Pentoo - Based on Gentoo, also very cool but again not for beginners -P.BlackArch Linux - Based on Arch Linux, tons of tools, docs not so much, great but not for beginners.Parrot Security OS - Based on Debian, geared towards privacy as well as security, good all around distro.Kali Linux - Based on Debian, lots of documentation, geared towards offensive securit, probably the most popular pen-testing distro right now.There are also quite a few pen-testing distributions to choose from.
You can install a pen-testing distro in a virtual machine on top of the OS of your choice. You can run ZAP or Burp Suite from Windows directlyĥ. ( Pi Lover's Option) Kali Linux installed on an SD card and running on a Raspberry PiĤ. A pen-testing Linux distro Persistently installed on your hard driveģ. A pen-testing Linux Distro on a Live USB driveĢ. You've got a lot of options, many of which are beyond the scope of this article. But you will probably need to set up the system you are attacking from so that the tools and utilities you will need are at your fingertips. Now you have a target system ready for attack. This allows would be pen-testers hackers and system admins to practice both offensive and defensive network security techniques in a relatively safe environment. Out-of-Date web applications - Older versions of popular applications like Wordpress, Drupal, Joomla, etc.Intentionally vulnerable applications- This includes apps like DVWA and OWASP WebGoat.The web applications are of two varieties. It exists only to be attacked and comes pre-configured with DNS, SMTP, Samba, Apache and a host of web applications. RasPwn OS is a Raspberry Pi image that emulates a vulnerable Linux Web Server.
This project shows how to use RasPwn OS to turn a Raspberry Pi 3 (or alternatively a Pi 2b + compatible WiFi adapter) into a private web server that has been designed to be intentionally vulnerable. Do you want to learn how to hack computers and websites without going to jail? Thanks to the Raspberry Pi and RasPwn OS you can learn how to pen-test without even getting online!