Skip to content
Athena OS

Why Athena OS?

Born for InfoSec Professionals, Bug Bounty Hunters, Passionate Students and Spicy Hackers

🏅

Athena OS is an open-source, offered as Arch-based and Nix-based distribution intended to build a new concept of pentesting operating system. Its purpose is to offer a different experience by providing reproducibility, flexibility, isolation, and only those tools that fit with the user needs and improving the access to hacking resources and learning materials.

Athena OS is designed from scratch, and, at development phase, useless modules and services have been excluded in order to improve performance and resource consumption. This design approach allows to review in detailed manner each single package and component to include inside the distribution. Despite being based on Arch and Nix that at first impact could seem hard to use, Athena OS offers a very user-friendly environment to make easy the usage of the resources.

Features

Section titled “Features”

Both Athena souls have common aspects that bind them:

  • Open source model: all the elements of the system are available on Athena development tree for all users that wish to access or edit according to their needs.
  • Free: Athena OS is free and accessible to everyone and it will be forever.
  • Performance: several strategies have been applied on the system in order to make it faster, acting from kernel and passing through virtual memory, RAM, package manager and so on.
  • Flexibility: Athena OS allows deep customization of system configurations, enabling pentesters to tailor the environment to specific testing requirements. The ability to express configurations in a high-level language by Nix allows for more flexibility and adaptability compared to traditional configuration management systems.
  • Tailored pentesting tools: Athena OS provides pentesting tools classified by Cyber Roles. Each role consists of a Cyber Security domain where the several tools are distributed on. These tools are continuously maintained in order to improve the efficiency of their usage and kept updated for getting a cleaned and secured environment.
  • Full Disk Encryption (FDE): Athena OS integrates native support for Full Disk Encryption using LUKS2, offering military-grade data protection at rest. This ensures that your tools, reports, and sensitive testing data remain inaccessible to unauthorized parties even if the device is compromised. It preserves both security and usability, an essential layer for professionals operating in high-risk or adversarial environments.
  • Modern Disk Partitioning Scheme (DPS): Athena OS adopts a modern, standards-aligned Disk Partitioning Scheme designed for reliability, security, and performance. It implements GPT-based partitioning with separated EFI, boot and root, and a separated home partitions for BTRFS. This structure improves maintainability, simplifies system recovery, enhances isolation between system and user data, and ensures optimal compatibility with Secure Boot and TPM technologies.
  • Minimalist: pentesting packages and services are not preinstalled. This minimalist approach allows for greater control over system resources and reduces unnecessary bloat, resulting in faster performance and more efficient resource utilization.
  • Comprehensive documentation: extensive documentation which covers installation guides, troubleshooting tips, package management, system configuration, and more. The documentation is renowned for its accuracy, clarity, and helpfulness, making it a valuable resource for both beginners and experienced users.
  • Industry-compliant: the system is built according to the Filesystem Hierarchy Standard, ISO-9660 and FAT32 requirements.

Athena Arch

Section titled “Athena Arch”

The heritage of Arch Linux impacts positively Athena OS according to the following characteristics:

  • More and more pentesting tools: Athena OS relies on Athena repository, and BlackArch repository, containing 2800+ pentesting and security tools, along with Chaotic-AUR repository that provides you already built packages from AUR (Arch User Repository). These tools are continuously maintained in order to improve the efficiency of their usage and kept updated for getting a cleaned and secured environment.
  • Trusted packages: all the packages developed on Athena are GPG-signed and maintained in a public and dedicated repository.
  • Rolling release model: rolling release distribution, meaning you receive updates continuously rather than waiting for major releases. This ensures you always have access to the latest features, security patches, and software versions without the need for full system upgrades.
  • Customizability: “do-it-yourself” philosophy, allowing users to build their system from the ground up. You install only the packages and components you need, resulting in a highly customized environment tailored to your preferences.
  • AUR (Arch User Repository): being based on Arch-Linux, Athena Arch can access to the AUR. It is a vast community-driven repository that extends the official Arch Linux repositories. It allows users to easily access and install thousands of additional packages maintained by the community. This vast collection of software expands the capabilities of Athena Arch and makes it easy to find and install software that may not be available in the official repositories.
  • Cybersecurity AI (CAI) (WIP):
    Athena OS integrates CAI (Cybersecurity Artificial Intelligence), an artificial intelligence framework designed specifically for offensive and defensive security workflows.
    CAI assists users in pentesting, threat analysis, exploit research, and defensive hardening directly from the command line or graphical interface.
    It can explain tool output, suggest next steps, correlate findings, and even automate parts of complex assessments using contextual understanding.
    CAI’s purpose is not only to enhance productivity but also to educate and guide security professionals through advanced scenarios, making Athena OS the first Arch-based pentesting distribution with an embedded cybersecurity-focused AI assistant.

Athena OS is built to not only provide a rich pentesting toolkit but also a secure and trustworthy operating environment. The following technologies work together to strengthen system integrity and minimize attack surfaces.

  • Secure Boot Support: UEFI Secure Boot is supported and ensures that only trusted software is allowed to start when your computer boots up. No malware or rootkits could try to take control before your OS even starts.

  • systemd-boot integration:
    Athena OS uses systemd-boot as its modern UEFI boot manager. It supports Secure Boot verification, Unified Kernel Images (UKI), and seamless kernel selection (LTS or Hardened) at startup. systemd-boot ensures a fast, simple, and cryptographically verifiable boot chain that integrates perfectly with Secure Boot and TPM measurements.

  • Hardened Kernel:
    Athena includes both a Linux Hardened kernel and a Long-Term Support (LTS) kernel.
    The Hardened kernel enables additional exploit mitigations, memory protections, module signature enforcement, restricted kernel info leaks, and disabled unprivileged namespaces to make privilege-escalation attacks and kernel rootkits significantly harder.
    Users can select the desired kernel at boot according to their task: maximum security (Hardened) or maximum compatibility (LTS).

  • Mandatory Access Control:
    Athena OS ships with AppArmor enabled by default.
    AppArmor enforces per-application confinement through readable profiles that specify which files, capabilities, and network resources each process may access.
    This mandatory access control mechanism limits damage if a pentesting tool or application is compromised, effectively containing attacks and protecting user data and system integrity.

  • Sandboxing:
    Athena integrates Firejail, a lightweight sandbox utility that uses Linux namespaces, seccomp filters, and capability dropping to isolate applications at runtime.
    Browsers, document viewers, and other high-risk applications automatically run inside Firejail sandboxes.
    Combined with AppArmor, this delivers defense-in-depth, kernel-level and userspace isolation to contain potential exploits and prevent lateral movement.

  • Trusted Platform Module (TPM) integration:
    Athena leverages TPM 2.0 for measured boot and disk-encryption key protection.
    During startup, firmware, bootloader, and kernel measurements are stored in PCR registers, ensuring that secrets (like LUKS keys) are released only when the system matches its trusted state.
    If any boot component changes or is tampered with, TPM refuses to unseal the key, falling back to manual passphrase entry, guaranteeing platform integrity.

  • Unified Kernel Image (UKI):
    Each Athena kernel is built as a Unified Kernel Image, bundling the kernel, initramfs, and kernel command line into one signed EFI executable.
    The UKI is verified by Secure Boot and measured into the TPM, ensuring that both the kernel and its boot parameters are authenticated before execution.
    This design simplifies updates, improves reliability, and makes tampering detectable at boot.

  • USB Device Control:
    To defend against physical attacks, Athena includes USBGuard to control hot-plugged USB devices.
    Unknown or unauthorized devices are blocked by default until explicitly allowed by the user or administrator.
    This mitigates “BadUSB”-style attacks, data exfiltration through rogue storage devices, and malicious keyboard or network emulation peripherals.

Athena Nix

Section titled “Athena Nix”

The heritage of Nix impacts positively Athena OS according to the following characteristics:

  • Secure software: the system is set to retrieve only secure packages. Nix Community continuously works to check vulnerable software and, if needed, set them as insecure. By Nix, Athena is able to inform you if a software is affected by a CVE and it prevents its installation in your system.
  • Declarative: Athena OS uses a declarative approach to system configuration, meaning that the entire system configuration can be potentially described in a single configuration file. It actually implements an “OS as a Code”. This makes it easy to understand, reproduce the system state, and to version control configurations, replicate environments, and maintain consistency across different systems, which can be valuable in pentesting scenarios.
  • Immutable System State: The system configuration in Athena OS is treated as immutable. Instead of making changes in-place, a new configuration is generated, and the system transitions to the new state. This helps ensure consistency and reproducibility, and, mostly, ensures that the system remains in a known state, which is helpful for maintaining a secure and consistent testing environment.
  • Conflicts prevention: Nix follows functional programming principles. Packages are built with their dependencies explicitly declared, ensuring that they are isolated and don’t interfere with each other. This also allows multiple versions of the same software to coexist without conflicts.
  • Atomic Upgrades and Rollbacks: Athena OS supports atomic upgrades and rollbacks. When a new configuration is applied, the system is atomically transitioned to the new state. If a configuration or package change introduces issues, rolling back to a known good state can be done seamlessly, preventing disruptions during pentesting activity.
  • Reproducibility: The functional package management and declarative configuration make it easier to reproduce specific testing environments. Pentesters can share configuration files, ensuring that team members or collaborators can recreate the exact system state needed for testing.
  • Lazy Evaluation: Athena OS employs lazy evaluation for package management. This means that packages are only built when needed, and dependencies are resolved dynamically. This helps in minimizing unnecessary builds and reducing redundancy.
  • Isolation and Sandboxing: Packages are isolated from each other to prevent conflicts. Additionally, the Nix package manager provides a form of sandboxing for builds, which enhances security by minimizing the potential impact of a compromised or malicious tool package.
  • Cross-Platform Support: Nix systems are designed to be cross-platform. This means that the same Nix expressions can be used to build packages and configurations on different platforms, facilitating portability and flexibility. This can be advantageous if a pentester needs to work in diverse environments or conduct tests on various platforms.
Athena OS banner image Athena OS banner image