Kali vs BlackArch vs Parrot Sec

Which is the best Linux Distro for penetration testing and Why?

Kali or BlackArch or Parrot Security OS? Which one should I choose to begin my journey as a security researcher?

I think you should find it out by yourself, every person is different and everyone likes different things. You can try installing this systems on a VM one by one and just test them.

From my experience the most beginner friendly pentesting OS is Kali. It has most of the things preinstalled and all of them are ready to go. Parrot OS is pretty much the same, but I had sometimes problems with a tools written in python, but I was able to fix them in tens of minutes. (it was quite a long time ago and I think a lot of things could change from back then). BlackArch on the other hand is very different, BlackArch as name says is based on Arch Linux which is not very beginner friendly OS. It will probably take you some time to install and configure it if you haven’t had a contact with Arch Linux before. It’s definitely not a ready to go system.

Kali linux is also my favourite. Thanks for recommending me.

We have a wiki for this Services and Tools. I just pulled all of the configs from ParrotSec OS that I’ve used to a vanilla Debian VM and loaded them onto there and it works fine for my needs.

I am a big fan of Kali because it is simple, and if you know Debian and Tails you will feel at home. But Parrot does feel more extensive and modern.

What I really want to do is to find a pentest course I can do and I guess I will stick to whatever they use so that might be a key question?

mrQbits, I’m also starting out and i hope we get to chat more and share info.

Thanks for sharing. We can help each other

BlackArch for me <3 <3

The distro doesn’t really matter, as you’ll be using programs that can be used/installed on almost any distro out there

Personal opinion, but if you’re new to linux I’d suggest using something beginner-friendly such as Linux mint and building up your knowledge from there, then try a bunch of other distroes and see what suites you the most, you can’t really go wrong with what you choose, it’s just a matter if tastes

I personally swear to ParrotSec before Kali <3

Yeah, it is more beginner friendly.

This. I never actually used a hacking distro for a very long time. I started with Ubuntu in order to get myself familiar with Linux, then, by the time I was ready to move on, I made one from scratch using Artix. Recently made the move to Kali for compatibility purposes, but your best bet is starting with something simple like Ubuntu, getting some tools, learning how to install them, how they actually function, and go from there.

NOT BLACKARCH blackarch has loads of useless tools that are outdated and takes up lots of space and time i recommend temple os ITS GODSSS WILLLL

jk i recommend pureos it great and secure

Thanks for recommending me, bruh

I am a big fan of Kali Linux moreover BlackArch because Kali Linux is straight foward and the favoured distribution when it comes to pentesting, capture the flags etc. I like Black Arch but I don’t see the point in over 2000 preinstalled tools, whereas you can have a much lighter Kali box.

BlackArch developer here. I feel in the need to clarify some things:

BlackArch as name says is based on Arch Linux which is not very beginner friendly OS. It will probably take you some time to install and configure it if you haven’t had a contact with Arch Linux before. It’s definitely not a ready to go system.

That’s a totally false argument, BlackArch is a ready-to-go system. If you feel afraid of command line and CLI installation, you can use the Slim ISO which contains a very neat desktop environment and only the top hacking tools that you’re mostly going to use.

NOT BLACKARCH blackarch has loads of useless tools that are outdated and takes up lots of space and time

It’s a nonsense argument, BlackArch is well-known for being more up to date than Kali and Parrot (we were the first rolling distribution for hacking) so that it’s “outdated” is a lie. Packages are updated daily in automated jobs mostly. Regarding the number of tools and space, they are in the repo, you can install them or not, we didn’t force you to install anything, that affirmation comes here just because you never understand how repositories work, just imagine if someone installs all the Debian or Ubuntu packages and comes here with the same nonsense argument.

I like Black Arch but I don’t see the point in over 2000 preinstalled tools, whereas you can have a much lighter Kali box.

Again the same argument mentioned previously, you are able to install them all or not. In fact, the BlackArch latest base image that is in our Docker repositories (hub .docker.com/r/blackarchlinux/blackarch/tags?page=1&ordering=last_updated)* is just 128 MB in size.

Finally, my thoughts are: try all of them and see, you don’t lose anything by trying a couple of distros. Plus, hacking distros aren’t really to use in real hardware but in containers (with GUI access to the host if required) or virtual machines.

*The docker hub repo was written that way because as I’m a new user I can’t post more than two links.

There is no such thing as a “copycat project” sir i think you are drowning in all of this Bullshit you spit it out to the community. Do you even know what linux distro’s are builded up on? You Go on to call every project that is even a bit close to kali linux a “copycat project” If i created a operating system put 600 tools in it and named it “NinjaOS” you would be the person to call it a copycat project. First off Back then before backtrack young hackers had to build there Own OS from Debian and put there own tools in it.

It gets really annoying and sad when there are just a small percentage of people in the linux community Like you that ruin it for people. Funny how you call yourself a “Hacker” but you have no idea or even good enough knowledge to know these type of things, This is 0x00Sec if you wanna rant bullshit go somewhere else (FYI you are helping nobody and is spreading pure bullshit when it comes to distro’s) Because at this point you are the real life equivalent of a script kiddie, not knowing what your saying and speaking straight gass.

And sir if it gets to the point where everyone loves So called “copycat projects” then you must be smoking 24/7 and you must have had something drilled into your mind. Just like what you said about parrotOS You were wrong 95% of the time. The community is great and the maintainers are very professional, ive spoken with them and they respectful and were most willing to help. And the creator Made ParrotOS from Debian so you have no idea what you are talking about. Please quit this “copycat” project bullshit and take some real Knowledge | also having a high ego gets you nowhere

The first pentesting distribution was BackTrack, in the good ol’d days, since then i gave every ITSec related dist a try and have to say that everyone has its own charme and advantages.

When i becam a Arch user i prefered obviously BlackArch but to be really honest?
Spend your time in WM’s of all three, do some CTF’s, HTBs or THM. Figure out what your really need in your own system and set it up by your own.

I read through all my own writeups of CTFs an Challenges, created a list what tools i used, decided which ones are a must have in my Swiss army knife, installed a fresh Manjaro (Arch based) and installed everything one by one. Tooked some time but was it fully worth. Of course i added the blackarch repo to install most stuff via pacman.

So as a beginner it really doesn’t matter, read through the documentations, have a look on the different desktop enviroments, checkout the communities.

The Linux Dist doens’t make u a good hacker, the tool-and-mindest does

Thank you! Your words are really helpful

BlackArch all the way!

Yo! Keep it civil in here! No personal attacks or flaming, or I’m closing this down and give you all some unexpected free time.
If you want to further discuss the pros/cons and all about these hacking distros in a civilized and well-mannered way be my guest but your “discussion” in here recently does not add value whatsoever to this topic. Last chance!