# Scanning and Pen Testing * Kali Linux * Kali Linux is a Linux Distributed which comes with a large list of tools at your disposal to test your system for a wide variety of potential vulnerabilities and flaws in your security. * This may be the best tool to begin with. While the learning curve may be steap, you will gain a great deal of knowledge on terminology, understanding activity on your system, better understanding network traffic, acitivity bad actors may use, and more. * An option to avoid also needing to know how to install and set up Kail Linux, is to use an image. Linode (another cloud service provider) is one option. They have an image for Kali Linux that makes it easier on you. I do not endorse them. That is simply an example. * Another interesting example that I learned. Creating your own DOS or DDOS attack. Only use this on your system or application. Do not use this on something you do not own! * Hping3 – This is a simple tool for creating your own DOS attack * Saphyra – Another tool that can create DOS/DDOS attacks with advanced capabilities such as custom payloads for each ping. * Byob.dev * This is a build your own botnet service. This can be used along with the above tools to improve your DDOS testing. * Use these tools at your own risk. I do not endorse them. And you should not use them maliciously. Only use for personal testing of your own application that you own. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://epochsec.gitbook.io/daily-activities-best-practices/general-os-hardening/scanning-and-pen-testing.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.