Linux is an extremely popular operating system for hackers. First of all, Linux's source code is freely available because it is an open-source Operating System (OS). This means that Linux is very easy to modify and customize. Second, there are countless Linux security distributions available. Almost all the Ethical Hacking operating systems for security experts are based on a Linux kernel.

Keep in mind that, simply having these operating systems does not make anyone a security expert or a hacker. It is extremely important to develop your Linux skills to become an "Ethical Hacker". Nearly all the tools that hackers use are developed for Linux. Linux gives us capabilities that we don't have using Windows.



Parrot is based on Debian's testing branch, with a Linux 5.2 kernel. It follows a rolling-release development model. The desktop environments are MATE and KDE, and the default display manager is LightDM. The system is certified to run on devices that have a minimum of 256MB of RAM, and it is suitable for both 32-bit (i386) and 64-bit (amd64) processor architectures. Moreover, the project is available for ARMv7 architectures.

Parrot has multiple editions that are based upon Debian, with various desktop environments available. Parrot is intended to provide a suite of penetration testing tools to be used for attack mitigation, security research, forensics, and vulnerability assessment.

Homepage | Download Parrot Security



Kali Linux is an open-source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In addition to Kali Linux, Offensive Security also maintains the Exploit Database and the free online course, Metasploit Unleashed.

Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools that are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics, and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company.

Homepage | Download Kali Linux



BlackArch is a complete Linux distribution for penetration testers and security researchers. It is derived from Arch Linux and users can install BlackArch components individually or in groups directly on top of it. The toolset is distributed as an Arch Linux unofficial user repository so you can install BlackArch on top of an existing Arch Linux installation. Packages may be installed individually or by category.

The constantly expanding repository currently includes over 2400 tools. All tools are thoroughly tested before being added to the code base to maintain the quality of the repository. You can find all BlackArch Linux code including build scripts and website source on Github, however, BlackArch is a Linux pen-testing distribution based on ArchLinux. If you're not familiar with ArchLinux, we strongly suggest you avoid BlackArch due to the learning curve for new users.

Homepage | Download BlackArch



Linux Kodachi's operating system is based on Xubuntu 18.04 it will provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have to be secure.

Kodachi is very easy to use all you have to do is boot it up on your PC via USB drive then you should have a fully running operating system with established VPN connection + Tor Connection established + DNScrypt service running. No setup or Linux knowledge is required from your side we do it all for you. The entire OS is functional from your temporary memory RAM so once you shut it down no trace is left behind all your activities are wiped out. Kodachi is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card.

Kodachi is based on the solid Linux Xubuntu/Debian with customized XFCE this makes Kodachi stable, secure, and unique view screenshots:

Homepage | Download Kodachi Linux



BackBox Linux is a penetration testing and security assessment oriented Linux distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, aiming for a wide spread of goals, ranging from web application analysis to network analysis, stress tests, sniffing, vulnerability assessment, computer forensic analysis, automotive and exploitation. It has been built on the Ubuntu core system yet fully customized, designed to be one of the best Penetration testing and security distribution and more.

Starting from an appropriately configured XFCE desktop manager it offers stability and the speed, that only a few other DMs can offer, reaching in the extreme tweaking of services, configurations, boot parameters and the entire infrastructure. BackBox has been designed to achieve the maximum performance and minimum consumption of resources. This makes BackBox a very fast distribution and suitable even for old hardware configurations.

Homepage | Download Backbox



CAINE (Computer Aided Investigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface.

CAINE represents fully the spirit of the Open Source philosophy because the project is completely open, everyone could take on the legacy of the previous developer or project manager. The distribution is open source, the Windows side is freeware and, last but not least, the distribution is installable, thus allowing rebuilding it in a new brand version, so giving a long life to this project.

Homepage | Download Caine



The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open-source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such as WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This VM also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Homepage | Download Samurai



Pentoo is a security-focused live-cd based on Gentoo. It's a Gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included :

  • Available binary packages, updated 4 times daily.
  • Module loading support ala/slax.
  • Changes saving on usb stick including Unetbootin support.
  • OPENCL cracking support with development tools.
  • Dozens of daily security and functionality updates daily.
  • Custom wrote "pentoo-updater" tool to aid in keeping up to date.

Put simply, Pentoo is Gentoo with the Pentoo overlay. This overlay is available in layman, so a Gentoo user can simply "layman -L && layman -a pentoo". The Pentoo dev team consisting of a few core developers and many random acts of kindness from others.

Homepage | Download Pentoo



The Fedora Security Lab provides a safe test environment to work on security auditing, forensics, system rescue and teaching security testing methodologies in universities and other organizations. The development of the Fedora Security Lab (FSL) (former known as Fedora Security Spin) provides a media which can be used as a live system.

Nowadays, there is more than just a Live media under the umbrella of the Fedora Security Lab. There are the Fedora Security Lab Test bench and a comps group. The Fedora Security Spin is a live-cd based on Fedora to provide a safe test-environment for working on security-auditing, forensics, and penetration-testing, coupled with all the Fedora-Security features and tools.



ArchStrike previously named ArchAssault is a project based on Arch Linux repository for security professionals and enthusiasts done using the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7, and ARMv8. ArchStrike is a penetration testing and security repository for users of Arch Linux, following Arch Linux standards to keep the packages clean, proper, and easy to maintain.

It comes with all the best things of Arch Linux with additional tools for penetration testing and cybersecurity. ArchStrike includes thousands of tools and applications, all categorized into modular package groups.

Homepage | Download ArchStrike



The Matriux is a fully-featured security distribution consisting of a bunch of powerful, open-source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.

With Matriux, you can turn any system into a powerful penetration testing toolkit, without having to install any software into your hard disk. Matriux is designed to run from a Live environment like a CD / DVD or USB stick or it can easily be installed to your hard disk in a few steps. Matriux also includes a set of computer forensics and data recovery tools that can be used for forensic analysis and investigations and data retrieval.

Homepage | Download Matriux