Kali Linux vs BackBox

We blog a lot on Linux pentesting distros (here’s our top-ten list) and it was really a question of time before we wrote this particular post comparing these two popular Linux distros.
Kali Linux vs BackBox is essentially an exercise, in our opinion, of comparing Ubuntu (which BackBox is based on) to Debian (which Kali Linux is based upon). We need to set the record straight now because we are massive BackBox fans. We run several machines (hard booted) in the office and are very happy with it. Our personal story is that we used to run BackTrack back in the day but we became very impatient with a few nagging issues that we always had, mostly with drivers not working and tools not being updated correctly. We switched to BackBox just prior to the Kali Linux launch and never really left BackBox. So with that being said, yes, we are biased but, we also know of course that Kali has a massive following and popularity base so clearly the guys at Offensive Security (the people behind the distro) have done a great job.
So why this post? 
In May 14 of this year we posted a poll titled: “Vote for your favorite Linux Penetration Testing Distribution” and, several months later, and 317 votes later (as of July 28th 2013) we are really happy to see that BackBox is not that far behind Kali – which is really encouraging considering the massive fan base that Kali Linux enjoys.
Here are the results of the poll so far, (by the way you can still vote if you want, voting will remain open – forever!)

84% voted for Kali Linux Pentesting Hacking Distro
84% Prefer Kali Linux
77% voted for BackBox Pentesting Hacking Distro
77% Prefer BackBox
7% voted for Bugtraq
60% Complete (warning)

  • Kali Linux
  • BackBox
  • Knoppix STD
  • Pentoo
  • DEFT
  • CAINE
  • Samurai Web Testing Framework
  • Matriux Krypton
  • WEAKERTH4N
  • Bugtraq
  • NodeZero
  • Fedora Security Spin

So why one over the other?
The choice really shouldn’t be that difficult because essentially they all do the same thing. In fact we’d really like to hear your comments below because we bet you have the same reasons as us, i.e. you just fell into a distro and that was that. Most of our Hacker Hotshot speakers tend to favor Kali, it is a question that we often ask them because a lot of their research is conducted from Linux Operating Systems and Distros.
Drivers, and the support that the developers give to ensuring drivers work, is clearly a motivating factor to why you might chose one pentesting distro over another, and again, this is what made us switch from BackTrack to BackBox. However, in our opinion – here is the biggest reason why someone would prefer one over the other, and that reason is support. The support that Offensive Security can afford to give to Kali is huge. Their forum is huge and as a result there is a lot of answered questions to ‘common’ problems. So, if you are new to the scene and are having trouble with a particular security tool, install, or whatever – then fear not, someone over at Kali will assist.
In our opinion the fine folks over at BackBox headed by community leader ZEROF are a more friendly bunch and more n00b friendly than any other pentesting forum.
Also, it’s worth mentioning here that BackBox is a very Italian affair. Many of the community members are Italian and Founder Raffaele Forte along with Repository Maintainer Alessio Pascolini, we think, judging by their names, are also Italian. Just a side note, but we have noticed other hacking and forensics/ pentesting/ security distros hailing from Italy – not sure why that is but anyway here are another two from Italy: CAINE and we think also DEFT8?
Anyway – the main point we are making here is that of support. No support makes life difficult. We prefer the slightly more user-friendly and helpful support from BackBox, but if you like mass appeal then Kali is your new friend.
Which has the most tools?
Well, rather than re-invent the wheel – here is an exhaustive list of security tools that are contained within Kali Linux and trust me on this, there are enough here for you to be getting on with. The latest version of BackBox 3.05 has new and updated hacking tools (that include automater, inundator, ettercap, wireshark, se-toolkit, metasploit, sqlmap, beef, weevely, thc-ipv6, truecrack, hashcat, and more).
We do not know if there are any ‘missing tools’ in either distro and to do a comparison would take rather a long time, but please let us know in the comments below if you have ever come across a pentesting tool that you think ought to be in either one of the distros.
Sidenote, if WireShark is your thing then come and join us July 31st at 1200 EST for a: How to Hack VoIP (and defend your netowrk!) using WireShark. Also – on the subject of hacking tools you might like this post, “On My Command. Unleash Hell! The Black Hat Arsenal 2013!”.

Quick Summary: Kali Linux
  • OS Type: Linux
  • Based on: Debian
  • Version 1.0
  • Origin: USA
  • Architecture: i386, x86_64, ARM
  • Desktop: Gnome, KDE, XFCE

Quick Summary: BackBox
  • OS Type: Linux
  • Based on: Debian, Ubuntu
  • Version 3.05
  • Origin: Italy
  • Architecture: i386, x86_64
  • Desktop: XFCE
In summary
We are totally biased to BackBox and for that we reason we need your input! Please leave a comment below and let us know your favorite Linux pentesting distro! Our voting will remain open throughout 2013 giving you a chance to cast your all important ballot! Vote on your favorite distro here!
Our decision to switch to Backbox came on the back of a buggy BackTrack 3 and 4, and the fact that BackBox with XFCE was lightning fast and, frankly, we have never had an issue with the distro.
What’s yours?