A hacker is a highly skilled computer operator who uses bugs and exploits to break into computer systems and networks. An ethical hacker, on the other hand identifies vulnerabilities in computer systems and networks, and plugs these holes. Here’s a round-up of the best OS’s for ethical hacking and pen testing.
Hacking has been a part of computing since 5 decades, and it is a broad area, covering a range of tasks. The term hacker originated in 1960 at MIT.
Hacking is regarded as a process of locating all possible back doors that exists in computer system or network and finally intruding into it. In simple terms, it is regarded as an unauthorised activity to gain access to a computer system or a network to harm or prevent it’s normal functions and to steal it’s sensitive information available on computing systems.
On the other hand, hacking can also be a legal activity when it is used to discover back doors and weaknesses in computer systems in order to patch them. This is called ethical hacking.
In today’s cyber world lots of varied attacks happen every hour and are achieved by professional hackers, virus writers and crackers. The most basic tool required by every hacker is a hacking operating system. Usually the OS is based on the Linux kernel. These OS’s are regarded as advanced working stations, which includes lots of ethical hacking tools and penetration software as well.
Now let’s talk about the Operating Systems which uses the Linux kernel one by one:
It is based on Debian-Linux distro and is especially designed for digital forensics and pen testing purposes. It is maintained and updated regularly by Offensive Security Ltd. under the leadership of Mati Aharoni. Kali comes with pre-installed with more than 300 pen testing tools and can be installed as a primary operating system on the hard disk, live CD, USB and can even run as virtual machine using some virtualisation software.
Information gathering: These tools are used to gather information regarding DNS, IDS/IPS, network scanning, operating system, routing, SSL, SMB, VPN, VOPI, SNMP, email and VPN.
Vulnerability assessment: These tools access the CISCO network and discover vulnerabilities in several databases servers.
Web applications: These tools are related to Web Apps like content management systems, database exploitation, application proxies, Web vulnerabilities, scanners, etc.
Password attacks:These tools perform password attacks via brute force, dictionary attacks, etc.
Exploitation tools: These exploit vulnerabilities in target system for networks, the Web and databases, and to perform social engineering attacks.
Sniffing and spoofing:These tools sniff the network and Web traffic.
Maintaining access: These tools maintain access to the target machine, to access the OS back doors and tunnelling.
Reporting tools: These document the pen testing process.
System services: These tools contain various pen-testing services like Apache, MySQL, SSH and Metasploit services. Kali Linux is bundled with several tools that perform wireless attacks, reverse engineering, stress testing, hardware hacking and forensics.
BackBox Linux is an Ubuntu-based distribution developed to perform penetration tests and security assessments. It is designed to be fast and easy to use. It provides a minimal yet complete desktop environment, thanks to its own software repositories, which are always updated to the latest stable versions of the most often used and best-known ethical hacking tools.
The main aim of BackBox is providing an alternative, highly customizable and well performing system. BackBox uses the light window manager Xfce.
It includes some of the most used security and analysis Linux tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, also including vulnerability assessment, computer forensic analysis and exploitation.
Part of the power of this distribution comes from its Launchpad repository core, constantly updated to the latest stable version of the most known and used ethical hacking tools. The integration and development of new tools in the distribution follows the open source community, particularly the Debian Free Software Guidelines criteria.
Parrot Security OS
Parrot (formerly Parrot Security OS) is a Debian-based, security-oriented distribution featuring a collection of utilities designed for penetration testing, computer forensics, reverse engineering, hacking, privacy, anonymity and cryptography. The product, developed by Frozenbox, comes with MATE as the default desktop environment.
ParrotSec is intended to provide a suite of penetration testing tools to be used for attack mitigation, security research, forensics, and vulnerability assessment
Parrot is based on Debian’s testing branch (Buster), with a custom Linux 4.19 kernel. It follows a rolling release development model.
The desktop environment is MATE, and the default display manager is LightDM.
The project is certified to run on devices which have a minimum of 256MB of RAM, and it is suitable for both 32-bit (i386) and 64-bit (amd64) processor architectures. Moreover, the project is available for ARMv7 (armhf) architectures. It even offers an edition (both 32-bit and 64-bit) developed specifically for servers to carry out cloud service penetration testing.
In June 2017, ParrotSec announced they were considering to change from Debian to Devuan, mainly because of problems with the highly controversial systemd.
As of January 21st, 2019, the Parrot Linux team will be phasing out the development of 32-bit (i386) versions of all future operating systems.
Types of Editions
Parrot Home: Parrot Home is a special edition of Parrot designed for daily use, and it targets regular users who need a lightweight, always updated and beautiful system on their laptops or workstations.
The distribution has the same look and feel of a regular Parrot environment and includes all the basic programs for daily work. Parrot Home also includes programs to chat privately with people, encrypt documents with the highest cryptographic standards or surf the net in a completely anonymous and secure way.
The system can also be used as a starting point to build a very customized pentesting platform with only the tools you need, or you can use it to build your professional workstation by taking advantage of all the latest and most powerful technologies of Debian without hassle.
Parrot Studio: Designed for students, producers, video editing and all related professional multi-media creation. This edition’s goals are to provide a reliable workstation for a multi-purpose computing.
Parrot ARM: A lightweight Parrot release for embedded systems, aimed for simplicity and portability. Supported hardware brands are Raspberry Pi, Orange Pi, Pine64, and Cubieboard.
DEFT (Digital Evidence & Forensic Toolkit) is a customised distribution of the Ubuntu live Linux CD. It is an easy-to-use system that includes excellent hardware detection and some of the best open-source applications dedicated to incident response and computer forensics.
Samurai Web Testing framework
The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This VM also includes a pre-configured wiki, set up to be the central information store during your pen-test.
Network Security Toolkit
Network Security Toolkit (NST) is a bootable live CD based on the Fedora distribution. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools. What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
Many tasks that can be performed within NST are available through a web interface called NST WUI. Among the tools that can be used through this interface are nmap with the vizualization tool ZenMap, ntop, a Network Interface Bandwidth Monitor, a Network Segment ARP Scanner, a session manager for VNC, a minicom-based terminal server, serial port monitoring, and WPA PSK management.
BlackArch Linux is an Arch Linux-based distribution designed for penetration testers and security researchers. It is supplied as a live DVD image that comes with several lightweight window managers, including Fluxbox, Openbox, Awesome and spectrwm. It ships with over a thousand specialist tools for penetration testing and forensic analysis.
It’s a mixture of Parrot and Kali OS in short.
Thank you for reading and stay tuned for more updates!