In pentests, the security expert systematically examines the target system for security vulnerabilities. For this purpose, there are various Linux distributions that are precisely tailored for use in pentests. We have collected the six most important distributions and their advantages and disadvantages.
Kali: The top Dog among Tentest Distributions
Kali Linux is the most popular distribution for penetration testing and is based on Debian. Kali already comes with many tools for performing penetration tests. Thus, any system can be quickly and easily converted. The distribution also runs in Virtualbox on a Windows system. The toolset is extensive and includes all the important tools for various tests. Extensive documentation allows users to familiarize themselves quickly. In case of doubt, the large and active community helps with problems.
Parrot: Modern Distribution with Cloud Support and Encryption
Parrot is a younger distribution for penetration testing with a focus on cloud applications, anonymity on the Internet and integrated system encryption. It is based on Debian and relies on MATE as its desktop environment. Like Kali, Parrot Security OS has all the important tools for testing pre-installed. In addition, Parrot has some exclusive tools from the developer Frozenbox Network.
Testing Web Applications with Samurai
For those who only want to test web application security vulnerabilities, Samurai is a specialized distribution for web application penetration testing. The Samurai web testing framework is based on Ubuntu and can also be launched in Virtualbox and VMWare. Samurai is thus executable on any system in a short time. After the start you can immediately begin with the tests, because the most important tools are pre-installed. The workflow is also simplified by the integrated documentation tool, with which you can easily document the pentest. The distribution is an open source project and accordingly available free of charge.
Santoku: Mobile Apps in Focus
While Samurai specializes in web apps, Santoku is a Linux distribution for mobile app penetration testing. With its pre-installed tools, Santoku covers mobile forensics as well as security and malware analysis. The Linux distribution can be downloaded for free from the vendor's website.
Keep it Simple: BlackArch
BlackArch is based on Arch Linux, so it benefits from the speed and simplicity of the base while providing an equivalent feature set for pentests. Linux distributions offer users and developers a broad toolset and every conceivable modification option. For specific use cases, these distributions are often overloaded. Arch Linux takes a different approach and is a distribution that favors simplicity and a lean architecture.
Live Linux Distribution for Pentests: PenToo
Insert CD or USB stick respectively and start pentesting immediately: PenToo is a live Linux distribution that does just that. An installation is not necessary. The operating system takes all necessary data and tools from the data medium. PenToo thus writes no data to the hard disk and leaves no traces on the system used.
Conclusion: Linux distributions for Penetration Testing
The market of Linux distributions for pentesting has become extremely differentiated. As a user, you will find a distribution for each type of application that brings exactly the tools you need to perform the pentest. With most distributions an active community supports you in case of problems. To find the right Linux distribution for your use case, you should define the requirements exactly and compare them with existing solutions. Then you are well prepared for the penetration test!