Linux是一个操作系统内核,已被用于许多事情。有用于游戏、商务、休闲和许多其他各种目的的发行版。但是您知道还有用于黑客攻击的Linux发行版吗?(Linux)
无论您是从事 IT 安全职业还是追求这一职业,学习特定领域的诀窍都可以帮助您在工作中做得更好。使用Linux及其各种发行版可以进一步了解道德黑客的用途,并为渗透测试做好准备。
9 款最适合黑客的 Linux 发行版(9 Best Linux Distros For Hacking)
那么Linux与 IT 安全有什么关系呢?一些Linux发行版提供各种工具来评估网络安全和其他类似任务。发行版之间的差异也因用户界面和提供的特定工具而异。
用于黑客和渗透测试的最著名和最常用的Linux发行版是(Linux)Kali Linux。它基于 Debian,由Offensive Security开发,继承了(Offensive Security)BackTrack的衣钵。
Kali Linux遵循滚动发布(Rolling Release)模式,发行版附带的每个工具(其中有很多)都会自动更新。Kali是目前最先进的渗透测试平台。因此,它的工具主要集中在安全和取证各个领域的渗透测试。
Kali Linux社区相当大并且仍然活跃,并且有大量可用的文档可供学习或复习一些可以使您受益的技巧和窍门。
该领域最好的发行版之一必须是基于 Ubuntu 的BackBox。它是专为渗透测试和安全评估目的而开发的发行版。它甚至拥有自己的软件存储库,提供各种系统和网络分析工具包和道德黑客工具的最新稳定版本。
BackBox在结构和视觉上都采用简约的方法设计,选择使用XFCE 桌面(XFCE desktop)环境。使用BackBox,您将在一个相当大且乐于助人的社区中获得闪电般快速、有效、高效且完全可定制的体验。
Frozenbox Network为我们带来了Parrot Security OS的新发行版之一。它的目标受众是需要在线匿名、系统加密和轻松访问云的渗透测试人员。
此列表中的另一个发行版基于Debian,它使用MATE作为其桌面环境。使用Parrot Security OS,您将获得几乎所有公认的渗透测试工具,以及来自开发商Frozenbox Network的一些独家定制工具。就像(Just)Kali Linux一样,Parrot Security OS也受益于滚动发布(Release)。
BlackArch用作具有自己的存储库的渗透测试和安全研究发行版。不断增长的存储库包含数千种不同的工具,这些工具被组织成不同的类别和组,以便于导航。
BlackArch的名字来源于它所构建的发行版Arch Linux。这意味着,如果您已经将Arch Linux作为首选Linux发行版,您可以轻松地在其上设置BlackArch工具集合。
Bugtraq带有多个桌面环境(XFCE、GNOME和KDE),它们基于不同的Linux发行版,如Ubuntu、Debian和OpenSUSE。它还提供 11 种不同的语言版本。
Bugtraq配备了大量由其忠实社区专门设计的渗透测试、取证和实验室工具。一些工具涉及恶意软件测试、移动取证和GSM频率审计工具。
接下来是数字(D)证据和取证(E)工具包(T)( DEFT ),它是为计算机(Computer)取证(F)开发的Linux发行(Forensics)版(DEFT)。DEFT的主要目的是能够运行实时系统,而不必担心外部资源(如外部或移动设备)的损坏或篡改。
DEFT通常与(A)Windows操作系统的(Windows)取证(R)系统配对,称为数字(D)高级响应工具包(T)或DART。DART包含用于取证和事件响应的最佳工具。
开发DEFT(DEFT)的工作人员一直在帮助开发新系统,以帮助执法、军队和政府官员。
Samurai Web 测试框架(Samurai Web Testing Framework)作为虚拟机出现,是为在线渗透测试而开发的。它基于Ubuntu,并包含许多出色的开源工具,可以优先考虑网站攻击。
Samurai Web 测试框架(Samurai Web Testing Framework)更有趣、更方便的功能之一是它包含一个预配置的Wiki设置,用于在渗透测试期间存储信息。
这个框架确实带有一些先决条件,例如Vagrant,这是一个最适合VirtualBox的开发环境。
基于Gentoo Linux 的Pentoo是一个专注于安全和渗透测试的发行版。它可以作为具有持久性支持的LiveCD使用,这意味着只要您使用USB记忆棒,实时进行的所有更改都将保留并在下次启动时可用。
Pentoo是Gentoo的翻版,除了有大量专注于安全和渗透测试的定制工具外。任何熟悉Gentoo工作原理和界面的人都可以轻松适应Pentoo工作环境。它也可以作为任何已经使用Gentoo作为他们首选的Linux发行版进行黑客攻击的人的覆盖。
如果您当前或潜在的职业是法医专家,那么计算机辅助(IN)环境( CAINE )就是(C)适合您的发行(E)版(CAINE)。(A)创建它的唯一目的是帮助和测试数字取证。
CAINE提供内置的调查工具,支持 liveDVD 会话,并运行更老式的Linux桌面环境方法。CAINE的取证工具选择是一流的。从菜单中,您会发现 18 个应用程序以及四个额外的子文件夹,其中包含专注于内存、数据库、移动和网络取证的其他专业取证工具。
这是一个严肃的黑客发行版,它提供的标准Linux程序比您在大多数通用Linux发行版中可能找到的要多。在视觉(Visually)和功能上,CAINE没有更新、更用户友好的发行版那么华丽,但它的所有业务方法都可以完成工作
9 Best Linux Distros For Hacking
Linux is an opеrating sуstem kernel that has been used for many thingѕ. There are distros for gaming, business, leisure, and many other various purposes. But did you know that there are alsо Linux distros for hacking?
Whether you’re in an IT security career or pursuing one, learning the ropes in your specific field can help you become better at your job. Using Linux and its varying distros can further your understanding of the uses of ethical hacking and get ready for penetration testing.
9 Best Linux Distros For Hacking
So what does Linux have to do with IT security? Some Linux distros provide various tools for assessing networking security and other similar tasks. The differences between the distros also vary based on user-interface and the specific tools offered.
The most well-known and used Linux distro for hacking and penetration testing is Kali Linux. It’s based on Debian and was developed by Offensive Security taking on the mantle of BackTrack.
Kali Linux follows the Rolling Release model in that every tool that comes with the distro, of which there are plenty, is updated automatically. Kali is the most advanced penetration testing platform available. As such, its tools focus largely around penetration testing from various fields of security and forensics.
The Kali Linux community is fairly large and remains active, and there is plenty of available documentation for studying or brushing up on a few tips and tricks that could benefit you.
One of the best distros in the field would have to be the Ubuntu-based BackBox. It’s a distro developed specifically for penetration testing and security assessment purposes. It even has its own software repository that provides the latest stable versions of various system and network analysis toolkits and ethical hacking tools.
BackBox is designed with a minimalistic approach both in structure and visuals opting to use the XFCE desktop environment. With BackBox you receive a lightning quick, effective, efficient, and fully-customizable experience with a rather large and helpful community.
One of the new distros on the block, Parrot Security OS is brought to us by Frozenbox Network. It’s target audience is penetration testers in need of online anonymity, system encryption, and easy access to the cloud.
Yet another distro on this list that is based on Debian, it uses MATE as its desktop environment. With Parrot Security OS you’ll get almost every recognized tool for penetration testing available, as well as some exclusive custom tools from the developer, Frozenbox Network. Just like Kali Linux, Parrot Security OS also benefits from Rolling Release.
BlackArch serves as a penetration testing and security researching distro with its own repository. The consistently growing repository contains thousands of varying tools organized into different categories and groups for easy navigation.
BlackArch takes its name from the distro it was built on top of, Arch Linux. This means that if you’re already using Arch Linux as your preferred Linux distro, you can easily set up the collection of BlackArch tools right on top of it.
Bugtraq comes with multiple desktop environments (XFCE, GNOME, and KDE) based on different Linux distros like Ubuntu, Debian, and OpenSUSE. It is also available in 11 different languages.
Bugtraq comes packed with a huge arsenal of penetration testing, forensic, and laboratory tools specifically designed by its loyal community. Some tools involve malware testing, mobile forensics, and GSM frequency audit tools.
Next we have Digital Evidence & Forensics Toolkit (DEFT), which is a Linux distribution developed for Computer Forensics. The primary purpose of DEFT is to be able to run a live system without fear of corruption or tampering from outside sources such as external or mobile devices.
DEFT is typically paired up with the forensics system for the Windows operating system known as Digital Advanced Response Toolkit, or DART. DART contains the best possible tools you’ll find for forensics and incident response.
The staff who developed DEFT are consistently helping to develop new systems that help law enforcement, the military, and government officers.
The Samurai Web Testing Framework comes as a virtual machine and was developed for online penetration testing. It’s based off of Ubuntu and contains plenty of amazing open source tools that prioritize website attacks.
One of the more interesting and convenient features of the Samurai Web Testing Framework is that it includes a pre-configured Wiki set up to store information during your penetration tests.
This framework does come with a few prerequisites such as Vagrant, which is a developmental environment that works best with VirtualBox.
The Gentoo Linux-based Pentoo is a distro focused on security and penetration testing. It’s available as a LiveCD with persistence support which means that all changes conducted while live will remain and become available on the next boot up so long as you’re using a USB stick.
Pentoo is a carbon copy of Gentoo except with a large assortment of customized tools with a focus toward security and penetration testing. Anyone familiar with the workings and interface of Gentoo will easily adapt to the Pentoo work environment. It’s also available as an overlay to anyone who already uses Gentoo as their preferred Linux distro for hacking.
If your current or potential career is that of a forensics specialist, then Computer Aided INvestigative Environment (CAINE) is the distro for you. It was created with the sole purpose of aiding in and testing of digital forensics.
CAINE provides built-in investigative tools, is liveDVD session capable, and runs a more old school approach to the Linux desktop environment. CAINE’s selection of forensics tools is top-notch. From the menu you’ll find 18 applications as well as four additional subfolders containing additional specialty forensics tools focused on memory, database, mobile, and networking forensics.
It’s a no-nonsense distro for hacking that offers more standard Linux programs than you’re likely to find in most general purpose Linux distros. Visually and functionally, CAINE is less flashy than newer, more user-friendly distros, but its all business approach will get the job done
