Kali Linux maintained and funded by Offensive Security Ltd. is first in our list. Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. Kali is the one of the best and favourite operating systems of hackers.

It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack, their previous forensics Linux distribution based on Ubuntu. Kali Linux has a dedicated project set-aside for compatibility and porting to specific Android devices, called Kali Linux NetHunter. It is the first Open Source Android penetration testing platform for Nexus devices, created as a joint effort between the Kali community member “BinkyBear” and Offensive Security. It supports Wireless 802.11 frame injection, one-click MANA Evil Access Point setups, HID keyboard (Teensy like attacks), as well as Bad USB MITM attacks.

Features : BackTrack (Kali’s predecessor) contained a mode known as forensic mode. This capability was carried over to Kali via live boot. This mode is very popular for many reasons such as many Kali users already have a bootable Kali USB drive or CD, and this option makes it easy to apply Kali to a forensic job. There are however some changes to forensic mode over the regular operation of the system, such as forensic mode doesn’t touch the hard drive or swap space and auto mounting is disabled. However, it is recommended by the developers that if Kali is going to be used for real world forensics that these things be tested in that environment.

Supported Platforms : Kali Linux is distributed in 32- and 64-bit images for use on hosts based on the x86 instruction set and as an image for the ARM architecture for use on the BeagleBoard computer and on Samsung’s ARM Chromebook. Kali Linux is already available for BeagleBone Black, HP Chromebook, CubieBoard 2, CuBox, CuBox-i, Raspberry Pi, EfikaMX, Odroid U2, Odroid XU, Odroid XU3, Samsung Chromebook, Utilite Pro, Galaxy Note 10.1 and SS808.

BackBox is an Ubuntu-based Linux distribution penetration test and security assessment oriented providing a network and informatic systems analysis toolkit. BackBox desktop environment includes a complete set of tools required for ethical hacking and security testing.

Features : It includes some of the most used security and analysis Linux tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, also including vulnerability assessment, computer forensic analysis and exploitation. Part of the power of this distribution comes from its Launchpad repository core, constantly updated to the latest stable version of the most known and used ethical hacking tools. The integration and development of new tools in the distribution follows the open source community, particularly the Debian Free Software Guidelines criteria.

Parrot Security OS (or ParrotSec) is a GNU/LINUX distribution based on Debian. It was built in order to perform penetration tests (computer security), Vulnerability Assessment and Mitigation, Computer Forensics and Anonymous Surfing. It has been developed by Frozenbox’s Team. Like Kali Linux Parrot Security OS is also hackers favourite operating system.

Parrot is based on Debian’s stable branch (jessie), with a custom hardened linux 4.1 kernel with a grsecurity patched branch available. It follows a development line of rolling release kind.The desktop environment is MATE, fork of Gnome 2, and the default display manager is LightDM.The project is certified to run over machines which have 265Mb of RAM at least and it is suitable to both 32bit (i386) and 64bit (amd64), with a special edition it works on old 32bit machines (486). Moreover, the project is available for armel and armhf architectures. It even offers an edition (both 32bit and 64bit) developed for servers only to carry out cloud pentesting.

Features : Parrot Security OS is a security oriented operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonymity and cryptography.

Live Hacking OS is a Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. It includes the graphical user interface GNOME inbuilt. There is a second variation available which has command line only, and it requires very less hardware requirements.

DEFT stands for Digital Evidence and Forensic Toolkit and it’s an open source distribution of Linux built around the DART (Digital Advanced Response Toolkit) software and based on the Ubuntu operating system. It has been designed from the ground up to offer some of the best open source computer forensics and incident response tools that can be used by individuals, IT auditors, investigators, military, and police.

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

The Network Security Toolkit (NST) is a Linux-based Live CD that provides a set of open source computer security and networking tools to perform routine security and networking diagnostic and monitoring tasks. The distribution can be used as a network security analysis, validation and monitoring tool on servers hosting virtual machines. The majority of tools published in the article “Top 125 security tools” by Insecure.org are available in the toolkit. NST has package management capabilities similar to Fedora and maintains its own repository of additional packages.

Features : Many tasks that can be performed within NST are available through a web interface called NST WUI. Among the tools that can be used through this interface are nmap with the vizualization tool ZenMap, ntop, a Network Interface Bandwidth Monitor, a Network Segment ARP Scanner, a session manager for VNC, a minicom-based terminal server, serial port monitoring, and WPA PSK management.Other features include visualization of ntopng, ntop, wireshark, traceroute, netflow and kismet data by geolocating the host addresses, IPv4 Address conversation, traceroute data and wireless access points and displaying them via Google Earth or a Mercator World Map bit image, a browser-based packet capture and protocol analysis system capable of monitoring up to four network interfaces using Wireshark, as well as a Snort-based intrusion detection system with a “collector” backend that stores incidents in a MySQL database. For web developers, there is also a JavaScript console with a built-in object library with functions that aid the development of dynamic web pages.

Bugtraq is an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It is a high-volume mailing list, and almost all new vulnerabilities are discussed there.Bugtraq team is experienced freaks and developers, It is available in Debian, Ubuntu and OpenSuSe in 32 and 64 bit architectures.

NodeZero is an open source Linux kernel-based operating system derived from the world’s most popular distribution of Linux, Ubuntu, and designed to be used for penetration testing operations. The distro is available for download as a dual-arch Live DVD ISO image, which will run well on computers that support both 32-bit (x86) and 64-bit (x86_64) instruction set architectures. Besides the fact that it allows you to start the live system, the boot menu contains various advanced options, such as the ability to perform a system memory diagnostic test, boot from a local drive, start the installer directly, as well as to boot in safe graphics mode, text mode or debug mode.

NodeZero’s default graphical desktop environment is powered by GNOME, which uses the GNOME Classic interface. It features a two-panel layout, and uses Ubuntu’s default software repositories. Keep in mind though, that you must first log into the live session with the username nodezero and without a password.With NodeZero you will have instant access to over 300 penetration testing tools, as well as a set of basic services that are needed in penetration testing operations. Default applications include the Mozilla Firefox web browser, F-Spot photo manager, Rhythmbox music player, PiTiVi video editor, Transmission torrent downloader, Empathy multi-protocol instant messenger, and OpenOffice.org office suite.

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable livecd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches – with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

Source: https://techlog360.com