Security Distributions


BackTrack is a distribution based off of what used to be WHAX and Auditor . It is a full size distro built off of SLAX.

BackTrack Page | Download | Status: Active


DEFT (acronym of "Digital Evidence & Forensic Toolkit) is a customized distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics.

DEFT Page | Download | Status: Active


"Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics."

Helix Page | Download | Status: Active

Network Security Toolkit ( NST )

"This bootable ISO live CD is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms."

Network Security Toolkit ( NST ) Page | Download | Status: Active


"Frenzy is a "portable system administrator toolkit," LiveCD based on FreeBSD. It generally contains software for hardware tests, file system check, security check and network setup and analysis. Size of ISO-image is 200 MBytes (3" CD)"

Frenzy Page | Download | Status: Active


"grml is a bootable CD (Live-CD) based on Knoppix and Debian. grml includes a collection of GNU/Linux software especially for users of texttools and system administrators. grml provides automatic hardware detection. You can use grml for example as a rescue system, for analyzing systems/networks or as a working environment." -

grml Page | Download | Status: Active


"The     ophcrack LiveCD contains a small linux system (SLAX6), ophcrack    for linux and rainbow tables for alphanumerical passwords.The liveCD cracks passwords automatically, no installation necessary, no     admin password necessary (as long as you can boot from CD). Windows Vista SAM can also be cracked."

Ophcrack Page | Download | Status: Active

OSWA Assistant

"The OSWA-Assistant™ is a self-contained, freely downloadable, wireless-auditing toolkit for both IT-security professionals and End-users alike."—

OSWA Assistant Page | Download | Status: Active


The Samurai Web Testing Framework is a LiveCD focused on web application testing. We have collected the top testing tools and pre-installed them to build the perfect environment for testing applications.

Samurai Page | Download | Status: Active


Chaox-NG Page | Download | Status: Active


GnackTrack is a Live (and installable) Linux distibution designed for Penetration Testing and is based on Ubuntu. Although this sounds like BackTrack, it’s most certainly not; it’s very similar but based on the much loved GNOME!

GnackTrack Page | Download | Status: Active


Matriux Page | Download | Status: Active


Katana Page | Download | Status: Active


NodeZero Page | Download | Status: Active

BackBox Linux

BackBox Linux Page | Download | Status: Active


BlackUbuntu Page | Download | Status: Active


WeakerTh4n Page | Download | Status: Active


Caine Page | Download | Status: Active


Bugtraq Page | Download | Status: Active


The most advanced penetration testing distribution, ever.From the creators of BackTrack comes Kali Linux, the most advanced and versatile penetration testing distribution ever created. BackTrack has grown far beyond its humble roots as a live CD and has now become a full-fledged operating system.—

Kali Page | Download | Status: Active


BlackArch Linux is a lightweight expansion to Arch Linux for penetration testers and security researchers.

BlackArch Page | Download | Status: Active

Damn Vulnerable Linux ( DVL )

"Damn Vulnerable Linux (DVL) is a Linux-based tool for IT-Security. It was initiated for training tasks during university lessons by the IITAC (International Institute for Training, Assessment, and Certification) and S²e - Secure Software Engineering in cooperation with the French Reverse Engineering Team." -

Damn Vulnerable Linux ( DVL ) Page | Download | Status: Inactive


"The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier." -

Auditor Page | Download | Status: Inactive


"knoppix-nsm is dedicated to providing a framework for individuals wanting to learn about Network Security Monitoring or who want to qucikly and reliably deploy NSM in their network. Our goal is to provide an introduction to NSM and a distribution that can be used as a launch pad to bigger things."

Knoppix-NSM Page | Download | Status: Inactive


"STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer." -

Knoppix-STD Page | Download | Status: Inactive


"a bootable distribution containing all the tools and materials needed for practising methods and techniques described in the hackin9 magazine"

Hakin9 Page | Download | Status: Inactive


" The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators" -

KCPentrix Page | Download | Status: Inactive


"The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome,, and Evolution." -

nUbuntu Page | Download | Status: Inactive

OWASP Labrat

"The OWASP Live CD (LabRat) is a bootable CD akin to knoppix but dedicated to Application Security. It shall serve as a vehicle and distrubition medium for OWASP tools and guides."

OWASP Labrat Page | Download | Status: Inactive


Protech is a specially designed Linux distribution for security technicians and programmers.
It’s imcomparable usability and stability makes this a unique product.    -Techm4sters

Protech Page | Download | Status: Inactive


"FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment."

FIRE Page | Download | Status: Inactive


Arudius is a Linux live CD with tools that try to address the network security aspect (penetration testing and vulnerability analysis) of information assurance. It is based on Slackware (Zenwalk) for i386 systems and targets the information security audience.

Arudius Page | Download | Status: Inactive


"INSERT is a complete, bootable linux system. It comes with a graphical user interface running the fluxbox window manager while still being sufficiently small to fit on a credit card-sized CD-ROM."

INSERT Page | Download | Status: Inactive

Local Area Security ( LAS )

Local Area Security ( LAS ) Page | Download | Status: Inactive


"Navyn OS is a gnu/linux distribution based on Gentoo. Gentoo isn’t a typical distribution like Debian or Slackware, it doesn’t even have an installer, it is similar to making your own distribution. The main part of Gentoo is portage, a set of scripts for installing and removing programs." -

NavynOS Page | Download | Status: Inactive


"Operator is a complete Linux (Debian) distribution that runs from a   single bootable CD and runs entirely in RAM." -

Operator Page | Download | Status: Inactive


"Pentoo is a penetration testing LiveCD distribution based on Gentoo. It features a lot of tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities."

Pentoo Page | Download | Status: Inactive


"PHLAK is a modular live security Linux distribution (a.k.a LiveCD). PHLAK comes with two light gui’s (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf." -

PHLAK Page | Download | Status: Inactive


"PLAC is a business card sized bootable cdrom running linux. It has network auditing, disk recovery, and forensic analysis tools. ISO will be avialable and scripts to roll you own cd."

PLAC Page | Download | Status: Inactive


"Plan-B is a bootable Linux environment without       the need for a hard drive, it runs entirely in ram or from the cd, based       on a basic, stripped installation of Red Hat Linux and the fundamental       workings of the SuperRescue CD" -

Plan-B Page | Download | Status: Inactive


"SENTINIX is a GNU/Linux distribution designed for monitoring, intrusion detection, vulnerability assessment, statistics/graphing and anti-spam. It’s completely free; free to use, free to modify and free to distribute. SENTINIX includes the following software, installed and pre-configured; Nagios, Nagat, Snort, SnortCenter, ACID, Cacti, RRDTool, Nessus, Postfix, MailScanner, SpamAssassin, openMosix, MySQL, Apache, PHP, Perl, Python and lots more." -

SENTINIX Page | Download | Status: Inactive


"Talos is a security LiveCD, based on SLAX 5.1.0 with over 90 security tools preinstalled. It runs directly from the CD without the need to install on the harddisk. Talos is currently on BETA version 0.1 and its available to download."

Talos Page | Download | Status: Inactive


ThePacketMaster - Mission-Specific Live-CD Linux Distributions -

ThePacketMaster Page | Download | Status: Inactive


Minimal ramdisk linux distribution meant for network monitoring.

Trinux Page | Download | Status: Inactive


A linux distribution for WarDrivers.

WarLinux Page | Download | Status: Inactive


"Whoppix is a stand-alone penetration-testing live CD based on KNOPPIX. With the latest tools and exploits, it is a must for every penetration tester and security auditor. Whoppix includes several exploit archives, such as Securityfocus, Packetstorm, SecurityForest and Milw0rm, as well as a wide variety of updated security tools." -Distrowatch

Whoppix Page | Download | Status: Inactive


Updated project from Whoppix. Currently discontinued and merged with BackTrack.

WHAX Page | Download | Status: Inactive


HeX is a live security distribution that focuses on security monitoring and forensics.

HeX Page | Download | Status: Inactive

Stagos FSE

"Stagos FSE aims to be a computer forensic framework based on FLOSS operating system. Builds from Ubuntu, it has many feature to do forensics stuff. It supports read variant filesystem, include ntfs. It also support read some forensic imaging file from another forensic software such like ENCASE."

Stagos FSE Page | Download | Status: Inactive


snarl is a bootable forensics ISO based on FreeBSD and using @stake’s autopsy and task as well as scmoo’s list of known good checksums.

SNARL Page | Download | Status: Inactive


The Gnu/Linux boot CD-Rom is made by the Belgian Federal Computer Crime Unit (FCCU)
It’s based on the KNOPPIX Live CD version 4.02 by Klaus Knopper.
The main purpose of the CD : help the forensic analyze of computers
All scripts made by the FCCU begin with the "fccu" prefix

FCCU Page | Download | Status: Inactive


Russix is a Slax based Wireless Live Linux. It has been designed to be light (circa 230Mb) and dedicated purely   to wireless auditing. It is not a script kiddy phishing tool and as such, while it will   allow you to break a WEP key in 6 key strokes and conduct an "Evil Tiny   Twin" attack in less than 5, it will not let you become the latest   version of Barclays Bank.

Russix Page | Download | Status: Inactive


SECmic3 is a Kubuntu 10.04 LTS Lucid Lynx based security distribution. It is FREE to download, and will be forever. It comprises over 200 security oriented applications preinstalled. SECmic3 is Ubuntu/Kubuntu update compatible. Meaning you will be able to receive security updates directly from the Ubuntu/Kubuntu repositories for the lifetime of this Kubuntu 10.04 LTS based release. SECmic3 is a Remastersys backup. SECmic forums have been setup to allow you, the user, to voice your opinions, identify bugs related to this release and to allow us to include new application that you suggest in future releases. You will never hear anyone from SECmic tell you “If you don’t like it, build your own security distro.” We welcome ALL comments for improvement. Donations may include test hardware and monetary values using the donate link at the top-right of the page. -

SECmic Page | Download | Status: Inactive


Securix-NSM Page | Download | Status: Inactive