Linux distributions for hackers

Today, a short entry about Linux distributions available on the market, which you can use to hack, test and analyze. Nothing beats Kali Linux of course, but it’s also worth looking at the competitors and how they has finally become interesting in recent years.

linux for hackers

Ladies and gentlemen’s. List of most popular Linux distributions for hacking, penetration testing, forensic, security, OSINT etc. Give them a chance. Check tools. Maybe thanks to these distributions you will discover something new, something that you can add to your environment. Take what’s the best from them. Do you know any other that matches this list? Let me know in the comment.

Kali

Kali Linux (formerly known as BackTrack) is a Debian-based distribution with a collection of security and forensics tools. It features timely security updates, support for the ARM architecture, a choice of four popular desktop environments, and seamless upgrades to newer versions.

Based on: Debian (Testing)
Origin: Switzerland
Architecture: armel, armhf, i686, x86_64
Desktop: Enlightenment, GNOME, KDE Plasma, LXDE, MATE, Xfce
Category: penetration testing, forensics, reverse engineering

https://www.kali.org/

Parrot

Parrot (formerly Parrot Security OS) is a Debian-based, security-oriented distribution featuring a collection of utilities designed for penetration testing, computer forensics, reverse engineering, hacking, privacy, anonymity and cryptography. The product, developed by Frozenbox, comes with MATE as the default desktop environment.

Based on: Debian (Testing)
Origin: Italy
Architecture: x86_64
Desktop: KDE Plasma, MATE
Category: penetration testing, forensics, reverse engineering

https://www.parrotsec.org/

BackBox

BackBox Linux is an Ubuntu-based distribution developed to perform penetration tests and security assessments. It is designed to be fast and easy to use. It provides a minimal yet complete desktop environment, thanks to its own software repositories, which are always updated to the latest stable versions of the most often used and best-known ethical hacking tools.

OS Type: Linux
Based on: Debian, Ubuntu (LTS)
Origin: Italy
Architecture: i386, x86_64
Desktop: Xfce
Category: penetration testing, forensics, reverse engineering

https://www.backbox.org/

BlackArch

BlackArch Linux is an Arch Linux-based distribution designed for penetration testers and security researchers. It is supplied as a live DVD image that comes with several lightweight window managers, including Fluxbox, Openbox, Awesome and spectrwm. It ships with over a thousand specialist tools for penetration testing and forensic analysis.

Based on: Arch
Origin: USA
Architecture: x86_64
Desktop: Awesome, Blackbox, Fluxbox, spectrwm
Category: penetration testing, forensics, reverse engineering

https://blackarch.org/

Pentoo

Pentoo is a Gentoo-based Linux live CD with a selection of applications and tools designed to perform penetration testing.

Based on: Gentoo
Origin: Switzerland
Architecture: i686, x86_64
Desktop: Xfce
Category: penetration testing, forensics, reverse engineering

https://www.pentoo.ch/

BugTraq

Hacker ‘s suite where you will find all kinds of tools for the best systems auditory. Adapted for beginners in Ethical hacking computer security, and for experts in this field.

Based on: Debian
Origin: Spain
Architecture: i686, x86_64
Desktop: Xfce
Category: penetration testing

http://bugtraq-apps.com/

Deft

DEFT (Digital Evidence & Forensic Toolkit) is a customized distribution of the Ubuntu live Linux CD. It is an easy-to-use system that includes excellent hardware detection and some of the best open-source applications dedicated to incident response and computer forensics.

Based on: Debian, Lubuntu
Origin: Italy
Architecture: i686
Desktop: LXDE, Openbox
Category: forensics

Unfortunately this one is discontinued, but still worth mentioning.

http://www.deftlinux.net/v

Caine

CAINE (Computer Aided INvestigative Environment) is an Ubuntu-based GNU/Linux live distribution created as a project of digital forensics. It offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. The main design objectives that CAINE aims to guarantee are: an interoperable environment that supports the digital investigator during the four phases of the digital investigation, a user-friendly graphical interface, and a semi-automated compilation of the final report.

Based on: Debian, Ubuntu (LTS)
Origin: Italy
Architecture: x86_64
Desktop: MATE
Category: forensics

https://www.caine-live.net/

Network Security Toolkit

Network Security Toolkit (NST) is a bootable live CD based on the Fedora distribution. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools. What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.

Based on: Fedora
Origin: USA
Architecture: x86_64
Desktop: Fluxbox, MATE, Openbox
Category: network analysis

http://www.networksecuritytoolkit.org/nst/index.html

Demon

Demon linux (formerly known as WeakNet) us an information security-themed distribution of Debian Linux. It has taken the place of WeakNet Linux with a whole new design, UI/UX, tool-set, and more. The project is appropriately named, considering that it came from my own frustrations with how poorly designed user interfaces are and how terrible most user experiences in software are becoming more prevalent. I want a beautiful experience that is also user friendly.

Based on: Debian
Origin:
Architecture: x86_64
Desktop: Xfce
Category: penetration testing

https://demonlinux.com/

ArchStrike

ArchStrike is a distribution for security professionals and researchers based on Arch Linux. ArchStrike provides an extra repository of security software and is available in Openbox and Minimal 64-bit builds. ArchStrike provides a live desktop environment based on the Openbox window manager.

Based on: Arch
Origin: USA
Architecture: i686, x86_64
Desktop: Openbox
Category: penetration testing

https://archstrike.org/

ForLEx

ForLEx is a lightweight Debian-based Linux live CD which boots into an LXDE desktop. The distribution’s primary goal is to provide several useful utilities for forensic analysis.

Based on: Debian (Stable)
Origin: Italy
Architecture: x86_64
Desktop: LXDE
Category: forensics

http://www.forlex.it/

irBSD

irBSD is a digital forensic suite based on NetBSD operating system for cryptography, penetration testing, data recovery, reverse engineering, privacy and other security tasks with pkgin package management and ratpoison as default window manager. irBSD is configured for USB mediums and x86_64 platforms.

Based on: NetBSD
Origin: Iran
Architecture: x86_64
Desktop: Ratpoison
Category: penetration testing, forensics, reverse engineering

https://pclite.net/page/irbsd

REMnux

REMnux is a lightweight, Ubuntu-based Linux distribution for assisting malware analysts with reverse-engineering malicious software. It incorporates a number of tools for analyzing malicious executables that run on Microsoft Windows, as well as browser-based malware, such as Flash programs and obfuscated JavaScript. The toolkit also includes programs for analyzing malicious documents, such PDF files, and utilities for reverse-engineering malware through memory forensics.

Based on: Debian, Lubuntu
Origin: USA
Architecture: i386, x86_64
Desktop: LXDE
Category: forensics, reverse engineering

https://remnux.org/

TinyPaw

Linux WiFi pentesting distribution built on Tiny Core Linux and inspired by the Xiaopan OS project. Lightweight with some new tools and updates to the tools that have stood the test of time.

Based on: Tiny Core Linux
Origin: USA
Architecture: i686
Desktop: Hackedbox
Category: penetration testing

http://tinypawlinux.x10.bz/

Samurai WTF

The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Based on: Debian
Origin: ???
Architecture: i686, x86_64
Desktop: Xfce
Category: penetration testing

http://www.samurai-wtf.org/

Web Security Dojo

A free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo. Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v16.04LTS, which is patched with the appropriate updates and VM additions for easy use.

Based on: Ubuntu LTS
Origin: USA
Architecture: i686, x86_64
Desktop: Xfce
Category: penetration testing

https://sourceforge.net/projects/websecuritydojo/

Wifislax

Wifislax is a Slackware-based live CD containing a variety of security and forensics tools. The distribution’s main claim to fame is the integration of various unofficial network drivers into the Linux kernel, thus providing out-of-the-box support for a large number of wired and wireless network cards.

Based on: Slackware
Origin: Spain
Architecture: x86_64
Desktop: KDE
Category: penetration testing, forensics

http://www.wifislax.com/