If you are new to Linux, read How to Choose Your First Linux Distribution and install one of those distro’s first. Linux is very intuitive and once you get the hang of it, including command line practice, you can move over to more exotic distributions taking the intuitive learnings with you.

For those having some practice with Linux, and ready and eager for exploring the world of the unseen:

BackTrack Linux

BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking. Regardless if you’re making BackTrack you Install BackTrack, boot it from a Live DVD or thumbdrive, the penetration distribution has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.

BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community.

Feedback from all industries and skill levels allows us to truly develop a solution that is tailored towards everyone and far exceeds anything ever developed both commercially and freely available. The project is funded by Offensive Security. Whether you’re hacking wireless, exploiting servers, performing a web application assessment, learning, or social-engineering a client, BackTrack is the one-stop-shop for all of your security needs.

Read more

Live Hacking CD

Live Hacking DVD is a new Linux distribution packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this ‘Live DVD” runs directly from the DVD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders.

As well as the standard Linux networking tools like ping, wget, curl, telnet and ssh, the Live Hacking DVD has tools for DNS enumeration and reconnaissance as well as utilities for foot-printing, password cracking and network sniffing. It also has programs for spoofing and a set of wireless networking utilities.

Read more

Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Read more

Organizational Systems Wireless Auditor Assistant

The OSWA-Assistant™ is a free, self-contained, wireless-auditing toolkit for both IT-security professionals and End-users alike.

This toolkit is our contribution to the wireless security/auditing community and, as the “Assistant” moniker implies, and is designed for the following groups of people:

• IT-security auditors and professionals who need to execute technical wireless security testing against wireless infrastructure and clients;
• IT professionals who have responsibility for ensuring the secure operation and administration of their organization’s wireless networks;
• SME (Small & Medium Enterprise) and SOHO (SmallOffice-HomeOffice) businesses who do not have either the technical expertise or the resources to employ such expertise to audit their wireless networks;
• Non-technical-users who run wireless networks at home and who would like to audit the security of their wireless home networks and laptops but don’t know how.

Read more

Network Security Toolkit

This bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, geolocation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

Read more

Arudius

Arudius is a Linux live CD with tools for penetration testing and vulnerability analysis. A so-called “Linux live CD” is essentially a Linux operating system that is bootstrapped and run directly from a standard CD-ROM. This allows for improved portability of the operating system and for running a variety of Linux software on almost any physical system without affecting the host operating system installed on the hard disk. This is the concept that Arudius exploits as well. Currently, Arudius features more than 140 different security tools and packages. This collection contains most of the tools on the SANS Top 75/100 list of security tools plus many other tools not covered by those lists. The CD will also include tools developed by TDI, including network sniffers for Instant Messaging (IM) and Peer-to-Peer (P2P) applications.

Read more

Operator

Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering  networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.

The technique to allow Operator to boot and run from RAM is based on a project called KNOPPIX. KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Mastering of this CD uses on-the-fly decompression which allows for up to 2 GB of stored data.

Starting with the 3.3 version of Operator, we have started completely from scratch by installing a basic Debian installation then adding the KNOPPIX functionality afterwards. This allowed us to have more control and understanding of what is on the CD.

Read more

Katana

Katana is a portable multi-boot security suite which brings together many of today’s best security distributions and portable applications to run off a single Flash Drive. It includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, and Malware Removal. Katana also comes with over 100 portable Windows applications; such as Wireshark, Metasploit, NMAP, Cain & Abel, and many more.

Read more