| OS | Based on | Description | Link |
|---|---|---|---|
| Alpine Linux | BusyBox | minimalist hardened OS, used by default for docker containers | Alpine Linux |
| ArchStrike | ArchLinux | penetration testing and security lab | ArchStrike |
| Athena OS | ArchLinux / NixOS | penetration testing and security lab; using BlackArch repositories | Athena OS |
| BackBox | Ubuntu | penetration testing and security lab | BackBox |
| BlackArch Linux | ArchLinux | penetration testing and security lab | BlackArch Linux |
| CAINE | Ubuntu | digital forensics and incident response (DFIR) | CAINE |
| CSI Linux | Ubuntu | digital forensics and incident response (DFIR) | CSI Linux |
| CLIP OS | Gentoo | security by compartmentalization (container) | CLIP OS |
| CommandoVM | Windows | script to configure a Windows VM and install security tools on it; penetration testing and security lab | CommandoVM |
| Demon Linux | Debian | penetration testing and security lab | Demon Linux |
| DragonOS | Ubuntu | RF / SDR penetration testing and security lab | DragonOS |
| Fedora Security Lab | Fedora | penetration testing and security lab | Fedora Security Lab |
| Kali Linux | Debian | penetration testing and security lab | Kali Linux |
| Kali-NetHunter | Android | Penetration testing platform for Android devices | Kali-NetHunter |
| Linux Kodachi | Xubuntu | privacy and anonymity | Linux Kodachi |
| NST | Fedora | network security monitoring and analysis | NST |
| Parrot Security OS | Debian | penetration testing and security lab | Parrot Security OS |
| Pentoo | Gentoo | penetration testing and security lab | Pentoo |
| Qubes OS | Fedora | security by compartmentalization (VM) | Qubes OS |
| REMnux | Debian | malware analysis and reverse-engineering | REMnux |
| SecBSD | openBSD | penetration testing and security lab | SecBSD |
| Security Onion | Ubuntu | network security monitoring, analysis and threat hunting | Security Onion |
| SIFT | Ubuntu | digital forensics and incident response (DFIR) (VMware appliance) | SIFT |
| SigintOS | Ubuntu | signal intelligence | SigintOS |
| Subgraph OS | Debian | security by compartmentalization (container) | Subgraph OS |
| Tails | Debian | privacy and anonymity | Tails |
| Tamer Platform | Debian | android malware analysis, penetration testing and reverse engineering | Tamer Platform |
| TENS | Thinstation | privacy and anonymity | TENS |
| Tsurugi Linux | Ubuntu | digital forensics and incident response (DFIR) | Tsurugi Linux |
| Whonix | Debian | privacy and anonymity | Whonix |
| Wifislax | Slackware | wireless penetration testing and security lab | Wifislax |
Operating Systems
Maintained
No more maintained
| OS | Based on | Description | Link |
|---|---|---|---|
| ANDRAX | Android | More than an OS, it is a penetration testing platform for Android smartphones | ANDRAX |
| Blackbuntu | Ubuntu | penetration testing and security lab | Blackbuntu |
| Bugtraq-II Blackwidow | Ubuntu / Debian | penetration testing and security lab | Bugtraq-II Blackwidow |
| Buscador | Ubuntu | OSINT (OVA appliance) | Buscador |
| Cyborg Essentials | Debian | penetration testing and security lab | Cyborg Essentials |
| Cyborg Hawk Linux | Ubuntu | penetration testing and security lab | Cyborg Hawk Linux |
| DEFT | Ubuntu | digital forensics and incident response (DFIR) | DEFT |
| DracOS | Linux From Scratch | penetration testing and security lab | DracOS |
| GnackTrack | Ubuntu | penetration testing and security lab | GnackTrack |
| Live Hacking | Ubuntu | penetration testing and security lab | Live Hacking |
| Matriux | Debian | penetration testing and security lab | Matriux |
| NodeZero | Ubuntu | penetration testing and security lab | NodeZero |
| Santoku Linux | Lubuntu | mobile malware analysis, forensics and reverse engineering | Santoku Linux |
| STD | Debian | penetration testing and security lab | STD |
Project transferred
| From | To |
|---|---|
| ArchAssault | ArchStrike |
| Backtrack | Kali Linux |