Linux distributions are often customized to perform many specialized tasks cater to a particular industry, hobby or business. Security Penetration testing is one such niche where professional (and hobbyists) use customized Linux distributions with the whole purpose of doing security tests on networks and personal computer (hopefully with permission). Most of these distribution are live CDs which can be used without having to install them to your computer. Today we will take a look at some of best Pen-test distributions out there.
1) BackTrack: Backtrack is the most widely known pen-test distribution out there. The latest release (4 Beta) has been ported to Debian/Ubuntu from Slackware and now can be installed locally as a full distribution and tools can be updated using Backtrack repositories. Backtrack includes more than 300+ security tools.
2) Knoppix STD: As the name suggests this distribution is based on Knoppix and STD stands for Security Tools Distribution. This distribution didn’t get any update (like most pen-test distros) in a long time and might not work on some new hardwares but they have a fairly good collection of tools.
xfce fluxbox is used for desktop environment.
3) nUbuntu: Based on Ubuntu and fluxbox, nUbuntu is a fairly new and active pen-test distribution. They have partnered with an Italian IT security company for future nUbuntu certification and training.
4) Network Security Toolkit: NST is a Fedora based Live distribution and unlike some other pen-test distro NST can be used under virtual machine without any network configuration problems (from my experience). NST also have a unique Web User Interface to access tools and manage configurations.
5) PEENTO: A Gentoo based pen-test live cd (you could have guessed) that actually looks very nice. They are using Enlightenment for DE and has quite a few unique pen-test tools including GPU based cracking software pyrit.
There used to be a time when there were a lot of active pen-test projects out there, but eventually most of them died off from lack of updates. Notably Auditor, WHAX ( later merged in to backtrack), PHLAK to name a few. Which pen-test live cd do you use or tried before?
If you liked this article, please share it on del.icio.us, StumbleUpon or Digg. I’d appreciate it.