a network with the intention of finding security holes and weaknesses.
Today, the demand for security and penetration testers has increased exponentially and there are not enough penetration testers out there to keep up with requirements.
The term hacker is often taken in the wrong sense but that is not the case. Actually a hacker is someone who seeks and exploits weakness in a system. They are also referred to as white hats, security testers or computer programmers. The term cracker is the more appropriate word for someone who cracks into a system just for his own gain. They are also referred to as black hats.
Many Linux penetration testing distributions come packing with different tools and apps that help point out and exploit a hole in a system or a network.
Here is a list of some popular and most used penetration testing distros for Hackers or security testers out there.
NodeZero Linux
NodeZero is Ubuntu based Linux which can also be used for penetration testing. With NodeZero comes around 300 tools for penetration testing.
NodeZero was formally known as Ubuntu Pentest Edition and was the 1st Ubuntu/Gnome based penetration testing distro that was released. NodeZero was built on top of Ubuntu 10.04 LTS Lucid Lynx.
NodeZero features THC IPV6 Attack Toolkit which includes tools like alive6, detect-new-ip6, dnsdict6, dos-new-ip6, fake-advertise6, fake-mipv6, fake_mld6, fake_router6, implementation6, implementation6d, parasite6, recon6, redir6, rsmurf6, sendpees6, smurf6, toobig6, and trace6.
Since NodeZero Linux is based on Ubuntu, it comes with great stability and reliability.
Pentoo Linux
Pentoo Linux is based on Live CD focused towards security testing and based on Gentoo. Pentoo is also available as an overlay for an existing Gentoo installation. It’s basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included :
- Hardened Kernel with aufs patches
- Backported Wifi stack from latest stable kernel release
- Module loading support ala slax
- Changes saving on usb stick
- XFCE4 wm
- Cuda/OPENCL cracking support with development tools
- System updates if you got it finally installed.
Matriux
Matriux is a distro which is relatively new and is a fully featured security disctribution consist of over 300 free tools called arsenals which can be used to penetrate systems and is based on debian. Matriux is designed to run from live CD or USB and can be installed on hard drive as well.
Matriux offers many forensics tools under its Arsenal in Digital-Forensics category.
The distro can be download their official site.
Parrot Security OS
Parrot Security OS is also a relatively new player in the Linux world and is also a debian-based penetration testing OS designed for easy use. It is a very versatile OS and is also very suitable for daily use. Parrot OS is designed for everyone from newbie to a highly professional security tester. It has a very devoted and committed development team known as Frozenbox Network. The Parrot OS is a cloud-friendly operating system focused on anonymity and complete encryption for the user.
The latest version of Parrot Security OS can be downloaded from here.
BlackArch Linux
BlackArch is a lightweight expansion to Arch Linux geared towards penetration testers and hackers. The repository contains 1233 tools. Although BlackArch Linux is past the beta stage but it is still a relatively new project. I highly recommend that you check out this distro if you are comfortable with Arch.
Kali Linux
Unarguably the most versatile and the most used Penetration Testing OS in the Linux world and my personal favourite and go-to OS for daily use. It is also based on debian and is maintained and funded by Offensive Security Ltd. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack.
Kali Linux is preinstalled with numerous penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer’s hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine.
The latest version can be downloaded from here.
Final Thoughts
Though there are many distros, some old and mature but some relatively newer, to chose from but in the end it all comes down to personal preference and the distro you are most comfortable with but my personal favourite is Kali Linux which I also use for daily activities.
Please feel free to express your opinions in the comments section below.
No comments:
Post a Comment