Here is the list of prime 10. Note that these are based on Linux kernel and are free and open source
1- Kali Linux
Kali Linux is an advanced penetration testing tool that ought to be a part of every security professional’s toolbox. Penetration testing involves employing a style of tools and techniques to test the limits of security policies and procedures. What Kali has done is collect close to everything you’ll need in a single CD. It includes over three hundred different tools, all of which are open source and available on GitHub.
Backbox is a linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. BackBox is a lightweight OS and requires less hardware capacity. The power of this distribution is given by its Launchpad repository core constantly updated to the last stable version of the most known and used ethical hacking tools. The integration and development of new tools inside the distribution follows the commencement of open source community and particularly the Debian Free Software Guidelines criteria.
3-Parrot Security OS
Parrot Security is an operating system based on Debian GNU/Linux mixed with Frozenbox OS and Kali linux in order to provide the best penetration and security testing experience. it is an operating system for IT security and penetration testing developed by the Frozenbox Dev Team. It is a GNU/Linux distribution based on Debian and mixed with Kali.
Parrot uses Kali repositories in order to take latest updates for almost all the tools, but it also has its own dedicated repository where all the custom packets are kept. This is why this distro is not just a simple Kali “mod” but entire new concept which relies on Kali’s tool repositories. As such, it introduces a lot of new features and different developing choices.Parrot uses MATE as a Desktop Environment. Lightweight and powerful interface is derived from famous Gnome 2, and thanks to FrozenBox highly customizable with captivating icons, ad-hoc themes and wallpapers. System look is proposed and designed by the community members and also members of Frozenbox Network, who are closely following the development of this project.
Deft is Ubuntu customization with a collection of computer forensic programs and documents created by thousands of individuals, teams and companies. Each of these works might come under a different licence. There Licence Policy describe the process that we follow in determining which software we will ship and by default on the deft install CD.
5-Samurai Web Testing Framework
The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
6-Network Security Toolkit
Network Security Toolkit (NST) is a bootable live CD based on Fedora Core. The toolkit was designed to provide easy access to best-of-breed open source network security applications and should run on most x86 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of open source network security tools.
What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
It is said the necessity is the mother of all invention, and NodeZero Linux is no different. There team is built of testers and developers, who have come to the census that live systems do not offer what they need in their security audits. Penetration Testing distributions tend to have historically utilized the “Live” system concept of linux, which really means that they try not to make any permanent effects to a system. Ergo all changes are gone after reboot, and run from media such as discs and USB’s drives. However all that this maybe very handy for occasional testing, its usefulness can be depleted when your testing regularly. Its there believe that “Live System’s” just don’t scale well in a robust testing environment.
All though NodeZero Linux can be used as a “Live System” for occasional testing, its real strength comes from the understanding that a tester requires a strong and efficient system. This is achieved in our belief by working at a distribution that is a permanent installation, that benefits from a strong selection of tools, integrated with a stable linux environment.
GnackTrack is an open and free project to merge penetration testing tools and the linux Gnome desktop. GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu.
Backtrack is not only a single player in the field of ethical hacking, so you can try some other distribution as well, if you are Gnome lover than must try this, however backtrack 5 is also available on Gnome platform. Just like backtrack, Gnacktrack comes with multiple tools that are really helpful to do a effective penetration testing, it has Metasploit, armitage, wa3f and others wonderful tools.
Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It’s currently being built using the Ubuntu 10.10 and work on reference BackTrack.
The other well known linux based Operating system is backtrack that is being used from few pwevious years and best known as the OS for network cracking and pentesting. And its also the one of the best OS that can perform various network hacks with privacy.
Bugtraq isnt a operating system but an electronic mailing list dedicated to issues about computer security. On-topic issues are new discussions about vulnerabilities, vendor security-related announcements, methods of exploitation, and how to fix them. It is a high-volume mailing list, and almost all new vulnerabilities are discussed there.
Bugtraq team is experienced freaks and developers, It is available in Debian, Ubuntu and OpenSuSe in 32 and 64 bit architectures.