top linux distros for ethical hacking



Hello everyone! This article is to help those of you who are new/newish to ethical hacking and are getting ready to make the jump (but haven’t decided on which one) to a Linux Distribution (OS). While Windows may be good for a couple things (mainly for “crackers”), it does not allow us to do the seriously heavy lifting, or the seriously heavy penetration tests, that Linux allows us to do. Why is that? In my own personal opinion it comes down to one thing, open-source(ness) and the community of people who are behind creating Linux Distros. and expanding the community. Without the constraints of a closed-source OS like Windows or the Mac OSX, Linux allows people to create applications to their hearts content, then, SHARE IT WITH EVERYONE FOR FREE! If it’s good, then you get a community behind it and BOOM!, programmers in the community adding to it, trimming it down, making it more powerful, whatever! This is what allows ethical hacking to thrive on Linux. If you want to be a true “L337 Hacker” (Sorry for that reference, couldn’t resist ;)), grab a Linux Distro. (they’re free, no strings attached) and get to learning!

So how do I know what Linux Distro is a good one to get for ethical hacking?
In all honesty, it is whatever Linux Distro you feel the most comfortable using. Cop out answer I know, but this statement is true. Whatever you have a good time using and become proficient using, that is the Linux Distro for ethical hacking that you should use.

Ok smart ass. So what Linux Distros should we start with until we find one we are comfortable with?
Now that is a good question! (MUAHAHA!) Below is a list I created testing some of the more popular Linux Distros for ethical hacking. While this list is in no particular order, I have however tried each and every one of these out. Please don’t jump on my shit if I missed your favorite distro, just add it to the comments below to expand the list for the noobies please. 🙂

List Of (My favorite) Linux Distros For Ethical Hacking
1.) Backtrack
Learning curve: Easy for beginners.
Probably the most popular Linux Distro for ethical hacking at the moment. Backtrack (there are 2 versions now R1 and R2) is a very beginner friendly distro as it is based off of Ubuntu Linux. Has a GUI (Gnome or KDE) for all you “I gotta SEE my desktop” people, and a metric ass ton of different applications for penetration testing (from easy to hard to use). While I liked Backtrack, I didn’t use a lot of the applications. Mostly stuck to around 10-15 different ones, so that became wasted space on my hard drive to me. Plus, I had the unfortunate “Nvidea graphics card” problems that took me a better part an hour to fix (thank God they have a very helpful community). Backtrack, while able to be installed as a standalone OS on a hard drive as an OS, it is more-so made to run as a live CD/DVD or as a Boot-able Thumb-drive.
From their site:

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community.

2.) Blackbuntu
Learning curve: Easy for beginners.
Another very “user-friendly” hacking distro that runs off of Ubuntu and uses the Gnome or KDE GUI as well. Unlike Backtrack though, Blackbuntu is made to be installed as a standalone OS on your hard drive. While I liked it, still a bit too many “extras” for my tastes. The community for Blackbuntu was also very friendly and helpful.
From their site:

Blackbuntu is a Linux distribution for penetration testing which is specially designed for training security students and practitioners of information security. It is currently built on Ubuntu 10.10 with the Gnome desktop environment. Blackbuntu will also include the KDE desktop in the final release of Blackbuntu Community Edition 0.3. It is not included in 0.1, 0.2 or the current 0.3 betas.

3.) BackBox
Learning curve: Easy for beginners.
Another very “user-friendly” hacking distro that runs off of Ubuntu. But, the biggest difference I noticed was the speed. Backbox ran quicker than Backtrack and Blackbuntu. Plus, they weren’t as “app bloated” in my opinion. Very nice and concise list of tools for pen-testing. The community for BackBox was also very friendly and helpful.
From their site:

Pro-actively protect your IT infrastructure with BackBox. It is the perfect security solution; providing pen-testing, incident response, computer forensics, and intelligence gathering tools. The most current release of BackBox Linux includes the latest software solutions for vulnerability analysis/assessment and pen-testing. It is one of the lightest/fastest Linux distros available on the Internet.

4.) Security Tools Distribution (STD)
Learning curve: Moderate.
This is the hacking distro for you if want more security apps than you know what to do with (lol, not kidding). Made as a bootable CD/DVD, not really made as a stand alone OS. Just tools in the pocket. The biggest thing about this distro is while you could do it, it’s not really made for “first-time” Linux users. Get a solid command line knowledge, then try it out. The community for STD was also very friendly and helpful.
From their site:

STD is meant to be used by both novice and professional security personnel but is not ideal for the Linux uninitiated. STD assumes you know the basics of Linux as most of your work will be done from the command line. If you are completely new to Linux, it’s best you start with another live Distro like Knoppix to practice the basics.

5.) NetSecL
Learning curve: Easy for beginners.
What!?! One that DOESN’T use Ubuntu!?! 😉 NetSecL is a very nice, lightweight, distro that runs off of OpenSUSE. Kinda sorta similar to Ubuntu, the big difference here is that if you have a laptop and not a desktop, OpenSUSE runs VERY nicely on it! So if you have a lappy toppy, I would recommend giving this on a go. The community for NetSecL was (mostly) friendly and helpful.
From their site:

NetSecL is a hardened,live and installable OS based on OpenSuse suitable for Desktop/Server and Penetration testing. Once installed you can fully enjoy the features of GrSecurity hardened kernel and penetration tools OR use the penetration tools directly from your live DVD. GrSecurity is a great security enhancement that you can enjoy with NetSecL and have a normally functional OS together with the NetSecL Firewall and Penetration tools you are always ready and know at what level your security is.

6.) Network Security Toolkit (NST)
Learning curve: Meh, easy.
Sorry I can’t write an honest review on this one. I am biased as I am not a fan of Fedora, which is what this runs on. If any of you would like to give some “objective” feedback on this, please leave it in the comments. Much obliged 😉
From their site:

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, geolocation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

7.) Pentoo
Learning curve: Meh, easy.
Besides being fun to say (PENTOOOOOOoooooo) Pentoo is basically just Gentoo Linux with security apps. Not bad, but kinda wish it was more it’s own OS, rather than a Gentoo clone with apps already built in.
From their site:

It’s basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included :
Kernel with lzma and aufs patches
Wifi stack 2.6.32_rc7
Module loading support ala slax
Changes saving on usb stick
Enlightenment DR17 WM
Cuda/OPENCL cracking support with development tools
System updates if you got it finally installed
Put simply, Pentoo is Gentoo with the pentoo overlay. This overlay is available in layman so all you have to do is layman -L and layman -a pentoo.

I hope that this helped steer you in the right direction for picking out a Linux (ethical) hacking distro to begin with. As you get more comfortable with Linux, you will start to find (or at least I have) you start kind of molding your own personal distro that fits your needs. As an example, I run Arch Linux and that isn’t even a pen-testing (based) distro. I like it because it is SUPER lightweight and fast (No GUI, All command line), and I just put what security apps I use on it and away I go! As you learn more and more Linux, your tastes will change, you will try new things, and eventually you will find your groove. But until you do, have fun, be safe, be smart, and happy hacking!

One Response to top linux distros for ethical hacking

  1. I had fun with Xiaopan Not really a full functioning distro- more like a compilation of tools. Fun!

Leave a Reply

Your email address will not be published. Required fields are marked *