Can I use Ubutnu Linux to hack

Linux for Ethical Hacking and Penetration Testing - the best hacking distros in comparison

Overview as well as advantages and disadvantages of different distros

Almost every budding hacker has probably asked himself what is the best operating system for hacking. And as always, with this type of question, there is unfortunately only one general answer: It depends ... There are various specialized Linux-based operating systems that are suitable for this task. This article introduces the most important ones and helps you decide on a favorite.

Basically, it is a question of personal taste which platform a hacker or penetration tester uses for his hacking activities. However, there are differences that can play a role in the decision-making process. Even if there is a lot to be said for one of the specialized Linux distributions, this is by no means the only option.

Alternatives to Linux platforms

Many hackers grew up with Windows. So what could be more natural than to use a system that the hacker has already become familiar with? Another argument for the relevance of Windows as a hacking system is that it is so widespread that such a system is available almost everywhere. In addition, there is a huge number of hacking tools that were written exclusively for Windows, even if there are corresponding Linux alternatives for most tools these days - but often not with a graphical user interface and therefore less user-friendly. Windows should at least be used as an additional platform for those cases in which Windows-based hacking tools lead to better results than their Linux counterparts (if they exist).

Other hackers use Apple's macOS as their main platform. Apple computers, for example, are widespread in the creative and design scene, but developers also like to use them. Both are industries that have some intersections with the field of hacking. For historical reasons, Linux and Apple operating systems are compatible in many respects, which enables hackers, for example, to work with a shell on the Mac and also to use many of the programs available under Linux.

Linux-based hacking distros

Many hackers and penetration testers choose Linux as their primary platform for the most common hacking activities. In principle, it is possible to use almost all Linux-based hacking tools with almost any distribution. Nevertheless, the specialized distributions make life easier, as the most common hacking software is already put together and made available in an optimized manner.

There is a larger selection of Linux distributions that specialize in hacking and IT security. The best hacking distributions are characterized by their large and active community as well as easily understandable and detailed documentation. But what makes Linux a particularly suitable platform for hacking in general is the underlying idea of ​​the "Free and Open Source Software" (F / OSS). The operating system and most of the software supplied is freely available or open source.

This gives every user the opportunity to learn how a computer system works beneath the surface. Theoretically it is possible to read every single function of a program in the source code. It is through this deeper understanding of a computer system that certain technical hacks can be developed and understood by other users in the first place. But beginners and those switching can also use a Linux system without any problems, as almost every distribution has a graphical user interface that is largely intuitive to use and thus makes getting started a lot easier. It is by no means necessary to analyze the source code of programs in order to work with them.

The Linux command line

That brings us to the first challenge that Linux beginners have to face: In contrast to Windows, the music on Linux mainly plays in the command line. In most hacking scenarios, the user will have to open one (or more) terminal windows and enter command line commands. Many hacking tools are command line based and do not offer a graphical user interface. Instead, various switches (Options called) and parameters appropriately configured the program to achieve the desired goal. This makes familiarization with the use of a tool more demanding, but on the other hand enables a level of performance that a graphical user interface could often not represent at all or at least not meaningfully.

In addition, the Shell, i.e. the command line-based environment under Linux, very powerful and not only supports a large number of commands for efficient system administration but also provides the option of automating routine tasks with its own script language in order to process otherwise complex, recurring work more efficiently and to optimize work processes. In addition, the common distros support various script languages ​​such as Python, Ruby, Perl, etc. by default. The reasons mentioned, supplemented by the ability to adapt the Linux system to your own requirements down to the last detail, make Linux an extremely hacking platform suitable.

Kali Linux - the top dog

Kali Linux is probably the most widely used operating system in the field of hacking and IT security. The developers of Offensive security, the company behind Kali Linux, are clearly addressing their distribution to penetration testers and IT security researchers. The distribution is based on Debian GNU / Linux and can be downloaded from There are different versions, and pre-assembled VM images are also available for download for VMware and VirtualBox.

Figure 1: Kali Linux

Originally under the name BackTrack known, Kali Linux looks back on a relatively long history. The developers are accordingly experienced and the community around Kali is correspondingly large, which is a strong argument for this distribution. Kali comes with a large number (600+) of security analysis programs - another word for hacking tools. There are also countless tutorials, documentation, forum and blog entries. Offensive Security itself also provides various tutorials and introductions on its website, including as part of the free and highly recommended online course Metasploit Unleashed, at Especially as a beginner in the field of hacking and pentesting, but also for expert questions, these are very important and easy to use sources of information.

A new version is published every quarter and the functionality is further developed. Different modes are provided, such as a Forensic mode for the analysis of security incidents. The Undercover mode was added in Kali 2019.4 and camouflages the desktop surface as a Windows system in order to be able to operate more inconspicuously in busy environments. With Kali 2020.1, Offensive Security has switched the standard desktop environment from GNOME to Xfce, making Kali leaner and more resource-efficient and thus invalidating one of the main points of criticism. Those who bet on the top dog are certainly not doing anything wrong and this distribution is particularly recommended for beginners, as it is mature and reliable, is very well maintained and has probably the largest community of all hacking distributions.

Parrot Security OS

Parrot Security OS is a very young, but nevertheless strong challenger in the race for the best hacking distribution. There is also an active community among users that has already solved many of the initial problems. Just like Kali, Parrot is based on the Debian GNU / Linux distribution, is free software, open source and is regularly updated.

On the clear and modern website at there are many tips and tutorials that enable a quick and easy introduction. Parrot is also provided in different versions. The basic choice is Home edition (without special security programs) and Security edition (including hacking and forensic tools). Hackers and penetration testers download the Security Edition in one of the variants offered. In addition to various user interfaces, such as MATE and KDE, not only the installable ISO files, but also, as with Kali, finished VirtualBox OVA files are offered. These can easily be imported into VirtualBox and are well suited for initial tests.

Parrot is a relatively lightweight operating system and does not consume a lot of resources on the hardware side. In addition to the regular installation, which can optionally also be encrypted, it can be booted as a live system or installed in persistent mode on a USB stick, for example. All of this is admittedly also offered by Kali and is not a unique selling point. Parrot offers a nice and tidy interface without hiding too much from the user. The desktop is unusually colorful for a distribution specializing in pentesting, which is probably due to the name (Parrot = parrot).

Figure 2: Parrot desktop (MATE)

Kali is also the godfather for Parrot in terms of software selection, whereby the latter in the application menu, unlike Kali Linux, is not fully focused on the security analysis tools, but only summarizes them under one of many other menu items.

Figure 3: Comparison of the Parrot and Kali application menus

This means that important tools such as browsers, word processors or development environments are more easily accessible and not hidden away. Parrot offers program categories that are in some cases sensibly coordinated with one another, some of which cannot be found on other hacking distributions. There is, for example, the privacy category, which has a number of tools that allow you to navigate the Internet anonymously. This also counts Anon Surf as an alternative or supplement to the Tor network. Activating this function deactivates programs that could endanger privacy. From now on, all internet traffic is routed through the Tor network.

So if you are looking for a directly comparable alternative to Kali Linux, you should definitely give Parrot Security OS a chance. The system is still quite young and in some places this is also reflected in the degree of maturity, but the distribution is still very up-and-coming and, due to its user-friendly operation, may even be better suited for one or the other beginner than Kali Linux.

BlackArch Linux

While Kali Linux and Parrot OS are also suitable for everyday work in desktop use (Parrot Home OS is even intended for this purpose), BlackArch Linux is a variant for the exclusive use as a hacking and pentesting platform. BlackArch is based on Arch Linux and can be set up as an unofficial repository on top of it or, the other way around, supplemented by appropriate applications from the Arch Linux repository.

Anyone who finds the more than 600 tools integrated in Kali impressive will be delighted by the more than 2400 programs that BlackArch brings with it. BlackArch is in a league of its own here. The tools can be installed individually or sorted by groups. The distribution places a special emphasis on text-based work, so graphics generally don't play a major role.

BlackArch Linux can be obtained from in various versions, some of which require an unusually large amount of storage space. First, there is the regular live ISO image with a size of 15 GB. As an alternative, the website offers a live NetInstall ISO image with a size of almost 500 MB. Both variants optionally allow a permanent installation on the system after the start. On the other hand, if you only want to “quickly” test the distribution via the offered OVA image for VirtualBox once, be warned: The image is 35 GB in size and includes the entire scope of the available software!

In contrast to Debian-based distributions, BlackArch Linux always uses the latest available software packages. This includes the kernel, system components and libraries, as well as applications such as browsers and other software. Nevertheless, the distribution has been well tested and is usually reliable and stable when it is released.

BlackArch Linux presents itself simply and in contrast to other hacking distributions only with a selectable window manager instead of a full desktop environment. As a result, everything is optically more minimalist, of course, which looks quite stylish and is in line with a hacking distribution.

Figure 4: BlackArch Linux is minimalist

Here, however, the biggest sticking point with BlackArch is revealed: The distribution is not suitable for beginners and users of other Linux distributions should also first deal with Arch Linux before they dare to take the step to BlackArch. However, if you are not afraid of familiarization and the low level of user-friendliness, you can expect a comprehensive, professional platform that is fully geared towards hacking and penetration testing and which makes very little demands on the hardware.

Other hacking distributions

In addition to the ones presented so far, there are a number of other Linux distributions specializing in hacking, forensics and security analysis. Below is an overview with a brief introduction:


One of the more mature security distributions is Backbox, available at It is based on Ubuntu, so ultimately on Debian GNU / Linux again. While other distributions focus on hacking, Backbox tries to cover all relevant, related topics and provides the most common tools for this. Similar to Parrot Security OS, the security focus is not immediately and exclusively imposed in the application menu of Backbox, whereby the extensive collection of security auditing and hacking tools sorted by category is made available via the menu item Auditing.

Figure 5: BackBox is very user-friendly

There are further analogies to Parrot: There is also an Anonymous menu item on Backbox, which enables a high degree of anonymization in communication with the Internet via the Tor network. Furthermore, the Backbox is also designed for simple user guidance and is therefore also well suited for beginners. Backbox specializes in security auditing tasks, but is also suitable for daily use as a desktop system even on older hardware, as it requires few resources. As an Ubuntu derivative, Backbox is designed for ease of use and enables the installation of the complete Ubuntu software from the official repositories.


As the name suggests, Pentoo is based on Gentoo Linux and represents a variant with a security focus. Gentoo is a Linux distribution that is aimed at advanced users and offers a high degree of customization options. The price for this is the willingness to work through extensive documentation. While Gentoo usually first has to be compiled and set up with a lot of manual work, Pentoo is offered as a live CD that can be started without any problems in order to make Pentoo available.

Figure 6: Pentoo based on Gentoo

Pentoo can also be used as an overlay for an existing Gentoo installation. The most common security auditing tools can be found in the corresponding submenus in the application menu under Pentoo. Due to the lack of accessibility, Pentoo should primarily appeal to users who already work with Gentoo.


A project that focuses solely on forensic analysis is CAINE, a live distro developed and maintained in Italy. CAINE stands for Computer Aided Investigative Environment and is based on Ubuntu. The distribution was created in 2008 after Russian hackers carried out a large-scale attack on numerous Italian servers and the forensic analysis of the events and the damage caused had to be recorded in a judicial manner.

The ISO image is available for free download at In contrast to other forensic tools, CAINE has a user-friendly interface and thus facilitates access so that it can also be used by ambitious private users.

Figure 7: CAINE (Source:

The desktop is based on MATE and the application menu under Forensic tools provides a large number of tools for forensic analysis. Existing hard disks are only mounted in read-only mode by default, so that inadvertent write access cannot occur. Permanent installation is also possible if many mobile data carriers are to be examined with CAINE, as this would not be practical with a live DVD or a USB stick.

CAINE offers a very good forensics platform, but is therefore not a hacking distribution in the true sense of the word, but serves exclusively to analyze hacking attacks in retrospect.But of course this is also an interesting field of activity for hackers, not least to learn by changing perspective which tools and techniques are used for forensic analyzes and which insights can be gained from them.


Linux is undisputed and the most popular platform for hackers for good reason. Thanks to Kali, Parrot & Co., hackers and penetration testers can draw on unlimited resources and receive specialized Linux distributions with countless hacking and security audit tools in one package. Even if Kali Linux is the most popular distribution, there are a number of interesting alternatives from which hackers and penetration testers can choose their personal favorites. However, it is fundamentally important not to focus on just one operating system and platform, but to remain flexible and cope with different environments. A hacker does not take a ready-made path, but uses what is available and works in the respective situation.