I do not know much about hacking, even in my dreams. Lol!
But sometimes I take out my time to browse about anything. I do this because I think I should have some limited knowledge about any technological process that I know could help me someday, since I use the internet a lot. For example, as a website owner I think I should know something about HTML and CSS (at least), that’s why I browse little on them sometimes. I may not come up to be a website coder, but having such uncommon knowledge will help me a lot.
Sometime ago I learnt how to create viruses that could crash a computer, just for fun. I also learnt how to hack into a password protected computer without loosing it’s files. I will make a post on this in the future. I’ve come across websites that upload tutorials to make some little things here and there happen, and I have tried some of what they teach out of curiosity and to see if they really work. Knowledge like that will help me know when people might be trying to get into my online accounts.
The list I make here is quite interesting, maybe there are some of these applications you may not have heard of before.
However, it is always difficult to make this type of “Top” lists since (as far as I know) there are no official statistics to back it up, and everyone has his own likes and preferences. You can argue the reasons why the list you found other places is better than this one without any worry. But I have planned my selections well and know that it is going to tell you something good.
Kali Linux which will be featured here, for instance, has been very popular for the huge list of tools that are available on the site, and for appearing in the series of Mr. Robot. I would say that Kali is a distribution par excellence and is widely used.
Let’s see what you think about this list. I put them in categories so that you can easily know what a particular Operating System is related to.
1. Kali Linux
Without a doubt this is the most famous operating system used for pentesting. From the creators of BackTrack, it is a distribution based on Debian and is available for many different platforms such as VMware, Arm, etc.
This operating system is based on Debian GNU/Linux mixed with Frozen box OS and Kali Linux and, with this combination, provides an excellent experience for intrusion tests and security tests. It has many features such as custom anti-forensic tools, GPG, etc.
Arch Linux is the minimalist system par excellence. It follows the KISS (Keep it Simple and Short) principle . Arch Linux uses its Pacman package manager, which combines simple binary packages with an easy-to-use package compilation system. There is also BlackArch that can be used independently or installed on the base system and comes with many pre-installed tools.
BackBox is a Linux distribution based on Ubuntu. It can work easily in a low performance device and has been developed specifically for intrusion testing and security audits. The new version has interesting features that include forensic analysis, documentation and reporting and reverse engineering.
Samurai Web Testing Framework is a live distro that has been preconfigured to function as a web pentesting test environment. It includes many essential tools such as WebScarab, rat proxy, w3af, Burp Suite and BeEF.
If you are completely noob in Linux this is the best OP to start with. It is a collection of hundreds, if not thousands, of open source security tools. The best thing about Knoppix is that it is meant to be used by both novice and security professionals.
Pentoo is based on Gentoo Linux and is a pentesting distro that uses Enlightenment E17 as a desktop. It works on 32 and 64 bits. It includes drivers to inject packets for wifi, software for cracking by GPU and numerous tools.
WifiSlax is an excellent distro for audit and security based on Slackware. It includes numerous port and vulnerability scanners, exploit design tools, network traffic sniffers, forensic analysis tools and, above all, wireless network audit (hence its name). In fact it incorporates a large number of drivers for various Wi-Fi cards that are not officially supported in the Linux kernel.
GnackTrack is basically a combination of pentesting tools and the Linux Gnome desktop. Gnacktrack is both Live CD and installable, and is based on Ubuntu. Following the backtrack philosophy, Gnacktrack comes with multiple tools that are useful to make an effective pentest.
NodeZero was considered as one of the most practical operating systems for pentesting. It is based on Ubuntu and is well known for including the THC IPV6 toolkit with tools like alive6, detect-new-ip6, dnsdict6, two-new-ip6, fake-advertise6, fake-mipv6, fake_mld6, fake_router6, implementation6, implementation6d, parasite6, recon6, redirect, rsmurf6, sendpees6, smurf6, toobig6 and trace6.
The “sister minus” of WiFiSlax, is designed and designed for the security audit of WiFi, Bluetooth and RFID networks. It includes a long list of security tools and wireless auditing ready to be used, specialized in wireless auditing, in addition to adding a series of useful launchers.
Security Onion is designed to detect intrusions and monitor network security. It is based on Xubuntu LTS. Bring tools such as the Wireshark sniffer and intrusion detection software such as Suricata together.
This operating system is based on Fedora and works on both 32-bit and 64-bit platforms. It comes in the form of Live Cd so if we want it is not necessary to install it. The main reason for the development of NST was to provide the security administrator and the network administrator with a complete set of Open Source Network Security Tools.
Privacy and Anonymity
Tails starts from a live-DVD, USB or SD card. Tails runs completely inside the RAM, which means that once the computer is turned off, all traces of activity are cleaned. In addition, Tails promotes anonymity by routing all traffic through the Tor network and uses a variety of encryption tools.
Qubes OS uses the Xen Hypervisor to run a series of virtual machines, separating ‘personal’ life from ‘work’, ‘Internet’ and so on for security reasons. This means that if you accidentally download malware on the your machine, for example, personal files will not be compromised.
Whonix is designed to run inside a virtual machine. This provides another layer of protection, since malware attacks are contained in the virtual machine. As an added benefit, all user traffic is automatically configured to be sent through the Tor network.
Like the Tails operating system, the main attraction of Ipredia is that all Internet traffic is redirected to protect its anonymity. Ipredia however uses the I2P network. It also reconfigures a great variety of software for anonymity. Users also have access to “eepsites” (sites hosted anonymously using special domains ending in .i2p).
It is the successor of Ubuntu Privacy Remix. Store the data in RAM or on a USB memory. It can be run in Live mode, and it also allows you to store some of its settings in an encrypted Cryptobox. Another interesting feature is that kernel modules can only be installed if they have been digitally signed by the Discreete Linux team.
Subgraph is a “superfortified” distro. It adds to the kernel a series of security improvements and creates virtual “boxes” around applications with certain risk such as web browsers. It includes a custom firewall that also routes all outgoing connections through the Tor network. Encryption of your file system is mandatory.
TENS (Trusted End Node Security) has been designed by the United States Air Force and is approved by the NSA (National Security Agency). The public version of TENS is specifically designed to run in Live mode, which means that any malware is removed when it is turned off. It includes a minimum set of applications, but there is also a ‘Public Deluxe’ version that comes with Adobe Reader and LibreOffice. All versions include a customizable firewall, and it is also worth noting that this operating system supports login through Smart Cards.
Linux Kodachi is a Debian-based operating system with a light XFCE desktop that claims to be as secure, anti-forensic and anonymous as possible, while being very easy to use.
CAINE means Computer Aided Investigative Environment and is one of the most complete Linux distributions for forensic analysis. This distribution works like Live DVD and does not touch absolutely any data of the hard disk where it is started.
DEFT is the acronym for Digital Evidence & Forensic Toolkit. It is a live CD for forensic analysis based on Linux distribution Xubuntu. It is designed to meet the needs of system administrators, police, investigators and forensic computer specialists.
Hacking I would say is not easy and that is why it requires top OPs like the ones I listed above. If you want to learn hacking I think you should consider looking into some of them. Choose the ones your type of work may require.
Do you know of any good operating system commonly used by hackers that I forgot to include here? Share it in the comment box below and also share the post with your friends.