Haxf4rall
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
  • Home
  • 2015
  • June
  • 27
  • Backbox – Turning heads in the pentesting scene

Backbox – Turning heads in the pentesting scene

June 27, 2015November 18, 2017 No Comments
backbox backbox OS hacker toolkit hacking linux linux linux distro penetration testing ubuntu

A relative newcomer to the forensic and penetration testing live CD scene, Italian project BackBox is already turning heads as it hits version 2.01. Gareth Halfacree explains why…

The live CD includes English, German, Spanish, French and Italian modes

It’s fair to say that there’s no shortage of penetration testing and forensic analysis toolkits – often characterised as ‘hacking toolkits’ – available today. Since the launch of classics including the Auditor Security Collection, a Knoppix-based distribution that would eventually morph into the popular BackTrack, almost every mainstream distribution has gained its own spin-off forensic kit; but what makes BackBox different?

 

A relative newcomer to the scene, the first release of BackBox was back in September as a project of the Italian Open Soluzioni web community founded by Raffaele Forte. Now on its second major release, BackBox has grown rapidly and offers plenty of scope for both amateur and professional use.

Based on Canonical’s Ubuntu distribution, itself derived from Debian, the latest build of BackBox isn’t exactly bleeding-edge – it’s still using the 2.6 kernel tree in both the x86 and AMD64 flavours – but it does contain an impressive collection of tools. It’s also surprisingly slick; from its lightweight yet attractive Xfce desktop environment to its multi-language live CD boot menu – which includes a ‘forensic’ mode that works to prevent accidental writes to a host system’s drive that could jeopardise evidence gathering activities – BackBox exudes professionalism in an area that all too often goes for glitz and glamour in an effort to attract the ‘script kiddies.’

BackBox 2.01 desktop
The lightweight Xfce desktop environment gives BackBox a sleek appearance

That’s not to say BackBox is without fault: some of the tools, such as the collaborative documentation web app Dradis, require a daemon to be started before they will operate; if you’re not familiar with the apps you’d be forgiven for overlooking the entries in the ‘Services’ menu, which will leave you staring at error messages wondering where you went wrong.

Despite this, the general experience of using BackBox is pleasurable; there’s a wealth of utilities on hand covering a range of activities – split into Information Gathering, Vulnerability Assessment, Exploitation, Privilege Escalation, Maintaining Access, Documentation & Reporting, Reverse Engineering, Social Engineering, Forensic Analysis, VoIP Analysis, Wireless Analysis and Miscellaneous categories – but it never feels as though anything has been crammed in without aforethought.

Many BackBox 2.01 tools are command-based
While many tools are command-line based, GUI front ends are provided where available

It’s also good to see some general-purpose software making the grade; while many forensic live CDs offer only the tools needed for the job, BackBox includes IRC chat software, the AbiWord word processor, Gnumeric spreadsheet, several web browsers, a media player, and even a tool for addressing a scanner connected to the host system.

As with rival forensic and penetration testing toolkits – and we’re specifically thinking of BackTrack here, from which BackBox gets its name – the CD contains tools for analysing both wired and wireless networks, and utilities for recovering or modifying passwords from both POSIX-compliant systems and Microsoft Windows for those who work in a heterogeneous environment.

BackBox 2.01 tools
The sheer volume of tools available in BackBox is impressive

Impressively, the BackBox team has thought to create a Personal Package Archive – PPA – containing the tools and utilities distributed with the BackBox live CD; as a result, it’s possible to add the exact same tools to an existing Ubuntu-based system without having to replace your day-to-day OS with BackBox. It’s a good idea, and one we’d like to see other specialist distributions copy where possible.

While some of the tools are sadly restricted – such as the open source intelligence gathering package Maltego, which is provided as the free Community Edition with limits on the number of results it will offer – these are few and far between.

It’s true that BackBox is a new project, and currently suffers from a somewhat erratic release schedule, but the distribution is quickly shaping up to be a serious alternative to established forensic distributions like BackTrack.

Verdict: 4/5
BackBox isn’t perfect: beginners may find themselves puzzled over tools that require daemons not automatically started on bootup, but it holds a wealth of power for those willing to learn. The inclusion of general purpose software is also welcome, and the existence of a PPA for adding the live CD’s tools to a desktop Ubuntu install seals the deal.

Download here

Post navigation

Turning your Android into a hacking device
Hacker Series – Enough to motivate you?

Related Articles

BlackArch Linux v2019.09.01 – Penetration Testing Distribution

- Operating Systems
September 9, 2019

Commando VM v2.0 – The First Full Windows-based Penetration Testing OS

- Operating Systems
August 9, 2019

OPS City – Build and Run Nanos Unikernels

- Operating Systems
July 9, 2019

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

hacker gadgets
hacker phone covers

Recent Posts

PlutoCrypt Ransomware Decryptor

PlutoCrypt Ransomware Decryptor

May 27, 2023
Galaxy Fold 4

Samsung to improve the durability of the waterdrop hinges in the foldable smartphones

May 26, 2023
CISA Adds CVE-2023-2868 Vulnerability to KEV Catalog

CISA Adds CVE-2023-2868 Vulnerability to KEV Catalog

May 26, 2023
Google releases Chrome version 111 to fix 40 security vulnerabilities

Google releases Chrome version 111 to fix 40 security vulnerabilities

May 26, 2023
PoC Exploit Released for GitLab CVE-2023-2825 Vulnerability

PoC Exploit Released for GitLab CVE-2023-2825 Vulnerability

May 26, 2023
CVE View

Mondoo v7.17.1 releases: Cloud-Native Security & Vulnerability Risk Management

February 16, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Categories

  • Secure Coding
  • Documentary
  • Courses & Ebooks
  • Hack Tools
  • Hacking Tutorials
  • Mobile Hacking
  • News
  • Operating Systems
  • TOR
  • Tricks & How To’s

Active Members

Useful Links

Contact Us

Disclaimer

Privacy Policy

Submit a Tool

Copyright 2019. All rights reserved | Theme: OMag by LilyTurf Themes