# Alternative to Kali Linux



## BustedBSD (Jul 19, 2016)

I've been kicking this idea around for some time, and I've been thinking of doing an alternative to Kali Linux using FreeBSD (or OpenBSD). I'm not sure if anyone else would be interested in this project or if I should just stick to Kali Linux. I'd appreciate any feedback.


----------



## SirDice (Jul 19, 2016)

If the tools are available in the ports tree why create a specific derivative when you can simply install the tools you need? In my, not so humble, opinion, If you can't set them up yourself you really have no business in using those tools.


----------



## fossette (Jul 20, 2016)

I generally agree with the first sentence of SirDice, however


SirDice said:


> In my, not so humble, opinion, If you can't set them up yourself you really have no business in using those tools.


Let me disagree with a staff member on this one.  Probably some tools aren't easy to setup because of design or documentation issues, and if so, one can rightfully expect the best possible tools.  (Although if you have the skills to create duplicates, maybe your skills would be of better use to improve the original.)

Dominique.


----------



## SirDice (Jul 20, 2016)

fossette said:


> Let me disagree with a staff member on this one.  Probably some tools aren't easy to setup because of design or documentation issues, and if so, one can rightfully expect the best possible tools.  (Although if you have the skills to create duplicates, maybe your skills would be of better use to improve the original.)


Yes, that's the idea. If you have the skills why not fix the original and/or create proper ports for it. But again, if you don't know how to set those tools up you really have no business in using them. Lets not forget, we're not talking about some web or database applications, we're talking about highly specialized tools to intentionally break things. Do you really want those tools to be available for _everyone_? I mean people with no skills whatsoever wielding something that's equivalent to a loaded gun? I don't care if they shoot themselves in the foot but I do care if some numbnuts lets it loose on my client's production systems. There's a reason why most publicized expoits are crippled. People with the skills to fix them also have the skills to know when and how to use it.


----------



## BustedBSD (Jul 20, 2016)

It's not about setting up the tools as much as trying to find out if other people might be interested in this project...or am I just reinventing the wheel for no reason other than I wanted to. I guess I would be starting a distro like HardenedBSD or PC-BSD for a niche group of people. I've compiled a list of the packages in Kali Linux and I've discovered that a large number of them do not exist in the ports. So I would be spending a lot of time creating ports for them.

There are plenty of tools available that will allow people to shoot themselves in the foot...even those with skills. To err is human... And while I understand your position, SirDice, these tools are already out there.


----------



## fossette (Jul 21, 2016)

Any tools to find bugs, is a good tool to me (not necessarily specific to security issues).  However, BustedBSD, don't count me in your target audience.  I visited the Kali Linux website, and I have a really hard time to understand what it actually does and how.  I do get that users run as *root*, and know the default installation password. ;-)  But as the website says, it's probably not for me (and I know it's not, other stuff to develop first).

PS: SirDice, I still like you. Here's a virtual .

Dominique.


----------



## cyrano (Jul 22, 2016)

Just a suggestion...

Let downloaders of your sec research BSD distro take a short exam before they can access the download. That should filter out most problematic users.

Kali once was a usable resource. Now there's total isolation between the script-kiddies on the forum and the developers. That has effectively killed this resource. There's also a great lack of precise documentation.

Most Kali users don't even bother changing the root password and use it as a cracking tool. 

Still, only creating the ports for these packages should be enough. I came to dislike the vast number of tools on Kali, since I don't use most and removing them is a pita.

I would certainly applaud a site that keeps info about these tools centralised and would create a small community around them.


----------



## Lars Skogstad (Jul 22, 2016)

I have to say I agree with the staff on this one. Also I dont know how to use most of them, would be a shame if I knew how to  

Downloaded image to see what is was and its like cyrano says,  seems like everyone is using it as cracking tool, booting up live cd. 
But ports would be fine, no need for an own BSD distro for this I guess, since Kali exists already.


----------

