Top Ten Penetration Testing Linux Distributions

Top Ten Penetration Testing Linux Distributions

Henry Dalziel | Pentesting Distros | November 7, 2012

This is the original content of the post here – hence why there are comments. This will be re-populated with the original once we’ve updated the other post!

Hope that makes sense!

  • Sniff3r

    Very nice and comprehensive article.
    I was wondering if you, or anyone has heard of or used another Linux distro not listed above, called CAINE(Computer Aided Investigation Environment). It’s a live CD. More VM be found here: I’d be interested in know what you think and how you feel it compare with other pentesting/forensics.

    I’ve used it a few times with success, but because its relatively unknown, and its not on NIST’s list of approved forensic distros, I’m curious what others think of it.


  • Great list! I was using Backtrack for last 2 years, and few months ago I switched to BackBox, and I am really satisfied with it. Works amazing!

    • Very interesting! Thanks for your post. What do you like about BackBox, have you stuck with that distro or do you go back to BackTrack?

      • BackBox looks more minimalistic, that’s why I really like it. I didn’t really make some test, but I have feeling that it is lighter and faster generally than Backtrack. I will stay with Backbox for sure for longer time. There is less tools available, but for me this is plus, cause anyway I didn’t use all the tools provided with Backtrack. In Backbox you have the most important, and all tools work good, without additional setup.

  • Hi all! I use bugtaq. After testing it I think is the most complete and easy to use for pentesting.

  • Robert

    I have not looked through this whole list but i am certain Damn Vulnerable Linux is NOT a Pentration Testing Linux Distributions. It is an operating system for attacking purposes.

    Otherwise nice post.

  • z4sk4

    Concise-Team, did you test it the Bugtraq distro?? on internet people say that all is configurated, an i dont know if its true or only marketing… for you who its the best?? backtrack, backbox, samurai, bugtraq blackbuntu…?

    • I still haven’t tested buqtraq but to answer your question – I am really impressed with backbox. Backbox just seems to work out of the box. I have only used backbox for a few days so am still new to it but I’ll certainly update the post in a week or two. Let us know if you do test Buqtraq. Thanks!

  • tribete

    Hi,everybody. There are a lot of distros, but in a distro is not only the tools, also the people have to look behinf the system and know how to manage that. For me the most complete distro and the best one (actually waiting for second release) is bugtraq. Not only has a lot of tools like backtrack and other distros, bugtraq give you also the possibility to execute windows programs and where works perfectly and no distro has that.
    Apparently for the second release is going to come with a ot of new stuff!! and has been though for the user 🙂

    • Thanks for your comment. Does Buqtraq execute windows via WINE? (Backtrack comes with WINE per-installed).

      • tribete

        Yes with wine, i saw they installed until netframework 2.0, also i hear the rumors that the next version they installed netframwork 4.0 and of course more tools will be able to work then ^^

        But more stuffs, it has malware you can AV,s etc..

        But im waitting for the second one apparently its comes with a lot of new surprises 🙂

        Im sorry im a bugtraq fan 😛

  • tribete

    And one thing i forgot to mention. BAcktrack is down… i used all releases from backtrack 5, and honestly sucks!, a lot of tools doenst work, when i want to use something i have to configure it by my self, tools from R1 now in R3 dissapear or are not working.

    People stop lying your self backtrack sucks 🙂

    • I have to agree with you. BT R52 and R53 simply don’t install on my machine (I think its because of my chipset) but anyways I had to spend a lot of time configuring basic things like sound, settings and some of the tools didn’t work. The main problem I had was that some of repo’s didn’t update. Anyways – I migrated to Backbox and so far I am really impressed. Backbox doesn’t run in root unlike BT. Maybe BT is better run as a live distro. Thanks for your comments.

      • tribete

        Well i didnt try backbox, i suggest you to try bugtraq, everything is configured, and everuything is automated. Also they give support in their website and thats makes a lot 😀

        I will try backbox ^^

  • sunil sidram bhosale

    I’ve been working in backtrack since long ago . It is really true that some of the tools don’t work and you have to sort out the problem . But I am not sure whether BACKBOX will really prove helpful to me as I work more than mere security . I will be very thankful if anybody helps me in knowing of a bruting the remote password application which works awesomely fast .

  • ghostofaaron

    And what about Kali-Linux? Kali Linux is faster than Backtrack



  • I’m still using BackTrack 4. I was never able to get any version of 5 to work on any of my machines except 1 and like reported above a lot of tools that were in the older versions were either difficult to find, not there or simply did not work.

    I plan to try BackBox (I like things that sound easy). I might also try BlackBuntu.

    I still have a knoppix disc around and probably use it second most next to BT4, but it sure is old, but it ALWAYS works on everything I try.

    Great article.


    • Thanks for the comment! I had exactly the same issue with BT5! Must have been something to do with the chipset I have on my laptop? In fact, the failure of BT5 to load correctly or even install made me switch to BackBox. The community are a nice and friendly bunch and I really get the impression that a lot of thought has gone into BackBox (BB). I actually use BB for my day to day OS – which wasn’t intentional it just happened and it works great! I guess the fact that BB is an Ubuntu derivative is the key.

      Yes KNOPPIX is the old man by the sea – been around for a long time! Thanks again for your comment!

      PS – I thought the Blackbuntu project was almost dead? Every time I hit the site it always says “please wait for the next release…”

      * You should check out our poll – we asked for everyone’s favorite distro – Kali Linux is first and BackBox is second which is impressive.

  • Souris Ash

    I’m currently using Kali Linux. But I’m not satisfied with it as after learning to use metasploit, I wanted to use armitage. But I really can’t get it running. I’m thinking of trying BT5 r3 and then, BackBox (sounds good!).
    Thanks for the article though, it has helped me a lot.

    Souris Ash

  • Anonymous

    I don’t know if you actually call Anonymous-OS an Operation system for Pen-Testing, but still it’s full
    of tools for DDoS (Distributed Denial of Service) and also Havji,

  • Anonymous

    Backtrack is outdated, Kali Linux replaced it.

  • Antron

    CAINE es el dios!!1

  • maz bagoes4all

    add to the list WIFISLAX It is adapted to Live Wifislax 4.6 compatible touch devices.

    These devices are compatible generally bring or support tablets windows 8 (full) and you can access your BIOS to disable the UEFI BIOS and select another boot.

    Currently supported devices are not to bring android serial.

    2 gb ram
    1 usb port or reader sd / micro sd card

  • ashwik

    hello everyone….i am new to this ethical hacking thingy. i am in search of a good hacking os. please suggest me one…..thankyou

  • kenza

    Hello excused me, I would like to have help.I have installed blackbuntu on my pc acer aspire E1 – 531, Ram: 4 gb, HDD:500 gb. Except that blackbuntu does not recognize my wifi card, what should I do?

    • hmmm. Not too sure is the answer. My hunch is that the blackbuntu repositories might not be updated but that is just a basic suggestion. Your best bet is to see if blackbuntu have a forum and ask there. Otherwise, try connecting via Ethernet and then update everything by ‘apt-get update’ and then re-boot….

      Let us know how you get on! Thanks for the post.

  • Sarah Salzstein

    Hi, can you add BlackArch Linux to this list, please?

  • Ssokar

    I see that parrot-sec is not on the list. Can you have a look and maybe put this up on the list if it meets your standards?
    I haven’t personally used it but i have heard amazing things about it from users i speak with. it has a nice variety of tools and *apparently* its quite easy to use and visually appealing. Let me know how you go 🙂 Thanks for the great posting, Awesome read.

  • Vaggelis

    Can you add backtrack – codename whydah to your list?
    It is very small, and can run on ram also ( > 1 )
    Based on slax with fluxbox
    thx 🙂

  • ChagorA

    what about Black ubuntu ?

    • We’d happily add it but their site seems to be down – we are not 100% sure that this distro is still in development. If you think otherwise please let us know and we will happily add it to our Linux Distro Pentesting List!

  • NtHntr

    it looks as though neither the author or readers here have ever even dipped their toes in the shallow end of pen testing. your first on the list distro is labeled as backtrack, however, you have the Kali desktop shown along with the motto… yes kali was formerly known as kali, that doesn’t make the info you provided any less wrong. Furthermore, it is a distro based on Debian, not Ubuntu. What kind of “journalist” doesn’t commit to the due diligence of research and reviewing. Oh and the praise and suggestions you people have left make it that much more ridiculous, this d-bag @jole… using backtrack for two years but still has no idea what a terminal is…

  • Mr. Robot

    I want to hack my university and banking systems all for the sake of education – which distro will suit me best?

    • Hhmm…ok…well – I’d strongly suggest that you don’t. If you are caught then you’ll be sent to jail. These days they are making examples of Cyber Crime so I’d be careful. To answer your question though, the ‘best’ distro is whichever one you feel comfortable using. I’d recommend Kali just because it has a lot of support. Learn the Hacking/ Pentesting Tools though.

  • Richard

    How about tails OS? is also included? or no?

Leave a comment or reply below...thanks!