It’s been a while since I posted anything, I’ve been pretty busy… but I’ve recently been looking into other pentesting distros other than Kali, so thought I’d make a quick post.
It was only a couple years ago where I was primarily a windows user. At the time, I was into gaming, so windows was really the only option I had. At home, my desktop had to run Windows, not only because most game only run on Windows, but also that’s what the family is used to. If I had to travel, my laptop running Windows 7 had to be handy so I can play StarCraft 2 or World of Warcraft in the hotel – I spent a lot of time gaming.
Switching to Backtrack
In an effort to break my gaming addictions, mid-2012, I decided to make the move to Linux. Not only that, but I decided that I would only use Backtrack. Yes, I know it’s not the “safest” distro for general use, but my main goal at the time was to put all that time I would have spent gaming, towards the more practical use of learning how pentests are done – from the tools to the techniques. It was also around this time that I decided to sign up for Offensive Security’s Pentesting with Backtrack course (amazing class by the way). So, with my 64-bit Backtrack laptop (64-bit not recommended for general use or PWB, but I like challenges), I managed to have lots of fun in the lab, and learned a lot about linux, pentesting, python, and C. It was totally worth the switch.
However, Backtrack is a pain. It took me hours to install, configure, and get everything I required on top of the default install configured so everything actually worked together. I actually wrote a procedure for a clean install, as I ended up doing this so many times (primarily due to paranoia). It included such things as setting up a non-root account (easy) to installing OCLHashcat (for the underpowered nVidia GPU in my laptop, to tinker with – this was a challenge to figure out). Once complete, it made for a decent general use laptop, considering my general use is not typical.
On to Kali Linux
Now (and for a while now), Kali Linux is here. Everything installed just works together without the need for troubleshooting. Since it’s Debian based, it’s simple to customize and add in other software, and chances are you won’t break anything by doing so. The only con is that you still have to set up a non-root account, but that’s not hard to do, so there’s little reason to let that get in the way of giving it a try.
So far, every additional installations I’ve done have worked flawlessly – this list of installs include:
- VMWare Workstation
- Virtual Box
- Chromium (with Flash)
- Tor (why not)
- XChat IRC
- OCLHashCat (not used on my laptop, but installed anyway)
- Java SDK (disabled for browsing of course)
- 0 A.D. (linux game, not amazing, but helps with the addiction)
- and more
All of these were simple to install, especially compared to doing the same in BackTrack.
Kali is stable, familiar, and is not missing any tools I typically use (and if it is missing something, it’s easy enough to install). I really don’t have any complaints about Kali. It even has a disk encryption option during install (Backtrack didn’t), which I of course choose, and I’ve seen no performance hit by doing so.
Looking Into Other Pentesting Distros
I really just starting looking around, not because I’m unhappy with Kali, but mainly just because I’m curious. I’ve downloaded Backbox linux and Pentoo to start with… from what I’m hearing, these seem to be the next popular distros. I don’t have much to say yet, as I’ve really just started, but if I notice anything that makes me drop Kali and make a switch, I’ll be sure to say something.
Until then, I just wanted to point out that Kali Linux is great at being a general use OS. Just make sure you setup a non-root user for added security, and it should be safe enough for general use.