SecBSD

The OpenBSD-Based OS for Ethical Hacking & Pentesting

SecBSD is a free, multi-platform operating system engineered for cybersecurity professionals, ethical hackers, and penetration testers. It also empowers hacktivists and privacy-conscious individuals with a robust and secure environment for their critical operations.

Download Now Learn More
LAST SECURITY UPDATE: May 10, 2025.
┌─(user@secbsd)─[~]
└─$ uname -a
SecBSD 1.8-current (GENERIC.MP) #1: Sat Jun 7 16:11:54 UTC 2025
:::::::: :::::::::: :::::::: ::::::::: :::::::: :::::::: :+: :+: :+: :+: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ +:+ +#++:++#++ +#++:++# +#+ +#++:++#+ +#++:++#++ +#+ +:+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ +#+ #+# #+# #+# #+# #+# #+# #+# #+# #+# #+# #+# ######## ########## ######## ######### ######## ########
Welcome to the paranoid club.
┌─(user@secbsd)─[~]
└─$

About SecBSD

A security-hardened operating system for the modern security assessment

🔒

Proactive Security

SecBSD employs multiple layers of security including W^X, ASLR, and strict memory protections to prevent exploitation before it happens.

⚙️

Code Correctness

With extensive code audits and formal verification, we prioritize correctness over features to ensure system integrity.

🔍

Transparency

Everything is open source - inspect, modify, and verify every line of code that runs on your systems. Get the code.

Download SecBSD

Get the latest -current release for your architecture

💻

amd64

AMD64 architecture

Download

Tools

Cyber Warfare Toolkit & Security Ports

Metasploit

Metasploit

The world's most used penetration testing framework with hundreds of exploits and payloads.

Learn More
BeEF

Spiderfoot

OSINT for threat intelligence and mapping your attack surface.

Learn More
Nmap

Nmap

Powerful network scanning tool for discovery and security auditing.

Learn More

Exploitation, Networking & Security Tools

🔍

Reconnaissance and OSINT

cariddi, cloudbrute, cloudflair, cloudlist, cloudrecon, cloudsplaining, dnsrecon, exiftool, emldump, fierce, ffuf, gau, gitleaks, gokart, gosec, gospider, gotator, hakrawler, httpx, ipfuscator, jsluice, metabigor, p0f, recon-ng, wafw00f, waybackurls, scilla, shuffledns, sipvicious, sn0int, snallygaster, subfinder

📡

Scanning

bomber, cgichk, corstest, cloudflox, crlfuzz, cupp, dalfox, dirb, dsfs, dsjs, dsss, dsxs, enum4BSD, feroxbuster, gobuster, joomscan, knockpy, lynis, masscan, massdns, monsoon, nikto, nmap, nuclei, onesixtyone, osv scanner, rustscan, qsfuzz, wapiti scanner, wfuzz, shortscan, smap, smbmap, smtp user enum, smtpscan, snalygaster, sslscan, strobe, terrapin scanner

⚔️

Exploitation

adenum, aircrack-ng, angrop, bed, botb, bfbtester, burp suite, commix, dsniff, evilurl, evil winrm, exploit pattern, exploitdb, fuxploider, hydra, ipfuscator, metasploit, mongoaudit, one liners, ophcrack, pixiewps, pretender, pwntools, reaver, ropgadget, routersploit, seclists, sqlmap, wesng, zaproxy

🕵️

Privacy

gnupg, openvpn, pgp, privoxy, wireguard tools

🔬

Forensic

dcfldd, foremost, mac robber, oledump, oletools, regripper, sleuthkit, testdisk, volatility3

🖥️

Desktop Environments

awesome, blackbox, cwm, dwm, enlightenment, kde plasma, fluxbox, icewm, mate, lumina, lxqt, windowmaker, xfce

🌐

Web Browsers

iridium, firefox, lynx, qutebrowser, tor browser, ungoogled chromium

✏️

Editors

leafpad, nano, neovim, vim

⛓️

Blockchain

bitcoin, solidity

Documentation

Comprehensive guides and manuals to master SecBSD

Download SecBSD & Create Bootable USB

Step-by-step instructions for creating a bootable SecBSD drive on various operating systems

Read Guide

Installation Guide

Comprehensive guide for installing SecBSD on various hardware platforms

Read Guide

Complete Guide to Installing SecBSD with Full Disk Encryption

Follow this step-by-step guide to securely install SecBSD with full disk encryption. From initial setup to final configuration, ensure your data is fully protected using SecBSD’s robust full disk encryption features.

Read Guide

Installing Hacking Tools Guide

Guide to install packages with SecBSD and a detailed list of all security tools

Learn More

Developer Resources

Development guides for contributing to SecBSD

Contribute

Frequently Asked Questions

Quick answers to common questions

What's the difference between SecBSD and OpenBSD?
Specialized and focus for different security roles:

SecBSD is engineered as a ready-to-use environment for penetration testers including ethical hackers, cybersecurity analysts, red teams, blue teams and purple teams requiring specialized security tools.

OpenBSD is tailored for infrastructure specialists such as network administrators and system engineers building secure servers, including web servers, mail servers, firewalls, and network appliances.

SecBSD inherits OpenBSD’s robust security architecture, which includes proactive hardening, code auditing, and exploit mitigation. Both systems play complementary roles in the cybersecurity ecosystem.
What makes SecBSD different from other security distros?
Built on OpenBSD's security-first foundation:

Proactive Security Architecture: Unlike GNU/Linux-based distros, SecBSD inherits OpenBSD's rigorous code auditing, exploit mitigation (pledge/unveil), and memory safety features by default - eliminating the "hardening phase" required in typical GNU/Linux pentesting distros.

Stability Through Integration: All security tools are pre-compiled, dependency-resolved, and stress-tested against SecBSD's kernel and libc, avoiding GNU/Linux's dependency conflicts and tool breakage.

Minimal Attack Surface: Default install has zero open ports, no non-essential services (unlike systemd-based distros), and uses OpenBSD's crypto stack - crucial for safe opsec during engagements.

Tool Reliability: Our curated toolset undergoes BSD-specific testing to ensure compatibility with OpenBSD/SecBSD's strict memory protections and privilege separation.

Can I use SecBSD as my daily driver?
Yes, you can! SecBSD offers several desktop-ready ISO images specifically built for daily use, each with a different desktop environment ("flavor") so you can choose the one that fits your preferences:

secbsd17-cwm.iso
secbsd17-dwm.iso
secbsd17-icewm.iso
secbsd17-kde-plasma.iso
secbsd17-lxqt.iso
secbsd17-mate.iso
secbsd17-windowmaker.iso
secbsd17-xfce.iso

We also provide a minimal base ISO: secbsd17.iso – it comes without a desktop environment and is ideal for advanced users who want to build their setup from scratch.

Whether you prefer a lightweight tiling WM or a full-featured desktop, SecBSD is flexible and capable enough to serve as your primary OS.
How often is SecBSD updated?
SecBSD releases at least one snapshot every month, based on the -current branch that we sync from the main OpenBSD CVS server. This allows us to always offer you an up-to-date version with the latest improvements and ongoing fixes.

Only in exceptional cases, when high-impact vulnerabilities arise, do we release an additional snapshot that includes the necessary security fixes. To get the latest update, simply run: $ doas sysupgrade -s
How can I contribute to SecBSD?
We welcome contributions! You can report bugs, submit patches, write documentation, porting tools, or support our community. Get in touch