Hacking and Pentesting: Adapt your GNU / Linux Distro to this IT field

Hacking and Pentesting: Adapt your GNU / Linux Distro to this IT field

Hacking and Pentesting: Adapt your GNU / Linux Distro to this IT field

Although the Hacking is not necessarily a computer field, the Pentesting if it is completely. He Hacking or being a ChippersRather, it is a general term, which is usually associated more with a way of thinking and a way of living. Although, in these modern times where everything is associated with IT domain, it is logical to think that a Chippers is a computer expert by nature or by professional studies.

Whereas, the term Pentesting or be a pen tester, if it is something clearly associated with IT domain, given the knowledge, domain and necessary use of special and advanced computer applications, mainly oriented to the topic of cybersecurity and forensic information.

Hacking and Pentesting: Introduction

Before entering fully into the subject, we recommend reading 7 previous related publications, 4 with the advanced use of GNU / Linux in other IT areas and 3 on the current topic, that is, the topic Hacking / Hackers, to complement the subsequent reading and prevent it from being too large.

The following publications related to the advanced use of GNU / Linux are:

Turn your GNU / Linux into a Distro suitable for Software Development
Related article:
Turn your GNU / Linux into a Distro suitable for Software Development
How to create a Multimedia Distro on GNU / Linux
Related article:
Turn your GNU / Linux into a quality Multimedia Distro
MinerOS 1.1: Multimedia & Gamer Distro
Related article:
Turn your GNU / Linux into a quality Distro Gamer
Related article:
Convert your GNU / Linux into an Operating System suitable for Digital Mining

And the following publications related to the Hacking / Hacker scope are:

Hacking and Cybersecurity
Related article:
Become a Hacking and Cybersecurity specialist
Related article:
What does 'hacker' really mean
Related article:
Top 11 Hacking and Security Apps for Linux

Hacking and Pentesting: Content

Hacking and Pentesting: Interesting IT field

We will clarify the term below Hacking / Hacker and the term Pentesting / Pentester to then advance with the tips and recommendations necessary to answer the question of: How to adapt our GNU / Linux Distros to the IT field of Hacking and Pentesting?

Hacking and Hacker

Speaking from a computer point of view, a fairly acceptable and general definition of Hacking is

"The permanent search for knowledge in everything related to computer systems, their security mechanisms, their vulnerabilities, how to take advantage of these vulnerabilities and the mechanisms to protect themselves from those who know how to do it". Hacking, cracking and other definitions

Consequently, a Chippers IT is a person who:

"Tends to inevitably use and dominate ICTs, to gain efficient and effective access to the sources of knowledge and the existing control mechanisms (social, political, economic, cultural and technological) to make the necessary changes for the benefit of all". The Hacker Movement: Lifestyle and Free Software

Pentesting and Pentester

Meanwhile he Pentesting can be clearly summarized as:

"The action or activity of attacking a computer system to identify existing failures, vulnerabilities and other security errors, in order to prevent external attacks. In addition, Pentesting is really a form of hacking, only this practice is totally legal, since it has the consent of the owners of the equipment to be tested, in addition to having the intention of causing real damage". What is pentesting and how to detect and prevent cyber attacks?

Hence, a pen tester can be defined as that person:

"Whose job is to follow various processes or specific steps that ensure a good examination and thus be able to carry out all possible inquiries about failures or vulnerabilities in the system. Therefore, it is often called a Cybersecurity Auditor". What is Pentesting?

How to adapt our GNU / Linux Distros to the IT field of Hacking and Pentesting?

GNU / Linux Distros for Hacking and Pentesting

Certainly there are currently many GNU / Linux Distros specially dedicated to IT domain of the Hacking and Pentesting, such as:

  1. Time: Based on Debian -> https://www.kali.org/
  2. Parrot: Based on Debian -> https://www.parrotlinux.org/
  3. BackBox: Based on Ubuntu -> https://www.backbox.org/
  4. Caine: Based on Ubuntu -> https://www.caine-live.net/
  5. Demon: Based on Debian -> https://www.demonlinux.com/
  6. Bugtraq: Based on Ubuntu, Debian and OpenSUSE -> http://www.bugtraq-apps.com/
  7. ArchStrike: Based on Arch -> https://archstrike.org/
  8. BlackArch: Based on Arch -> https://blackarch.org/
  9. Pentoo: Based on Gentoo -> https://www.pentoo.ch/
  10. Fedora Security Lab: Based on Fedora -> https://pagure.io/security-lab
  11. WiFisLax: Based on Slackware -> https://www.wifislax.com/
  12. Dracos: Based on based on LFS (Linux from Scratch) -> https://dracos-linux.org/
  13. Samurai Web Testing Framework: Based on Ubuntu -> https://github.com/SamuraiWTF/samuraiwtf
  14. Network Security Toolkit: Based on Fedora -> https://sourceforge.net/projects/nst/files/
  15. DEFT: Based on Ubuntu -> http://na.mirror.garr.it/mirrors/deft/
  16. OnionSecurity: Based on Ubuntu -> https://securityonion.net/
  17. Santoku: Based on LFS based -> https://santoku-linux.com/
  18. Other abandoned projects: spyrock, Beini, XiaopanOS, Live Hacking, Blackbuntu, STD, NodeZero, Matriux, Ubnhd2, and PHLAK.

Import GNU / Linux Distros Repositories for Hacking and Pentesting

However, many of us use GNU / Linux Distros mothers or traditional directly, such as Debian, Ubuntu, Arch, Gentoo or Fedora, and we only have to install the Hacking and Pentesting applications through our Package manager included.

And since many of the traditional repositories do not include the complete or the most up-to-date tools in force, we have to incorporate the repositories of the GNU / Linux Distros equivalent specialized programs based on ours, that is, if we use Debian GNU / Linux we must import the repositories of Kali and Parrot, for example, to later install them. Of course, respecting the package versions of Debian GNU / Linux with those of these specialized Distros to avoid the irreparable rupture of packages or the entire Operating System.

Procedure

To import the Kali repositories on Debian the following procedure should be performed:

  • Incorporate in your own or new .list file, a suitable repository of said Distro, among which are the following:
# deb http://http.kali.org/kali kali-rolling main non-free contrib
# deb http://http.kali.org/kali kali-last-snapshot main non-free contrib
# deb http://http.kali.org/kali kali-experimental main non-free contrib
  • Add the keys requested from the repositories using the following commands:
# sudo gpg --keyserver hkp://keys.gnupg.net --recv-key 7D8D0BF6
# sudo gpg -a --export ED444FF07D8D0BF6 | sudo apt-key add -

To import the Parrot repositories on Debian the following procedure should be performed:

  • Incorporate in your own or new .list file, a suitable repository of said Distro, among which are the following:
# deb http://deb.parrotsec.org/parrot rolling main contrib non-free
# deb http://deb.parrotsec.org/parrot stable main contrib non-free
# deb https://deb.parrot.sh/parrot/ rolling main contrib non-free
# deb https://deb.parrot.sh/parrot/ rolling-security main contrib non-free
# deb http://mirrors.mit.edu/parrot/ parrot main contrib non-free # NORTEAMERICA
# deb https://mirror.cedia.org.ec/parrot/ parrot main contrib non-free # SURAMERICA
# deb https://ba.mirror.garr.it/mirrors/parrot/ parrot main contrib non-free # EUROPA
# deb https://mirror.yandex.ru/mirrors/parrot/ parrot main contrib non-free # ASIA
# deb http://mjnlk3fwben7433a.onion/parrot/ parrot main contrib non-free # RED TOR
  • Add the keys requested from the repositories using the following commands:
# sudo gpg --keyserver hkp://keys.gnupg.net --recv-key 6EB1660A
# sudo gpg -a --export B56FFA946EB1660A | sudo apt-key add -

After this, we only have to install our known, favorites and most updated Hacking and Pentesting applications of these repositories, taking great care not to break our Debian GNU / Linux Operating System. For the rest of the GNU / Linux Distros mothers or traditional, the same should be done with their equivalents, as in Arch following the following example with BlackArch.

Since, otherwise, the last option would be the download, compile and install of each tool Hacking and Pentesting separately from their official websites, which is sometimes recommended. And if anyone has no idea which tool Hacking and Pentesting would be ideal to know and install you can click the following link to get started. Although there is also the simple possibility of installing «Fsociety: An excellent pack of hacking tools«.

Generic image for article conclusions

Conclusion

We hope this "useful little post" about «¿Cómo adaptar nuestras Distros GNU/Linux al ámbito TI del Hacking y el Pentesting?», exploring various methods or alternatives, such as the direct installation of applications from the own or external repositories, or using independent applications available, is of great interest and utility, for the entire «Comunidad de Software Libre y Código Abierto» and of great contribution to the diffusion of the wonderful, gigantic and growing ecosystem of applications of «GNU/Linux».

And for more information, always do not hesitate to visit any Online library as OpenLibra y jedit to read books (PDFs) on this topic or others knowledge areas. For now, if you liked this «publicación», don't stop sharing it with others, in your Favorite websites, channels, groups, or communities of social networks, preferably free and open as Mastodon, or secure and private like Telegram.

Or simply visit our home page at DesdeLinux or join the official Channel Telegram from DesdeLinux to read and vote for this or other interesting publications on «Software Libre», «Código Abierto», «GNU/Linux» and other topics related to «Informática y la Computación», and the «Actualidad tecnológica».


2 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   fedorian21 said

    For Fedora / Centos / RHL users, since fedora maintains a spin called Security Lab, you can download it from https://labs.fedoraproject.org/en/security/
    It is not as complete as Kali but it has quite a few utilities.
    or if you already use Fedora install it from the terminal with
    sudo dnf groupinstall "Security Lab"
    or from centos importing the repos.

    1.    Linux PostInstall said

      Greetings Fedoriano21. Excellent contribution, thank you for your comment.