This is a list of Linux security distributions designed for hackers, pentesters, malware analyzers, reverse engineers, and other cyber security professionals.

Kali Linux

Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It is one of the most popular Linux security distributions. It's easy to update and to add new tools from its own repository. It's available on platforms like VMware, VirtualBox, and Raspberry Pi. The complete list of tools is available at their official website.It is maintained and funded by Offensive Security Ltd. Mati Aharoni, Devon Kearns and Raphaël Hertzog are the core developers.Kali is a rewrite of BackTrack, first released on February 5, 2006. This distribution originated from the merger of two formerly competing distributions which focused on penetration testing: WHAX and Auditor Security Collection.


Pentoo is a security-focused distribution based on Gentoo. It's basically a Gentoo install with lots of customized tools and a kernel for penetration testing.Initially developed by Grimmlin (Michael Zanetta) on June 22, 2005, it is now led by Zero_Chaos (Rick Farina), and developed by blshkv (Anton Bolshakov), Wuodan (Stefan Kuhn), and Jensp (Jens Pranaitis).


BackBox Linux is an Ubuntu-based penetration testing and security assessment oriented distribution providing a network and systems analysis toolkit. It includes some of the most commonly known/used security and analysis tools, which can be updated from their own repositories. It uses the Xfce window manager and it is designed to be fast and easy to use.It was funded by Raffaele Forte and other developers on Sep 9, 2010.


BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. It comes with several lightweight window managers, including Fluxbox, Openbox, Awesome and spectrwm. The repository contains more than 1500 security tools.It was introduced in 2013 by Evan Teitelman and other developers.

Samurai Web Testing Framework

The Samurai Web Testing Framework is an Ubuntu-based distribution designed for web penetration testing. It contains the best of the open source and free tools that focus on testing and attacking websites. It has tools used in all four steps of a web pen test.The first version was released in 2008 by James Jardine, Jason Gillam and other developers.

Network Security Toolkit

Network Security Toolkit (NST) is Fedora-based distribution with open source network security applications. Most of the tools published in the article 'Top 125 Security Tools' by insecure.org are available in the toolkit. It has an advanced Web User Interface (WUI) for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration.It has an advanced Web User Interface (WUI) for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration.The first release was published in 2003. It is developed by Ronald W. Henderson and Paul Blankenbaker.

Parrot Security

Parrot Security OS is a Debian-based security-oriented distribution featuring a collection of utilities designed for penetration testing, computer forensics, reverse engineering, hacking, privacy, anonymity and cryptography. It uses MATE as the default desktop environment.It is developed by Frozenbox and the first release was published in June, 2013.


Wifislax is a Slackware-based distribution containing a variety of security and forensics tools oriented to wireless security.The distribution's main claim to fame is the integration of various unofficial network drivers into the Linux kernel, thus providing support for a large number of wired and wireless network cards.


Bugtraq-Team is an Ubuntu and Debian-based distribution with open source tools for penetration testing, mobile forensics, or malware analysis. It is available with Xfce, Gnome and KDE and 11 languages.Bugtraq-Team was founded in 2011 by Rubén Galán and Christian Gonzalez and was consolidated in 2012.


ArchStrike is a penetration testing and security layer on top of Arch Linux. It follows the Arch Linux standards very closely in order to keep the packages clean, proper, and easy to maintain.It is actively developed by Tyler Bennett, Chad Seaman, Kevin MacMartin, Craig West and Oğuz Bektaş and other collaborators. It is the newest distribution of the list, first released on Jul 25, 2016.

Other distributions

The purpose of this article is not to mention all the Linux security distributions out there. Below are more interesting Linux security distributions in no particular order for anyone interested in research.

Start learning with Cybrary

Create a free account

Related Posts

All Blogs