Best Linux distros to Security and Penetration Testing in 2020
Since you are reading this, I’ll assume you are are looking to improve your security posture. If so you will want to adopt the habit of verifying the signature of software you download.
Here’s a list of various Linux distributions focusing on security. These distros provide multiple tools that are needed for assessing networking security and other similar tasks. The list is in no particular order.
Archstrike
ArchStrike (previously known as ArchAssault) is a project based on Arch Linux for penetration testers and security professionals.
It comes with all the best parts of Arch Linux amd additional tools for penetration testing and cyber security. ArchStrike includes thousands of tools and applications, all categorized into modular package groups.
There are around 5000 packages available for almost everything you need in various categories, and some of them are:
- Exploit
- Malware
- Spoofing/Sniffing
- DDoS
- Social Engineering
- Enumeration
- Networking
- Forensics
- Brute Force
ArchStrike is straightforward and lightweight, so give a try and see if that works for you.
BlackArch Linux
BlackArch is a penetration testing and security research distro built on top of Arch Linux.
BlackArch can be installed on top of Arch Linux or from ISO. Documentation is available in English, French, Turkish, and Brazillian language.
BlackArch has its own repository containing thousands of tools organized in various groups. And the list is growing over time.
If you are already an Arch Linux user, you can set up the BlackArch tools collection on top of it.
Kali Linux
Kali Linux is the most widely known Linux distro for ethical hacking and penetration testing. Kali Linux is developed by Offensive Security and previously by BackTrack.
Kali Linux is based on Debian. It comes with a large amount of penetration testing tools from various fields of security and forensics.
Kali Linux is available in 64 bit, 32 bit, and virtual images to download. Lately, it was made available in AWS and Azure cloud.
Having more than 350 tools in the following category and extensive documentation makes Kali excellent.
- Information Gathering
- Vulnerability Analysis
- Wireless, Password, Hardware Attacks
- Web Applications
- Exploitation, Forensics. Stress Testing, Reporting
- Sniffing, Spoofing,
- Reverse Engineering
Kali is an open-source maintained by offensive security.
Samurai Web Testing Framework
Samurai Web Testing Framework is developed with the sole purpose of penetration testing on the web. Another aspect of this distro is that it comes as a virtual machine, supported by Virtualbox and VMware.
Samurai Web Testing Framework is based on Ubuntu and contains the best free and open-source tools that focus on testing and attacking websites.
It also includes a pre-configured wiki set up to store information during your penetration tests.
The virtual machine is pre-configured with many open source security tools, including the following.
- Fierce domain scanner
- Maltego
- WebScarab
- Ratproxy
- W3af
- Burp
- Beef
- AJAXShell
Bugtraq
Bugtraq is a Linux distro with a huge range of penetration, forensic and laboratory tools.
Bugtraq is available with the XFCE, GNOME and KDE desktop environments, in Ubuntu, Debian and OpenSUSE versions. It’s also available in 11 different languages.
Bugtraq packs in a huge arsenal of penetration testing tools: mobile forensics, malware testing laboratories and tools specifically designed by the Bugtraq community.
Bugtraq is an advanced, robust pen-testing platform available in 11 languages. It comes with more than 500 security tools and ready to download in either 32bit or 64bit.
Bugtraq is based on GNU/Linux, so you get an excellent menu and user-interface and the following customization.
- Syslinux boot entry
- Pressed file
- Services
- Kernel
Some of the following essential tools you will get with Bugtraq:
- Nessus
- Burt Suite
- Nikto
- Evil-grade
- Hydra
- Wireshark
- Beef
Want to get this installed on your Mobile? Good news, you can do that on Android.