Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best Linux Distro for Pentesting??


  • Please log in to reply
41 replies to this topic

#1 Encryption

Encryption

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 13 July 2015 - 04:39 PM

I'm using Kali atm. But I know there is a lot of others, I mostly do wireless pentesting (i have a card that supports packet injection), can anyone tell from experience the best?



BC AdBot (Login to Remove)

 


#2 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:22 PM

Posted 13 July 2015 - 04:53 PM

I've used Slax and Puppy a long time ago on USB,so you can try those .



#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:22 PM

Posted 13 July 2015 - 05:20 PM

Well, another good one I know is Backbox Linux.

https://www.backbox.org/

I know a lot of pentesters uses it, thought they use it mainly for malware analysis and reverse engineering purposes but it's still interesting.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 Guest_Kaosu_*

Guest_Kaosu_*

  • Guests
  • OFFLINE
  •  

Posted 13 July 2015 - 07:57 PM

You probably aren't ready to muck around with penetration testing if you have to ask this type of question. I don't mean to sound harsh, but there are two key reasons why I can't take anyone seriously that asks basic support questions about penetration testing distributions:

 

  1. Using a penetration testing distribution usually means you have enough knowledge to be able to research basic problems on your own
  2. If someone using this type of distribution is unable to research and correct basic problems on their own, that usually means they are a script kiddie looking to exploit innocent victims using the automated tools provided by such a distribution

Coming to Bleeping Computer and asking this type of question is akin to asking a public forum how to create a virtual lab for malware analysis. If you have to ask how to do it, you're clearly not ready for the associated risks that are inevitably ahead.

 

I don't think these type of threads should be supported on Bleeping Computer. While these distributions have a lot of legitimate uses and are extremely useful, most of the people using them are likely just out to exploit the same type of novice users that come here asking for help. There is already enough information out there that would answer 90% of the questions people would ask about anyway, so there is little point in providing support to would-be attackers.


Edited by Kaosu, 13 July 2015 - 08:01 PM.


#5 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,915 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia

Posted 13 July 2015 - 08:49 PM

 

 

I don't think these type of threads should be supported on Bleeping Computer.

I tend to agree with you.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#6 Encryption

Encryption
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 13 July 2015 - 09:22 PM

You probably aren't ready to muck around with penetration testing if you have to ask this type of question. I don't mean to sound harsh, but there are two key reasons why I can't take anyone seriously that asks basic support questions about penetration testing distributions:

 

  1. Using a penetration testing distribution usually means you have enough knowledge to be able to research basic problems on your own
  2. If someone using this type of distribution is unable to research and correct basic problems on their own, that usually means they are a script kiddie looking to exploit innocent victims using the automated tools provided by such a distribution

Coming to Bleeping Computer and asking this type of question is akin to asking a public forum how to create a virtual lab for malware analysis. If you have to ask how to do it, you're clearly not ready for the associated risks that are inevitably ahead.

 

I don't think these type of threads should be supported on Bleeping Computer. While these distributions have a lot of legitimate uses and are extremely useful, most of the people using them are likely just out to exploit the same type of novice users that come here asking for help. There is already enough information out there that would answer 90% of the questions people would ask about anyway, so there is little point in providing support to would-be attackers.

 

I think you are misunderstanding the entire thread, I have done a lot of pentesting in the past, I'm asking what distribution best suits YOU from experience. And if you are formulating an Evil Twin attack using tools such as aircrack-ng, does that mean you are a skid?


Edited by Encryption, 13 July 2015 - 09:26 PM.


#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:22 AM

Posted 13 July 2015 - 10:48 PM

I appreciate that there may be risk jnvolved in giving out too much info, but I see no problem discussing this topic
. Pen testing is a valuable tool for businesses to learn and people to have to start learning from somewhere.

In my previous I routinely did pen testing on our own network and clients who requested it. I wish I had a place I could go and ask questions when I first started out.

In today's cyber threat landscape, every administrator should have some experience in doing security audits.

Now with that said, that does not mean I condone helping audit networks outside of their control, but I do like to
Give people the benefit of the doubt.

#8 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,915 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:01:22 PM

Posted 13 July 2015 - 11:04 PM

Thanks boss.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#9 Al1000

Al1000

  • Global Moderator
  • 7,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:03:22 AM

Posted 14 July 2015 - 04:13 AM

I think you are misunderstanding the entire thread, I have done a lot of pentesting in the past


What distros have you used for pentesting?

#10 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:06:22 PM

Posted 14 July 2015 - 07:55 AM

I feel like Kali is pretty much the defacto pen testing distro. It pretty much has anything you could want already installed on it, and if it doesn't its easy enough to go get it.

I used Backtrack (now Kali) in College for a couple classes. I also used Ubuntu and installed air-crack to try and break into the professors laptop he brought in for an assignment (note, when you have 10+ people trying to break into one laptop... it doesn't work out so well... lol).


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:22 PM

Posted 14 July 2015 - 08:02 AM

Backtrack and Kali are meant primarily to be "on the go" pentesting distro. Hence why it's a good thing to install them on USB flash drive and then whenever you can access a computer, you plug the USB in, boot from it and do your thing. Yet a lot of people uses it as their "main distro" and don't use half the programs in it. So they end up with a bloated distro.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:01:22 PM

Posted 14 July 2015 - 08:26 AM

Backtrack and Kali are meant primarily to be "on the go" pentesting distro. Hence why it's a good thing to install them on USB flash drive and then whenever you can access a computer, you plug the USB in, boot from it and do your thing. Yet a lot of people uses it as their "main distro" and don't use half the programs in it. So they end up with a bloated distro.

 

That is very true. If you are wanting to try out lots of different things, Kali is a good way to go. If you want something to be only for one type of attack, you are best using a smaller faster distro and installing the program yourself.

I like Kali since it has everything on there, but its just for playing around with.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#13 Encryption

Encryption
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:22 PM

Posted 14 July 2015 - 11:35 AM

 

I think you are misunderstanding the entire thread, I have done a lot of pentesting in the past


What distros have you used for pentesting?

 

 

Mostly Kali due to the fact I've mostly done wireless pentesting, so it has all I need, but I've snooped around BlackArch, BackBox, and some others.



#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:22 AM

Posted 14 July 2015 - 11:41 AM

I've heard of Black Arch. From what the website says, "The repository contains 1233 tools" so it might come light-weight and you can install whatever you want from that repo at least.

Edited by Aura., 14 July 2015 - 11:41 AM.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 marcoose777

marcoose777

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:22 PM

Posted 14 July 2015 - 12:45 PM

RE Kali:

Kali does contain lots of faff like WEP tools that quite honestly are not needed(why?? how many WEP's are you going to find legitimately), it can also be viewed as a vulnerability in it's own right since it's kernel isn't the most secure in its default installation (think PAX/GRSEC), one could probably harden Kali if need be; n.b. that's not trivial to get right. All things said you could also roll your own using tools that you know and trust and a bit of home brew magic thrown in for good order. My suspicion is that Kali propularity is booming because more and more some youngsters are looking to learn about the web/IT security and others the more nefarious end of the webz. I suspect the thread was started after a recent thread discussion where I may have suggested using a hardened linux pentest ditro over Kali for remote testing purposes. Note the tin foil hat ;), at the end of the day we use what ever tools we feel comfortable with, and find productive agreed.
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users