linux distro for pen testing

[ae3erdion]

I would like to know what are your thought on what distro to use for pen testing. Do you use Kali or build your own distro?

I'm starting to learn so I use Kali   

[Dave-ee Jones]

Kali is a good base for everyone - beginners and experts - so stick with that.

You can build your own Kali iso that provides you with customised tools so you don't have to use so much space on a USB or whatever, because realistically no one is going to use every single module Kali comes with as a full iso. You could also add persistence so anything you do inside Kali is saved, rather than reset every time you reboot or change PC (assuming you're using a USB).

[Cuvtixo]

The industry is coalescing around Kali as a security/pentesting distro, the way the did around Red Hat as the first linux distro to get certification with. It's probably great for free/low-cost training resources. Although apparently there's some Kali Linux books that aren't about pentesting at all, but just getting around Kali as a linux distro. Haha! Lesson One: hacking is mainly about social engineering, not technical knowledge, and that includes "white hats" selling themselves and their products. Secondly, as far as pen distros, the Katoolin script is pretty good. I haven't been able to use it much, but installing it is a blast, and you can put it on any Ubuntu based distro. I haven't tried it on a Raspberry Pi- that could make for some good set-ups.  Likewise you can also use the "Blackman" script on any Arch distro (pacman script for Blackarch tools. Get it? Blackman?)  Putting a good Archlinux distro together impresses me more than any custom Kali. Maybe you don't have anyone to impress with you're linux admin knowledge, but if you really want to learn... You could also try to update Pentoo or other Gentoo distro, but that might be much more work than is worth your time. Finally, I hope you don't touch Micro$oft's linux subsystem version of Kali, WSL or whatever it's called. That would be strictly for getting a certification out of the way. I'm really shocked they offer it, although it makes some sense in a sick, twisted sort of way. Script kiddies are customers worth tracking, too, I guess.

[ae3erdion]

I tried the subsystem and its annoying. Do you recommend a dedicated pc/laptop with kali install or run kali as a live distro? 

[Dave-ee Jones]

8 hours ago, ae3erdion said:

I tried the subsystem and its annoying. Do you recommend a dedicated pc/laptop with kali install or run kali as a live distro? 

Subsystem as in USB live boot? Yeah, well it's running off of a USB..

You could dual boot, you could have a dedicated machine, you could have a VM..

VMs are harder to quickly spin up and use if you're opening a laptop in the field - it's not as convenient as a dedicated laptop. Dual boot has a similar problem there, but at least you can have Windows or something on the side for general use. Dedicated laptop is probably the best option you have for convenience, but if you're looking to just have a play with Kali then use a VM or live boot USB with persistence.

 

[PoSHMagiC0de]

So, my work laptop began a few years ago running Windows with Kali and/or some other linux distro in virtual box.  I do no gaming on this laptop so decided since I do more in Linux and only needed Windows for a few things that are Windows only like Office, etc so removed the Windows license from my laptop and redid with a dual boot.  1 is for Mint, the other is for Kali.  Both encrypted.  Where did Windows go?  It is a virtual box now.

Funny thing, Windows as a VM runs better than it did bare metal on my laptop..lol.

What I learned.  Kali has some issues as a VM, especially when you get to some of the heavier attacks like yersinia and stuff.  I have had the VM just close out sometimes.  As a bare metal it works fine.

[Computer_Security]

My current favorite is Parrot OS, but I also have Kali, AttifyOS (IOT hacking distro) and even Backtrack r3 just to remind me of the good ol' days.

[0phoi5]

Parrot is better than Kali, IMO, however Kali is more widely supported and used in tutorials.

[bashincajun]

If you are just starting out I would recommend Kali or Parrot.  Run as either USB or dedicated as others have mention Kali can be temperamental as a VM.  Once you get comfortabl with what tools you need/use look into building your own ISO.  I personally customized ubuntu and use most all of my tools through that but i Do have Kali on a USB and Parrot in a VM with me all of the time just in case i need them.

[Bigbiz]

Kali is a safe bet.