I will begin, perhaps, with the most important thing. The level of penetration tester depends on his knowledge and ability to own specialized tools. And in what environment these tools are launched - it does not matter at all. For example, if you check a site for SQL injections, then your “skill” depends solely on your ability to use sqlmap or jSQL (or something similar), and in what environment you run them: Linux Mint, Kali Linux, BlackArch or even Windows is not the point.
Nevertheless, if we are talking about labor productivity, that is, about the speed of performing tasks and achieving results, then this environment is quite significantly affected. To use sqlmap in Windows, you need to download and install the correct version of Python, also download sqlmap, and even if you do everything correctly - working on the Windows command line is a torment: the lack of support for autocompletion on the TAB key, the need to prescribe full paths to the files (or the need to set variable environments). If we go to Linux Mint, then we need to download the archive from sqlmap, unpack it and launch it correctly (it is also advisable to install it correctly to simplify further launches). Both on Windows and Linux Mint, you yourself need to keep track of software updates that are missing from the repositories.
In Kali Linux or BlackArch, you simply type sqlmap with options in the console and the program starts working for you. You do not need to follow the updates - it will update itself as soon as there is a new version in the repositories.
Those. You can see how much easier it is in specialized distributions. Moreover, if you do not know how to use sqlmap, then no distro will help you with any cool hacker wallpapers on the desktop. This is my idea that the environment does not affect your abilities, it only affects the productivity of labor.
Those. It turns out that a specialized distribution, it seems to be like, is always better? It all depends on the specific situation. For example, you want to test your site for SQL injections once. In this case, you do not need all the other tools and you are constantly annoyed by Kali Linux "quirks" among them: problems with adding programs to autorun, lack of autostart of services that run on system-friendly distributions when the system boots, permanent root and strange repository; then it will be more productive to use the distribution kit to which you are used, simply by installing the programs you need on it.
The creators of Kali Linux do not recommend it for novice users. However, beginner penters face a lot of questions if they install the programs themselves from the source codes. Those. If you are studying the topic of pentesting, then, of course, it is better to choose a specialized distribution kit.
Well, we decided that we need a specialized distribution. But which one to choose? Answer: anyone you like best. Because, as I said, everything depends solely on your knowledge and skills, and where exactly you run the tools is the tenth thing.
I will tell about two distributions with which I work myself. I’m not talking about others not because they are worse (maybe better), I just don’t see any reason to study them all - they are about the same, they differ in a set of tools (this is not very important, since any tool can be installed independently) and desktop wallpaper.
It is quite interesting to compare Kali Linux (which is based on Debian) and BlackArch (based on Arch), since their differences are deeper and are not limited to desktop wallpapers.
Kali Linux is a specialized distribution kit with a monolithic repository (“normal” programs are included with the testing tools), the system has made the settings that are most in demand for pentesters (disk encryption has been prepared with the ability to destroy the master slot with a password, autoloading of network services is disabled, default is root). However, many of these special settings can be changed: return the normal user, etc.
The Kali Linux distribution is very high quality, and due to its ease of installation and its seeming simplicity, it has won its well-deserved popularity.
BlackArch is nothing more than a simple Arch Linux with an additional user repository, which contains all the tools for penetration testing. Hence the main disadvantage of the distribution (for this is Arch) - this is its apparent complexity. The distribution does not have a graphical installer and this will scare away most beginners learning.
However, even with a mid-to-early acquaintance with Linux (or simply according to ready-made instructions), BlackArch can be turned into a very friendly operating system with a very nice modern look.
As I mentioned, BlackArch is more difficult to install than Kali Linux. Another difficulty is the need to set up some services before launching. For example, Apache and SSH on my BlackArch just managed to run, but MariaDB had to be configured. But what is this suffering for, if the instruments are the same everywhere? In Arch (and, therefore, in BlackArch) the latest versions of programs. I remember how when switching to Linux (it was Linux Mint) I was constantly upset that NetBeans, PHP, Java, Wine were six months old a year ago. In Arch, new versions in a stable repository get very quickly. It's funny, but I learned about the release of the new version of Wine by looking through the list of system updates, and not from the news feed.
Now, with the second transition (the first was in the summer) there should also be more recent programs for rolling release on Kali Linux. But, as my observations show, it only affected the basics of Debain and is less applicable to penetration testing tools.
As for specialized tools. BlackArch developers with a maniacal aspiration add new and update existing tools. If you look at the new penetration testing tools that have appeared in recent weeks / months, then many of them already exist in BlackArch. About Kali Linux this can not be said. Again, in Kali Linux, the most popular tools are updated quickly — sometimes on the day of the release of candidates and even beta versions, and medium and low-end tools may not be updated for months. Again, it’s possible to change for the better with a rolling release (first observations show that has not changed).
Video Drivers for AMD Video Cards
I have a graphics card from AMD, and, although this is the notebook version, it shows excellent results when searching for passwords using the GPU. We need proprietary AMD drivers to make this whole "barrel organ" work. There was a period when proprietary AMD drivers disappeared from repositories in all stable Debianes for about half a year. No, of course I did not sit without drivers - I found a specialist who patched the binaries and wrote instructions for the installation and shared his good with everyone. This is good, but Arch (BlackArch) has a user repository with standard (non-patched) drivers containing drivers for both the stable and test versions, while to achieve compatibility and ease of installation, there are all the necessary packages in the same repository,
Now in Debian (Kali Linux), proprietary drivers have returned to the official repositories. When installing which sometimes there are serious problems
Given this situation - on this point, none of the systems does not get extra points. We assume that in this they are equal.
Well, perhaps the last objective difference: when installed on a USB flash drive (this is my favorite option, since it allows you to use iron directly + does not affect the main system and its bootloader), Kali Linux seriously lags, and during updates it is simply impossible to work. BlackArch is not so: the updates and installation of the programs are fast (it shocks me every time), while you can continue to work - the system does not notice the process of updates at all - everything is very smooth and there are no lags.
Well, the last, already subjective, argument - I just like BlackArch more. I got acquainted with this distribution kit quite recently and, probably, will change my opinion as I gain experience with the distribution kit, but so far it completely suits me.
findings
BlackArch (Arch Linux) is not the easiest distribution. I would recommend it only to those who feel confident in Linux. With BlackArch (Arch Linux), you’ll have to learn much more about Linux itself, its device. Knowing Linux is useful for pentesting and system maintenance. For example, after acquaintance with Arch Linux for me such problems as non-loading of the system (due to transferring media to another computer, which caused the disc numbering to change) or a black screen at startup (due to driver problems) turned out of unsolvable problems , because of which you need to reinstall everything, into elementary problems solved once or twice. But here the main thing is not to overdo it and not to turn into the owner of the Zhiguli. You know, all owners of Zhiguli are well versed in car devices and know how to repair them - I know what I'm talking about, because he was the owner of Lada. So, the main thing is not to turn into someone who constantly adjusts and repairs something in his system instead of just working. Instead of collecting information, you will deal with the launch of a DBMS, web server, etc.
Those. A beginner is definitely not BlackArch recommended. But sure users can try. The study effort expended will pay off with an advanced understanding of the Linux device and the ability to create / configure an ideal working environment for yourself.
You can find Russian BlackArch documentation on BlackArch.ru.
Nevertheless, if we are talking about labor productivity, that is, about the speed of performing tasks and achieving results, then this environment is quite significantly affected. To use sqlmap in Windows, you need to download and install the correct version of Python, also download sqlmap, and even if you do everything correctly - working on the Windows command line is a torment: the lack of support for autocompletion on the TAB key, the need to prescribe full paths to the files (or the need to set variable environments). If we go to Linux Mint, then we need to download the archive from sqlmap, unpack it and launch it correctly (it is also advisable to install it correctly to simplify further launches). Both on Windows and Linux Mint, you yourself need to keep track of software updates that are missing from the repositories.
In Kali Linux or BlackArch, you simply type sqlmap with options in the console and the program starts working for you. You do not need to follow the updates - it will update itself as soon as there is a new version in the repositories.
Those. You can see how much easier it is in specialized distributions. Moreover, if you do not know how to use sqlmap, then no distro will help you with any cool hacker wallpapers on the desktop. This is my idea that the environment does not affect your abilities, it only affects the productivity of labor.
Those. It turns out that a specialized distribution, it seems to be like, is always better? It all depends on the specific situation. For example, you want to test your site for SQL injections once. In this case, you do not need all the other tools and you are constantly annoyed by Kali Linux "quirks" among them: problems with adding programs to autorun, lack of autostart of services that run on system-friendly distributions when the system boots, permanent root and strange repository; then it will be more productive to use the distribution kit to which you are used, simply by installing the programs you need on it.
The creators of Kali Linux do not recommend it for novice users. However, beginner penters face a lot of questions if they install the programs themselves from the source codes. Those. If you are studying the topic of pentesting, then, of course, it is better to choose a specialized distribution kit.
Well, we decided that we need a specialized distribution. But which one to choose? Answer: anyone you like best. Because, as I said, everything depends solely on your knowledge and skills, and where exactly you run the tools is the tenth thing.
I will tell about two distributions with which I work myself. I’m not talking about others not because they are worse (maybe better), I just don’t see any reason to study them all - they are about the same, they differ in a set of tools (this is not very important, since any tool can be installed independently) and desktop wallpaper.
It is quite interesting to compare Kali Linux (which is based on Debian) and BlackArch (based on Arch), since their differences are deeper and are not limited to desktop wallpapers.
Kali Linux is a specialized distribution kit with a monolithic repository (“normal” programs are included with the testing tools), the system has made the settings that are most in demand for pentesters (disk encryption has been prepared with the ability to destroy the master slot with a password, autoloading of network services is disabled, default is root). However, many of these special settings can be changed: return the normal user, etc.
The Kali Linux distribution is very high quality, and due to its ease of installation and its seeming simplicity, it has won its well-deserved popularity.
BlackArch is nothing more than a simple Arch Linux with an additional user repository, which contains all the tools for penetration testing. Hence the main disadvantage of the distribution (for this is Arch) - this is its apparent complexity. The distribution does not have a graphical installer and this will scare away most beginners learning.
However, even with a mid-to-early acquaintance with Linux (or simply according to ready-made instructions), BlackArch can be turned into a very friendly operating system with a very nice modern look.
As I mentioned, BlackArch is more difficult to install than Kali Linux. Another difficulty is the need to set up some services before launching. For example, Apache and SSH on my BlackArch just managed to run, but MariaDB had to be configured. But what is this suffering for, if the instruments are the same everywhere? In Arch (and, therefore, in BlackArch) the latest versions of programs. I remember how when switching to Linux (it was Linux Mint) I was constantly upset that NetBeans, PHP, Java, Wine were six months old a year ago. In Arch, new versions in a stable repository get very quickly. It's funny, but I learned about the release of the new version of Wine by looking through the list of system updates, and not from the news feed.
Now, with the second transition (the first was in the summer) there should also be more recent programs for rolling release on Kali Linux. But, as my observations show, it only affected the basics of Debain and is less applicable to penetration testing tools.
As for specialized tools. BlackArch developers with a maniacal aspiration add new and update existing tools. If you look at the new penetration testing tools that have appeared in recent weeks / months, then many of them already exist in BlackArch. About Kali Linux this can not be said. Again, in Kali Linux, the most popular tools are updated quickly — sometimes on the day of the release of candidates and even beta versions, and medium and low-end tools may not be updated for months. Again, it’s possible to change for the better with a rolling release (first observations show that has not changed).
Video Drivers for AMD Video Cards
I have a graphics card from AMD, and, although this is the notebook version, it shows excellent results when searching for passwords using the GPU. We need proprietary AMD drivers to make this whole "barrel organ" work. There was a period when proprietary AMD drivers disappeared from repositories in all stable Debianes for about half a year. No, of course I did not sit without drivers - I found a specialist who patched the binaries and wrote instructions for the installation and shared his good with everyone. This is good, but Arch (BlackArch) has a user repository with standard (non-patched) drivers containing drivers for both the stable and test versions, while to achieve compatibility and ease of installation, there are all the necessary packages in the same repository,
Now in Debian (Kali Linux), proprietary drivers have returned to the official repositories. When installing which sometimes there are serious problems
Given this situation - on this point, none of the systems does not get extra points. We assume that in this they are equal.
Well, perhaps the last objective difference: when installed on a USB flash drive (this is my favorite option, since it allows you to use iron directly + does not affect the main system and its bootloader), Kali Linux seriously lags, and during updates it is simply impossible to work. BlackArch is not so: the updates and installation of the programs are fast (it shocks me every time), while you can continue to work - the system does not notice the process of updates at all - everything is very smooth and there are no lags.
Well, the last, already subjective, argument - I just like BlackArch more. I got acquainted with this distribution kit quite recently and, probably, will change my opinion as I gain experience with the distribution kit, but so far it completely suits me.
findings
BlackArch (Arch Linux) is not the easiest distribution. I would recommend it only to those who feel confident in Linux. With BlackArch (Arch Linux), you’ll have to learn much more about Linux itself, its device. Knowing Linux is useful for pentesting and system maintenance. For example, after acquaintance with Arch Linux for me such problems as non-loading of the system (due to transferring media to another computer, which caused the disc numbering to change) or a black screen at startup (due to driver problems) turned out of unsolvable problems , because of which you need to reinstall everything, into elementary problems solved once or twice. But here the main thing is not to overdo it and not to turn into the owner of the Zhiguli. You know, all owners of Zhiguli are well versed in car devices and know how to repair them - I know what I'm talking about, because he was the owner of Lada. So, the main thing is not to turn into someone who constantly adjusts and repairs something in his system instead of just working. Instead of collecting information, you will deal with the launch of a DBMS, web server, etc.
Those. A beginner is definitely not BlackArch recommended. But sure users can try. The study effort expended will pay off with an advanced understanding of the Linux device and the ability to create / configure an ideal working environment for yourself.
You can find Russian BlackArch documentation on BlackArch.ru.