Is it possible to create penetration testing OS based on Slackware current?
Hello friends!
I was wondering if it is possible to create Penetration testing OS on top of Slackware current. I think Slackware fits to penetration testing OS much more than others, which is more stable, secure, reliable, portable ( can be run on modern and older). But it lacks package management ( may be it is good side ) that it will be hard to create ( I mean compiling packages ). But once it is created, it will be best OS on the market. Imagine more stable, simple, configurable and no systemd distro with hacking tools. << Sorry if I made mistakes on English and misunderstandings on Linux world >> |
I'm pretty sure any distro can be used for penetration testing. It's just a matter of having the right tools. But I'm not a pen tester so I could be wrong.
|
|
I'm sure if you browse through SlackBuilds you'll find a lot of the tools used in penetration testing.
|
|
|
I think that the closest to a PenTest distro based on Slackware is WifiSlax, a security focused distro...and it's still active! \o/
https://distrowatch.com/?newsid=09504 |
Quote:
|
I have never used wifislax, so I might be wrong, but it emphasizes to wireless analysis rather than exploiting or vulnerability assessment.
I got this point from distrowatch. |
Hello Victor001. I think your question disregards a basic fact about Linux. The question shouldn't be about a distro but rather about a kernel. A distro is basically just a collection of packages built on top of the foundation, the kernel. Init systems and package managers may vary but once up anything available as source can be compiled and run assuming dependencies are met which simply may be compiling and installing those first. So to answer your question in it's present form of course Slackware can install and utilize any application that is being run on any distro with a moderately similar kernel. Any tools to get there and/or duplicate what another distro has is just a set of "work to do". It is literally possible, and not at all difficult, to make a list of what Kali (or whatever the latest so-called pen testing distro may be called) has and duplicate it.
|
If I was going to make a Slackware system for penetration testing I would definitely build a live system using alienBOB's live slack scripts. It requires having a full installation of Slackware on bare metal to build the live system and any additional packages added from SlackBuilds.org.Slackware doesn't come with any penetration testing tools aside from maybe network diagnostic tools, such as, nmap, ping, nc, arp, etc. (the basics). It does come with Python, Perl and Ruby out of the box. Many penetration testing tools require those languages to function and are typically languages used by pen testers to pull together a quick hack. I can name a few tools that I actively maintain (although some are a bit dated): sqlmap, driftnet, nikto, hping3, the Impacket library. There are many more available to build, most pen test tools are avaliable on SBo.
To maintain such a system I would use David Spencer's slackrepo to create all the third party packages required. Then I would decide what was missing and create my own Git repo to track build scripts for those, possibly contributing them back into SlackBuilds.org. It would be a huge undertaking, but not as huge as if you were to roll your own distribution based on Slackware. The liveslack scripts will enable you to have a read only system, with encryption + persistence, a reproducible environment for quick deployment, and an extendible (future proof) platform to work off of. |
i have some packages of things not found on SBo at wigums.ddns.net/packages
and for the slackbuilds themselves (they all download the sources for you) try http://bitbucket.org/wigums im always adding more so check back often. eventually i create an iso with all the goodies in it http://wigums.ddns.net/hackware.html |
All times are GMT -5. The time now is 02:59 PM. |