Skip to main content

Hacking with Security Tools Part - 5

 

Kali Linux Comparison with Other security distributions


Introduction 

  Welcome to the last module of this workshop. We have been talking about hacking & exploit development so far in this workshop. Over the Internet, there are many distributions which you can see as security distributions which were build for penetration testing or security testing as a main purpose. But not all of them have the strength that Kali Linux has. 

 In this module, we will simply present the comparison or the intros of other security related operating systems and Kali Linux. 

 Known Hacking Distributions (Operating Systems) 

 1 – Blackbuntu 

    Blackbuntu is a penetration testing Linux distribution that is specially designed for training security students and information security practitioners. It was built on Ubuntu 10.10 with the Gnome desktop environment. Blackbuntu will also include the KDE desktop in the final release of Blackbuntu Community Edition 0.3. 

Download: http://blackbuntu.sourceforge.net.


2 – NodeZero Linux 

  NodeZero Linux is also one of the penetration-testing tools, and it can be used as a “live system”. This can be used as pen testing reverse engineering and forensic analysis. 

Download: http://www.nodezero-linux.org/.

3 – BackBox 
  
   BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools. 
 
    BackBox uses the light window manager Xfce. It includes some of the most used security and analysis Linux tools, aiming to a wide spread of goals, ranging from web application analysis to network analysis, from stress tests to sniffing, including also vulnerability assessment, computer forensic analysis and exploitation. 

 Download: http://www.backbox.org/repository.

4 – Samurai Web Testing Framework 

   The Samurai Web Testing Framework is a live Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. 

Download: http://sourceforge.net/projects/samurai/files/.



5 – STD Linux 

  STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can. 

  Download: http://s-t-d.org/download.html.



So far, we presented the top five distributions, which are available over the internet for performing sort of similar tasks which Kali Linux performs. 

  However, Kali Linux is backed by a well-known and strong organization that keeps Kali Linux up to date and continues enhancing its features and providing more tools to perform security testing. However, the problem with other distributions is that some of them died out over a period of time and the rest don’t enhance their features in order to support the new requirements in the field of hacking. 

  For you to experience the flavors of these security distributions, we have provided the links to download and test them.

Popular posts from this blog

Haking On Demand_WireShark - Part 5

Detect/Analyze Scanning Traffic Using Wireshark “Wireshark”, the world’s most popular Network Protocol Analyzer is a multipurpose tool. It can be used as a Packet Sniffer, Network Analyser, Protocol Analyser & Forensic tool. Through this article my focus is on how to use Wireshark to detect/analyze any scanning & suspect traffic. Let’s start with Scanning first. As a thief studies surroundings before stealing something from a target, similarly attackers or hackers also perform foot printing and scanning before the actual attack. In this phase, they want to collect all possible information about the target so that they can plan their attack accordingly. If we talk about scanning here they want to collect details like: • Which IP addresses are in use? • Which port/services are active on those IPs? • Which platform (Operating System) is in use? • What are the vulnerabilities & other similar kinds of information. • Now moving to some popular scan methods and ho...
Read more

Bypassing Web Application Firewall Part - 2

WAF Bypassing with SQL Injection HTTP Parameter Pollution & Encoding Techniques HTTP Parameter Pollution is an attack where we have the ability to override or add HTTP GET/POST parameters by injecting string delimiters. HPP can be distinguished in two categories, client-side and server-side, and the exploitation of HPP can result in the following outcomes:  •Override existing hardcoded HTTP parameters  •Modify the application behaviors   •Access and potentially exploit uncontrollable variables  • Bypass input validation checkpoints and WAF rules HTTP Parameter Pollution – HPP   WAFs, which is the topic of interest, many times perform query string parsing before applying the filters to this string. This may result in the execution of a payload that an HTTP request can carry. Some WAFs analyze only one parameter from the string of the request, most of the times the first or the last, which may result in a bypass of the WAF filters, and execution of the pa...
Read more

Bypassing Web Application Firewall Part - 4

Securing WAF and Conclusion DOM Based XSS DOM based XSS is another type of XSS that is also used widely, and we didn’t discuss it in module 3. The DOM, or Document Object Model, is the structural format used to represent documents in a browser. The DOM enables dynamic scripts such as JavaScript to reference components of the document such as a form field or a session cookie, and it is also a security feature that limits scripts on different domains from obtaining cookies for other domains. Now, the XSS attacks based on this is when the payload that we inject is executed as a result of modifying the DOM environment in the victim’s browser, so that the code runs in an unexpected way. By this we mean that in contrast with the other two attacks, here the page that the victim sees does not change, but the injected code is executed differently because of the modifications that have been done in the DOM environment, that we said earlier. In the other XSS attacks, we saw the injected code was ...
Read more