Tuesday, February 14, 2012

10 Pentesting Linux Distributions You Should Try

With the help of open source tools, penetration testing can now be conducted easier (although it can also be hard sometimes :p ) and cheaper. Linux has gained popularity in the area of penetration testing and information security. Not just because of its security but because of its efficiency because most Pentesting Linux distros that can just be booted using your flash drive or a live CD which makes wherein you don't need to install it on your HDD. These live penetration testing distros contains a package of tools for hacking or cracking a system. Each pentesting distro has its own pros, cons and specialty which includes web application vulnerability research, forensics, WiFi cracking, reverse engineering, malware analysis, and many more.

And so I decided to write a review about 10 pentesting distros I've tried and booted on my laptop or PC:

1. BackTrack 5

So tell me.. Who doesn't know about BackTrack? Some windows users do but almost all penetration testers and Linux users are familiar with this pentesting distro based on Ubuntu. BackTrack used to be a KDE pentesting distro but with the release of BackTrack 5, a Gnome Desktop Environment was also released for those users who dislike KDE. In fact with the release of BackTrack 5, the developer (phillips321) of GnackTrack decided to stop his project after careful consideration. Hence, bt5-fixit.sh was released by phillips321 for improving and adding more tools for BackTrack 5. BackTrack is one of my favorite pentesting distros that can run on a live CD or flash drive. Ideal for wireless cracking, exploiting, web application assessment, learning, or social-engineering a client.

Famous for its awesome line: "The quieter you become, the more you are able to hear". Download BT5 here.

2. BackBox Linux

BackBox Linux captured my heart because of its sleek performance and its flexibility as what the project claims to be. Its new version which is BackBox 2.01 uses these components: Ubuntu 11.04, Linux Kernel 2.6.38 and Xfce 4.8.0. The new version has cool features which include Forensic Analysis, Documentation & Reporting and Reverse Engineering and updated tools like dradis, ettercap, john, metasploit, nmap , Social Engineering Toolkit, sleuthkit, w3af, weevely, wireshark, etc. This pentesting distro is part of Open Soluzioni's project which is founded by Raffaele Forte.

Download this project and see for yourself. What makes their forum cool is that the admin is open for tools request. In fact, Raffaele added reaver (WiFi Protected Setup Attack Tool) in their repository after I made a request in their forum a few months ago.

3. Node Zero

Node Zero is a Ubuntu based distro for penetration testing. It uses the Ubuntu repositories so every time Ubuntu releases a patch for its bugs, you also are notified for system updates or upgrades. Nodezero is famous for its inclusion of THC IPV6 Attack Toolkit which includes tools like alive6, detect-new-ip6, dnsdict6, dos-new-ip6, fake-advertise6, fake-mipv6, fake_mld6, fake_router6, implementation6, implementation6d, parasite6, recon6, redir6, rsmurf6, sendpees6, smurf6, toobig6,  and trace6. Node Zero was formally known as Ubuntu Pentest Edition and was the 1st Ubuntu/Gnome based pentesting distro that was released.

Nodezero Linux is an official media partner of ROOTCON. You can check out the list of tools that Nodezero has in this link.

4. Blackbuntu

Don't feel bad with it's name, it's not a forbidden distro that uses dark arts or unethical tools. It's the black theme which makes this distro very mysterious.

Blackbuntu is another penetration testing distro based on Ubuntu obviously because of its name. It uses GNOME as its DE and uses the Ubuntu 10.10 release. The categories of its tools include Information Gathering, Network Mapping, Vulnerability Identification, Penetration, Privilege Escalation, Maintaining Access, Radio Network Analysis, VOIP Analysis, Digital Forensic, Reverse Engineering and other Miscellaneous tools like macchanger and lynis auditing tools. You can download this distro here.

5. Samurai Web Testing Framework

Samurai Web Testing Framework is a live linux distro that focuses on web application vulnerability research, website hacking, web pentesting, and is a pre-configured as web application environment for you to try hacking ethically and without violating any laws. This distro is a must have for penetration testers who wants to combine network and web app techniques. The framework uses the component Ubuntu 9.04 release.

Samurai Web Testing Framework is a project of InGuardians Inc. which is a vendor-independent Information Security Consultancy based in Washington D.C. This distro can be downloaded in sourceforge.

6. Knoppix STD

No!! Not the Knoppix Sexual Transmitted Disease. STD stands for Security Tools Distribution and is based on Knoppix. This distro was last updated on 2009 which means it didn't have updates now unlike the previous distros that I discussed but I would like to give it a plus one for the fluxbox Desktop Environment because of its very light and smooth. They have some cool tools and has a cool feature which is the Cryptography section. Might not work on some new hardwares because of the forgotten system update but it works great in my virtualbox.

You can download this live distro here.

7. Pentoo

Pentoo? Sounds familiar right? My dear friends, Pentoo is based on Gentoo Linux and is a pentesting distro that uses Enlightenment E17 as its desktop environment. It's default wallpaper is really cute. I love Tux. LoL

It has a fairly cool collection of pentetsing tools, Cuda/OPENCL cracking support with development tools and GPU based cracking software pyrit installed on the distro.


WEAKERTH4N is one of the awesome pentesting distros I have ever tried. It's still in its BETA release but the developer has done a good job for this project that some cool pentesting tools included in this distro. It is built from Debian Squeeze and uses Fluxbox as it Desktop environment. You can install this live pentesting distro using Custom Remastersys Installer. It has a lot of wireless tools unlike BackTrack 5.It has the old Android Hacking features.

For wifi warriors out there you should check out the Weaknet Labs Section under WiFu especially Catchme-NG which allows you to troll for a MAC address, or anything from an 802.11 packet using Airodump-ng and WPA-Phishing attack for EAP Phishing.  Download the BETA version here.

9. Matriux Krypton

Matriux Krypton final was released last 2011.08.15 and is another open source security distribution for ethical hackers and penetration testers. Compiled with a cool set of tools which they call arsenals, this distro can be used for penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, exploiting, cracking, data recovery and many more. I also love its startup screen that says "Software is like sex; it's better when it's free" (attributed to Linus Torvalds).

Download this cool pentesting distro and check out their arsenal here.

10. Project Playground

Project Playground or “Pipi” is a pentesting distro based on Debian that uses XFCE as its DE. It centers on web application security practice, it is packed with web apps intended to have vulnerabilities and weaknesses for you to practice. This includes DVWA, mutillidae, gruyere and webgoat and many more. Aside from those mentioned, articles and tutorials are also included. The distro is made in the Philippines by a Filipino open source advocate and pentetsing lover named creatures/kreatures.

For now the alpha release is available for download and I have already tried it. Kudos to creatures/kreatures for the Alpha Release. You can email creatures at ysda27[at]gmail[dot]com or visit his website for more updates about his project.  You can stalk some of his tutorials on the ProjectX Blog.

About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.