For penetration testing there are several tools/software that is used within the industry. You could go and download each of these software programs individually, but this isn’t usually how it’s done. The more efficient and industry standard way is to use a pre-made distribution which comes installed with all the penetration testing tools you would need to do your job. Two of the most popular distributions for penetration testers are known as Kali Linux and Parrot OS. Here I go into what both are and why they are so important if you’re interested in being a professional hacker.
What is a Linux Distribution?
This term is important because both Kali Linux and Parrot OS are Linux distributions. So firstly, Linux is an operating system just like windows and mac OS. In fact Mac and Linux share a lot of similarities, many of the command line arguments that you use on Linux work on Mac.
A Linux distribution is a modified version of the base operating system. So rather than just having the plain Linux operating system, a Linux distribution may come with certain applications pre-installed. In the case of Kali Linux and Parrot OS, these distributions come with several applications related to security work and that’s what makes them so unique. So essentially, a Linux distribution is a Linux operating system with pre-installed applications.
Why use a Linux Distribution?
Save time: It’s much faster to download one of these pre-made distributions than to go out and download all the security tools individually.
Learn Linux: Having a sound understanding of Linux is important overall within Cybersecurity. So it’s worth investing some time to learn how to navigate Linux environments.
Industry Standard: As of right now Linux distributions, especially Kali Linux is the industry standard for penetration testing. If you’re looking to get a job within the field you should be familiar with the platform, it’s good to know the tools individually but hiring managers will be looking for people that specifically know Kali Linux.
Kali Linux
I’ll start with Kali Linux because it’s probably the most popular of the two and if you’re looking to work in the penetration testing field I would suggest starting here. Kali Linux is considered the “Swiss army knife” of penetration testing. It comes with several security tools such as Nmap, Wireshark, Burpsuite and Metasploit to name a few. Another benefit of Kali Linux is the community support, because so many people use Kali if you ever run into trouble or you want to follow along on a tutorial there are endless YouTube videos that you can follow. This includes many hacking tutorials on platforms like Hackthebox, where people complete challenges using Kali Linux. The community support is huge.
If you’re interested in downloading and getting started with Kali Linux you’re first going to need to download a virtualization software because Kali Linux is normally run as a VM not as someone’s primary operating system. People usually use Oracle VirtualBox but some people also use VMware. Once you have that you can get the Kali Linux iso from www.kali.org and run it in the virtualization software. Rather than type out the whole process I have put a YouTube video below that you can follow along with. If this video is removed or is just not working in your particular situation, you can simply search Kali Linux setup on YouTube and you can easily find walkthroughs on how to get it setup.
Parrot OS
Parrot OS is another Linux distribution that comes pre-installed with security tools. One of the main advantages of Parrot OS compared to Kali Linux is that parrot OS is considered lightweight. This means that it requires much less disk space and processing power to run effectively. In fact, Parrot OS is designed to be able to run effectively from a USB stick while Kali Linux doesn’t run too well this way and is usually installed in a VM. Now, one disadvantage of Parrot OS is that it’s not as beginner friendly as Kali Linux and it doesn’t come with as many tools. Parrot OS is more of a use case specific distribution where you’re looking for something more lightweight than Kali Linux.
Conclusion
It’s important to note that both distributions are designed with security in mind, so both are very good for penetration testing. Overall, I would recommend Kali Linux because it’s more widely used by the community so there’s more tutorials, support and it will be easier to learn, especially for a beginner. However, it’s important to note that once installed both distributions can be customized, so you can download new tools, change the look of the background etc. It’s an operating system so you can change it however you like, but the option you choose does affect what tools you start with and the requirements for your computer system. If you are very low on space or looking to run it from a USB then you might want to consider using Parrot OS instead of Kali Linux.