Is Linux Good for Ethical Hacking?
Linux is commonly the preferred operating system used by Ethical Hackers and 'Infosec' professionals due to the following factors.
Linux is commonly the preferred operating system used by Ethical Hackers and 'Infosec' professionals due to the following factors.
The open source system enables access to its entire code. A user can manipulate how each component of the operating system works, enabling very granular levels of control and infinite customisation.
Linux can be used without any licensing cost to the individual – again the advantages of this mean it is very easy to get hold of a Linux distribution and start to use it right away.
Using the shell on a Linux distribution makes it very easy to perform repetitive tasks and perform complex automation tasks relatively easily.
The use of the powerful Python language means that creating code that is highly functional and easily portable is more easily achieved than on a proprietary operating system.
The majority of specialist tools required to perform Ethical hacking and other security-related functions are created for Linux. This is due to the aforementioned reasons and removes the restrictions placed on a developer using a proprietary operating system.
No particular Linux distribution ‘distro’ can be considered ‘the best for Ethical Hacking’ due to the diverse nature of distributions and personal preference. Different flavours of Linux can be used in different scenarios, some are quite ‘heavy’ meaning their default toolset and resources used to perform tasks mean they are better suited for powerful machines and everyday use. Some distributions are designed to be lightweight in their use of resources and have a restricted toolset and are used for specific environments (for example a penetration tester on a ‘Red Team’ engagement may use a light version of Linux to use on a ‘drop box’ to place within a target organisation).
A common Linux distribution used by Ethical Hackers and ‘Infosec’ professionals is the ‘Kali‘ Linux distribution created by Offensive Security. Offensive security is a very highly regarded organisation that provide training and industry-recognised qualifications for Penetration testing and Ethical hacking. This is a very popular Debian based ‘distro’ due to being custom-designed for the use of penetration testing/ethical hacking and the amount of commonly used tools that are pre-installed in Kali (over 600).
Kali is frequently updated and has multiple versions designed to run on different platforms, such as an ARM variant that runs on Raspberry PI devices, a variant that can run in Android devices (Net Hunter) and versions for most bare-metal installations.
Additionally, pre-built virtual images for most hypervisors are available and are a very popular choice for Ethical Hackers due to their portability and isolation from the main Operating system.
New tools are regularly added that have been tested and tweaked to run smoothly on the distro, also old unsupported tools are removed from new releases. There are additional tweaks that can help ethical hackers such as the ability to change the look and feel of the distro to one that at first glance resembles a Windows environment with one quick command, this is very useful for covert red team engagements in scenarios where you may be seen.
If you like this blog post, find more content in our Glossary.