Penetration testing Linux distribution ArchAssault

ArchAssault is an Arch Linux based penetration testing distribution for security professionals and hackers. The distribution is a DVD size .iso available for 32 and 62 bit as well as the ARM architecture, a set of instructions for mobile devices.

This distribution comes with many development tools like Emacs, Cmake and Netbeans, basic graphic and text editing software, like Abiword and Videolan, with a strong diversity of hacking tools like WireShark, OphCrack, port scanner Zenmap and the usual hacking software used to fingerprint and attack a server or computer. If you want to secure hijacked data packets during your penetration testing Truecrypt is included to create encrypted conatiners, and for anonymous Internet browsing you can find Tor and Vidalia, a graphical user interface to manage Tor.

Penetration testing distribution ArchAssault

Penetration testing distribution ArchAssault

ArchAssault is using the lightweight OpenBox window manager, a minimalist front end with no Start button, tools can only be accessed right clicking on the desktop, this will not alter usability but it could be awkward at the beggining if you are not habituated to run your operating system this way. You can install any Arch Linux package in ArchAssault, if you don´t like OpenBox, it can be replaced with KDE.

One of ArchAssault’s developers hails from a similar distribution called BlackArch and you will find many concurrences in between them, the only differences appear to be minor tool variations.

ArchAssault can also be used for computer forensics acquisition, incorporating fatback to recover data from FAT file systems and stegdetect to uncover hidden steganographic messages inside images. ArchAssault developers keep adding bleeding edge hacking tools and they have recently introduced a heartbleed honeypot script to log attempts to exploit the recently found Heartbleed bug in OpenSSL.

Visit ArchAssault homepage

Intrusion Detection Linux distribution Security Onion

Security Onion is a Ubuntu based Intrusion Detection and Network Security Linux distribution for professionals. It can run as a live DVD or installed in your hard drive with just a few clicks. The distribution comes with well known offensive and defensive digital tools that are not very beginner friendly, you need to have a computer security background to understand what the tools do.

Fortunately Security Onion developers have uploaded a series of YouTube tutorials explaining how to search DNS traffic, how to use Sguil, Squert, Snorby and tcpreplay, there is also a well documented Wiki, a mailing list and Freenode IRC channel where you can post questions. If you wish to learn about digital forensics and hacking this will be a good place to start.

Intrusion Detection Linux distribution Security Oniion

Intrusion Detection Linux distribution Security Onion

Security Onion default window manager is XFCE, a minimalist lightweight desktop environment. You will find a basic Xubuntu software base, like the Synaptic package manager, text editor Abiword, graphic editor the Gimp and a couple of Solitaire games with a considerable bundle of network inspection software, the expected WireShark packet sniffer, Suricata, Xplico and Network Miner for network forensic analysis, Snorby, ELSA, Snort and a long etc of tools that security professionals will quickly recognise.

There is no root password in Security Onion, a default Ubuntu based distribution setting. Your account already has sudo permissions and you can add a new user with sudo adduser

This is an actively supported distribution, one of the developers is a SANS Institute GSE Community Instructor and other seasoned security professionals are also involved, a two training class about Security Onion has already taken place, with enough demand there is no reason why this should not happen more often.

Security Onion is a proper alternative to BackTrack that has all the tools a pen tester and digital forensics professional needs to detect network intrusion and test network defences before and attack happens. Security Onion is well documented with community based online support.

Definitely a distribution to look at if you work in the IDS field or if you would like to learn more about real computer security that actually needs some skill and it is not a point and click script kiddie cyberweapon.

Visit Security Onion homepage

Linux Parrot OS for hacking, security and anonymity

Parrot OS is a live and installable operating system based on Debian Linux and targeted at penetration testers and people interested in online anonymity. The nearly 2GB DVD download integrates professional and beginner computer security tools inside the MATE Desktop environment, a GNOME2 fork

Booting can be done in forensic mode, listed as Stealth, to avoid modifying any file in the host computer, live, live fail safe or with a graphical GUI to install the operating system in your computer, visually impaired people can use a speech synthesis installer.

Parrot OS default username is root with password toor easily changed after logging in. The distribution homepage has a Wiki but at the moment it only contains basic information for newbies about how to boot from BIOS or burn the distribution to a USB thumbdrive. However, if you are familiar with Linux you should not have to read too many tutorials, the tools included in Parrot OS are the same ones found in similar pen testing distributions like Kali or BackTrack Linux.

Linux penetration testing Parrot OS

Linux penetration testing Parrot OS

Some useful tools for privacy activists found in Parrot OS are Truecrypt to encrypt data, Bleachbit to erase Internet tracks, although if you run the live DVD this will not be needed, and the Iceweasel browser running with Tor, with Vidalia providing a graphical interface to manage the Tor network, showing consumed bandwidth, nodes you are connected to and message logs.

Tools for penetration testers include packet sniffer Wireshark, man in the middle attacks with the Ettercap suite and an md5crack to brute for passwords out of captured md5 hashes. A screenshot and desktop recording utility is able to document all you do.

Practically all of the hacking tools are found under the Parrot menu, dozens of programs nicely classified under descriptive activities such as “Information Gathering” ; “Sniffing/Spoofing“; “Wireless Attacks“; “Reverse Engineering” and many others with a submenu are all easily accessible.

Although this distribution is being advertised as anonymity and penetration testing in one, I believe that it is mostly suitable for pen testers, those who want anonymity are still better off with Tails. Parrot OS is similar to Attack Vector Linux, packing powerful penetration testing tools with Tor to hide who is using them. On the other hand, any sys admin worth his salt will be blocking all Tor proxies from accessing the network.

Computer forensics can also benefit from Parrot OS, as it has a dedicated “Forensics” menu with carving, hashing and imaging tools together with reporting tools to manage evidence and a forensic boot that will not modify data. You can find this distribution to be a sound alternative to BackTrack.

Visit Parrot OS homepage

Linux penetration testing distribution NetSecL OS

NetSecL OS is a penetration testing OpenSuse based Linux distribution with the lightweight Xfce window manager. The distribution’s kernel has been hardened with grsecurity patches, a set of rules that allows for more extensive system auditing and protects you from stack overflows by making them non executable.

The latest NetSecL OS 5.0 removes Firefox and incorporates the Chromium browser, not to be confused with Chrome. Even thought they both use the same source code, Chromium does not release binaries, it has to be built from source, and it does not send data to Google, the Chromium browser has improved privacy over Chrome.

Other privacy enhancing features in NetSecL OS include Macchanger, a Unix utility to view, fabricate or forge a  MAC network card address and a Firewall GUI builder to set your own system access rules.

Linux security distribution NetSecL OS

Linux security distribution NetSecL OS

You can run NetSecL OS as a live DVD or install it in a USB or hard drive. A .ova virtual  machine is available for download from Suse Studio website for testing. The default users are root and tux and the password for both of them is linux

You can find specific penetration testing tools like the Metasploit framework , packet sniffer Wireshark, network monitor EtherApe, Open Vulnerability Assessment System OpenVas, port scanning Nmap, security reconnaissance Skipfish along password manager KeePassX, text editor Abiword, FTP client FileZilla and the open source Windows API implementation Wine, to run Windows programs in Unix.

NetSecL OS has all the tools a security professional needs to break into a network, I can see this operating system complementing BackTrack. The main difference in between both being that NetSecL OS is fixated with offensive security and not digital forensics, for example,NetSecL OS does not have image acquisition tools, in lieu BackTrack covers both fields.

If you don’t like Backtrack Ubuntu base or just want to try something new, NetSecL OS is a valuable OpenSuse pen testing distribution.

Visit NetSecL OS homepage

AttackVector Linux for penetration testing using Tor

AttackVector Linux is a Debian based distribution combining elements from Kali, a Linux operating system for penetration testing, and Tails, a Linux distribution for anonymous Internet communications that routes all traffic to the Tor proxy network, AttackVector aims to anonymize attacks just like malicious hackers do in real life incursions, it has been build from scratch using Debian Live-build, a tool to create custom Debian Live systems, using Kali as base and adding the Tor project to the distribution to anonymize attack sources.

In AttackVector you will find the same hacking tools that come with Kali (from BackTrack developers), the drop menu even says “Kali Linux” before expanding to specific spoofing, exploit attacks, vulnerability analysis, hardware hacking and information gathering tools. You can see Vidalia control panel at the bottom of the screen informing you that you are connected to Tor and allowing you to change exit Tor node if needed.

AttackVector Linux Tor proxy network

AttackVector Linux Tor proxy network

This Linux distribution will not leave any trace on the computer when operated as a live DVD, installation is optional. It might be considered a black hat hacking tool, it could do lots of damage with no way to trace back malicious hackers, the only possible protection I can envision from a tool like this is for a system administrator to ban all tor exit nodes from accessing the network, but it is not easy to keep an updated list.

There is no documentation yet, it is on the todo list together with full disk encryption with LUKS and HTTPS everywhere. I didn’t think this is a novelty product, you could use Liberté Linux and add hacking tools to accomplish the same result or install Tor and hacking tools in Windows plus Truecrypt, but the most valuable penetration testing tools are only found in Linux and this is the operating system a real hacker should engage with since most servers are Linux based too.

Note: Distribution is an alpha version in early development.

Visit AttackVector Linux homepage

Linux distribution for wireless hacking Xiaopan OS

Xiaopan OS is a small Tiny Core Linux based operating system specific for wireless penetration testing, it comes with the XFE desktop environment, a very lightweight graphical front end, the distribution can run as a live CD, from a USB thumbdrive with Unetbootin or used inside a virtual machine. Numerous wireless card controllers are supported, including Atheros and Broadcom, the most widely used chipsets. As a result of the distribution being based on Tiny Core Linux all of the .tcz precompiled packages available for Tiny Core can be installed in Xiopan using the TCL Appbrowser, non hacking utilities like games, media player, CD burner, VoIP software and Truecrypt can all be optionally added to Xiopan OS.

To crack WPA/WPA2 encryption keys a tool called Reaver-wps is used , the software attacks a router Wifi Protected Setup registrar PINs, this feature comes in many routers for easy set up and it has a hard coded Personal Identification Number tied to the device, by exploiting this Reaver can find out the WPA/WPA2 password, dictionary lists in multiple languages can be downloaded from Xiopan forums.

Wifi hacking Linux distribution Xiaopan

Wifi hacking Linux distribution Xiaopan

After first scanning for the target wireless access point and gathering information like SSID, encryption mode and channel you can launch Reaver brute force attack, the screen will show you real time cracking in progress, it can take up to ten hours to find out the wireless password, or much less depending on how complex encryption and password are, factors for hacking success will involve if your wireless network card supports injection and distance to the attacked Wifi access point, some routers are more vulnerable to injection than others. You can protect your network against brute force attacks with Mac filtering, however the distribution includes other hacking tools like Inflator, Mindiwep, Aircrack-ng and Feeding Bottle,  Mac spoofing is possible.

This Linux live CD is first class penetration testing tool to audit wireless access points security and replaces Beini, a very similar distribution no longer active. Xiaopan is easy to use for beginners thanks to its graphical interface, much lighter than Backtrack, the main problem you can come across with this distribution is that your wireless network card might not be recognised, if that happens it can help troubleshooting looking at what drivers are being loaded inside the tce and cde folders and knowing your network card chipset.

Xiaopan Linux WPA2 hacking

Xiaopan Linux WPA2 hacking

If you want to protect against Reaver attacks you should disable Wifi Protected Setup in your router, unfortunately many of them do not allow you to do this manually, the other option is to use an open source router firmware like DD-WRT, it does not support WPS and Reaver can do nothing against it.

Visit Xiaopan OS homepage

Anonymous OS live CD released

A new live CD made up of Anonymous memorabilia (logos, graphics) and penetration testing tools, being marketed as “Anonymous OS” has been released to the community. The CD runs a customized Ubuntu Linux with the the Mate desktop (Linux Mint, Gnome like desktop) and comes packed with hacking tools like the Anonymous Low Orbit Ion Canon (LOIC) to launch a distributed denial of service against websites with a point and click, the Havij SQL injection utility, John The Ripper and Pyloris password crackers, anonymity tools like i2p, Vidalia, tor proxy and JonDo and packet sniffers like WireShark. The unknown developer says that the live CD is an education tool and should not be used for attacking websites, if you do it is your own responsibility.

There isn’t much on this distribution that would make you want to use it over other well established Linux distros for anonymous communications, like Tails, or well known penetration testing Linux distributions like BackTrack, Grml, Helix or DEFT.

Anonymous OS live CD

Anonymous OS live CD

The OS, which looks suspiciously close to BackTrack Linux, appears to be a marketing gimmick with someone having taken the time to put together already existing PEN testing tools with Anonymous mementos so that it looks cool, i.e. you get to see the anonymous logo during boot time instead of Ubuntu. The only tool not found in other similar Linux distributions is the Anonymous developed and branded own distributed denial of service tool (LOIC), the rest can be found elsewhere.

Like with all software from unknown sources there is the danger of getting backdoored by using it, the authors homepage claims that in Linux there are no viruses, this is inaccurate, it is very rare to find Linux malware, but it can be created, it is not impossible. I see no reason to use this OS over other more well known Linux distributions that do the same. Download at your own risk!

Anonymous OS system password is only given as md5: 2ae66f90b7788ab8950e8f81b829c947  once decrypted it will give you the password: anon ,you will need it to be root.

Visit Anonymous OS project homepage

UPDATE: SourceForge has decided to remove this project citing security concerns, misleading name and lack of transparency. I have now removed the link to Anonymous OS.