iEntry 10th Anniversary
LinuxHaxor
WH
MH5 Best Pen-Test Linux Distributions
Linux distributions are often customized to perform many specialized tasks cater to a particular industry, hobby or business. Security Penetration testing is one such niche where professional (and hobbyists) use customized Linux distributions with the whole purpose of doing security tests on networks and personal computer (hopefully with permission). Most of these distribution are live CDs which can be used without having to install them to your computer. Today we will take a look at some of best Pen-test distributions out there.
1) BackTrack: Backtrack is the most widely known pen-test distribution out there. The latest release (4 Beta) has been ported to Debian/Ubuntu from Slackware and now can be installed locally as a full distribution and tools can be updated using Backtrack repositories. Backtrack includes more than 300+ security tools.
2) Knoppix STD: As the name suggests this distribution is based on Knoppix and STD stands for Security Tools Distribution. This distribution didn’t get any update (like most pen-test distros) in a long time and might not work on some new hardwares but they have a fairly good collection of tools. xfce fluxbox is used for desktop environment.
3) nUbuntu: Based on Ubuntu and fluxbox, nUbuntu is a fairly new and active pen-test distribution. They have partnered with an Italian IT security company for future nUbuntu certification and training.
4) Network Security Toolkit: NST is a Fedora based Live distribution and unlike some other pen-test distro NST can be used under virtual machine without any network configuration problems (from my experience). NST also have a unique Web User Interface to access tools and manage configurations.
5) PEENTO: A Gentoo based pen-test live cd (you could have guessed) that actually looks very nice. They are using Enlightenment for DE and has quite a few unique pen-test tools including GPU based cracking software pyrit.
There used to be a time when there were a lot of active pen-test projects out there, but eventually most of them died off from lack of updates. Notably Auditor, WHAX ( later merged in to backtrack), PHLAK to name a few. Which pen-test live cd do you use or tried before?
If you liked this article, please share it on del.icio.us, StumbleUpon or Digg. I’d appreciate it.
Loading ...
Good post, except knoppixSTD uses fluxbox, not xfce. And if your going to mention something as out dated as STD, you should also include the Professional Hackers Linux Assault Kit (PHLAK), which was a great live Pen-test distro.
@evilgold Thanks I corrected the DE, I did mention PHLAK at the end. I guess I have a soft side for KnoppixSTD, its used to be a great PT distro during its time. Too bad they don’t maintain it anymore.
Take a look at this new live CD from OWASP:
OWASP Live CD and Web Application Security -
http://appseclive.org/
Don’t forget Samurai WTF - http://samurai.inguardians.com/
Not security related, but a neat little distro is Puppy Linux*. ^^
*http://puppylinux.org/
Whoppix, was great, was renamed to WHAX, then merged with Backtrack. I still have a copy of Whoppix around, but havn’t tried anything newer.
not a security testing distro but we can easily build-up one on Slitaz linux http://slitaz.org/en it’s less than 30MB with FF, OB, n many othr stuff already installd. We can make it a powerful thing for less than 100MB with all the software we need.
Installs to usb or cd n also hdd