Linux Penetration Testing distributions list

facebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Linux is widely used in many areas and applications, one of those is security, precisely in the Penetration Testing and network/system assessment. Along with the robustness and stability, the easy customization of the system allow the creation of custom made distribution with the favorite security tools. I hope this list is useful to find your security linux distribution. (tnx to for some links)- If your prefered Pentest/Security linux distribution isn’t listed, please contact me.

NodeZero is Ubuntu based linux designed as a complete system which can also be used for penetration testing. NodeZero uses Ubuntu repositories so your system will be always up to date. The system setup is basic and it’s primarly designed for disk installation and customization as you want. With NodeZero comes around 300 tools for penetration testing and set of basic services which are needed in penetration testing. Also we are preparing a repository of pentest tools so your system will be up to date at all time.

backtrack-linux, is the highest rated and acclaimed Linux security distribution to date. BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack your primary operating system, booting from a LiveDVD, or using your favorite thumbdrive, BackTrack has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.

GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it is most certainly not; it’s very similar but based on the much loved GNOME!

Samurai Web Testing Framework
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test. Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Live Hacking CD
Live Hacking CD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this ‘Live CD” runs directly from the CD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders.

Network Security Toolkit
Is bootable ISO live CD/DVD (NST Live)  based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit livecd. It features packet injection patched wifi drivers, GPGPU cracking software[2], and lots of tools for penetration testing and security assessment.

OWASP Live CD is a project that collects some of the best open source security projects in a single CD. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. This allows its users to test for various security issues in web applications and web sites.

Arudius is a Linux live CD with tools for penetration testing and vulnerability analysis. A so-called “Linux live CD” is essentially a Linux operating system that is bootstrapped and run directly from a standard CD-ROM. This allows for improved portability of the operating system and for running a variety of Linux software on almost any physical system without affecting the host operating system installed on the hard disk. This is the concept that Arudius exploits as well. Currently, Arudius features more than 140 different security tools and packages.

WeakNet Linux is designed primarily for penetration testing, forensic analysis and other security tasks. The default desktop environment is GNOME.

BackBox is a Linux distribution based on Ubuntu Lucid 10.04 LTS developed to perform penetration tests and security assessments. Designed to be fast, easy to use and to provide a minimal yet complete desktop environment thanks to its own software repositories always been updated to the last stable version of the most known and used ethical hacking tools.

Matriux is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system. With Matriux, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hardisk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.

Secmic is a live Linux security distribution that may be used by security professionals or for educational purposes. It is free to download, and always will be. It comprises over 200 security oriented open source applications and maintains Ubuntu/Kubuntu update compatibility; meaning you will be able to receive security updates directly from the Ubuntu/Kubuntu repositories. b43 / wl hybrid compatibility is included with this Remastersys backup.

Security tools distribution
STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.

NetSecL Linux is by default with hardened configuration leaving the distribution at a security level where it is still usable and providing the tools needed to test your security. GrSecurity and it’s firewall are features that makes the distribution unique along with specially compiled packages:Amap, Ettercap, Hydra, Kismet, Nessus, Nmap, Metasploit, PADS.

VAST is a VIPER Lab live distribution that contains VIPER developed tools such as UCsniff, videojak, videosnarf and more. Along with VIPER tools and other essential VoIP security tools, it also contains tools penetration testers utilize such as Metasploit, Nmap, and Hydra.This distribution is a work in progress. If you would like to see a tool or package included please feel free to suggest them and I will do what I can to make it happen.

Blackbuntu CE 0.1
Linux Penetration Testing Tools Box Based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security.

Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Able, and many more.


  1. great…. awesome

  2. Yuriy Stanchev
    July 10, 2012 - 10:53 am


    Thank you for the publication about NetSecL. Could I please ask you just to correct the url to

    Thanks in advance,

  3. I also tried re-rooting the tablet with your instructions and running the same commands and still receive the permission denied. This is with the Starburst ROM as well.

  4. hey, could you add Parrot Security OS??

    and remember to change backtrack with kali

Leave a Reply

Your email address will not be published / Required fields are marked *