Documentation

Everything you need to get started with Almighty Linux.

Introduction

Almighty Linux is a hybrid Linux distribution based on Debian Testing and Kali Linux, purpose-built for intelligence gathering and OSINT (Open Source Intelligence) operations.

The distribution ships with an extensive collection of 79 security and OSINT tools, including 58 custom-built scripts developed exclusively for Almighty Linux and 32 industry-standard packages from the Kali repositories. It features a hardened kernel tuning profile and a comprehensive suite of anonymity, trace-cleaning, isolation, and security tools to maintain operational security during intelligence operations.

Almighty Linux also includes the Almighty OSINT Browser — a custom Chromium-based browser with integrated OSINT utilities and user-agent spoofing capabilities. The distribution uses MATE as its desktop environment, providing a lightweight and professional workspace for extended investigation sessions.

Technical Details

Property Value
Name Almighty Linux
Base Debian Testing / Kali Linux (Hybrid)
Desktop Environment MATE
Architecture x86_64 (amd64)
Kernel Vanilla(Hardened Tuning)
Init System systemd
Package Manager APT (dpkg)
Installer Calamares
Default Shell Bash

Warnings

Legal Disclaimer
Almighty Linux is intended solely for lawful security research, authorized penetration testing, and educational purposes. Any unauthorized use of the tools included in this distribution against systems you do not own or have explicit permission to test is strictly prohibited and may violate local, national, and international laws. The developers assume no liability for misuse.
Disclaimer of Liability
This software is provided "as is" without warranty of any kind, express or implied. The developers are not responsible for any damage, data loss, legal issues, or other consequences arising from the use or misuse of this distribution.

Features

Intelligence Toolset

  • 79 Tools: 58 custom Almighty tools + 21 Kali popular osint tools
  • OSINT Frameworks: Multi-module platforms
  • Social Intelligence: Facebook, TikTok, YouTube, LinkedIn, Telegram, GitHub, ProtonMail profilers
  • Dark Web Reconnaissance: 8 dedicated onion network tools for archiving, crawling, and intelligence extraction
  • Digital Forensics: Image/video analysis, steganography detection, blockchain intelligence, file encryption

OSINT Browser (ALPHA/DEVELOPMENT WARNING)

  • Custom Chromium-based browser with built-in fingerprint protection
  • Canvas, WebGL, and AudioContext spoofing to prevent identity leaks
  • WebRTC blocking and User-Agent rotation
  • Integrated OSINT utilities: Base64, CIDR calculator, Email validator, Link extractor

Operational Security

  • Tor traffic routing (anonroute)
  • MAC address randomization (change-mac)
  • Hostname spoofing (anonhost)
  • Forensic trace cleaning (anti-tr4ce)
  • Application isolation (almighty-jails, plaztek)
  • DNS changer for censorship bypass

Desktop Environment

  • MATE desktop with custom theming
  • Conky system monitors with auto-anchor
  • Branded terminal splash screens

Known Issues

Hybrid Distribution Conflicts
As a hybrid distribution combining Debian Testing and Kali Linux repositories, package conflicts may occur. Some packages from different repositories may have version mismatches or dependency conflicts. Advanced package management knowledge is recommended.
Testing Base Instability
Since Almighty Linux is based on Debian Testing, the system may experience breakages during updates. Rolling updates can introduce regressions or temporary incompatibilities. It is recommended to review changelogs before major updates.
  • Repository Conflicts: Kali and Debian Testing packages may occasionally conflict during apt upgrade. Pin priorities are configured, but manual resolution may be needed.
  • Tool Compatibility: Some third-party tools may have dependency issues due to the hybrid package base.
  • Kernel Updates: Custom kernel parameters in GRUB may need to be re-applied after kernel updates.
  • GPU Drivers: Proprietary GPU drivers may require manual installation due to the Testing base.

Hardening Details

Almighty Linux adopts a "Security by Default" philosophy, providing multi-layered protection from the kernel to the application layer.

1. Kernel & Boot Security

Critical parameters injected via /etc/default/grub.d/40_hardened.cfg:

  • Memory Sanitization: init_on_alloc=1 and init_on_free=1 — memory is zeroed on allocation and deallocation, preventing use-after-free attacks.
  • ASLR & Stack Protection: page_alloc.shuffle=1 and randomize_kstack_offset=on — memory layout is randomized.
  • Side-Channel Protection: mitigations=full — maximum patches against Spectre, Meltdown, L1TF, MDS, and related CPU vulnerabilities.
  • Debug Blocking: debugfs=off — kernel debug filesystem access disabled.
  • Physical Security: rd.shell=0 and rd.emergency=halt — emergency shell access on boot failure is blocked; system halts instead.

2. Runtime Security: Sysctl

The /etc/sysctl.d/sysctl.conf file fundamentally modifies kernel runtime behavior:

  • Stealth & Restriction: kptr_restrict=2 and dmesg_restrict=1 — kernel addresses and logs hidden from unprivileged users.
  • PTrace Protection: yama.ptrace_scope=3 — process tracing and code injection completely forbidden (including debugger usage).
  • BPF Hardening: unprivileged_bpf_disabled=1 and net.core.bpf_jit_harden=2 — advanced BPF JIT compiler attacks blocked.
  • Network Layer: IP forwarding disabled, spoofing protection (rp_filter) enabled, ICMP redirects disabled.
  • Filesystem: Symlink and hardlink creation rules hardened to prevent race-condition exploits.

3. Kernel Module Hardening

Unused or insecure drivers are blocked under /etc/modprobe.d/:

  • Legacy Protocols: AppleTalk, IPX, ATM, CAN Bus, DECnet disabled via /bin/false.
  • Obsolete Devices: Floppy, Firewire, and legacy NIC drivers blocked.
  • Bluetooth: Protocol-level restrictions applied.
  • Hardware Noise: PC Speaker disabled to prevent acoustic side-channels.

4. File System & Permission Management

Almighty Linux enforces the "Least Privilege" principle across the file hierarchy:

  • Global UMASK: Default umask set to 027 via /etc/profile.d/hardening.sh, preventing other users from reading newly created files.
  • Sudo Security: UMASK policy enforced during sudo operations (umask_override).
  • Permission Hardening Service: permission-hardening.service runs on every boot, verifying and correcting permissions on critical files.
File / Directory Permission Description
/etc/shadow 600 Only root can read password hashes.
/etc/sudoers 440 Prevents unauthorized privilege escalation.
/root 700 Root home directory fully isolated.
/etc/cron.* 755 Prevents scheduled task manipulation.

5. Application Security: APT Sandbox

The /etc/apt/apt.conf.d/40sandbox configuration runs package download and installation processes in a restricted sandbox. This ensures that a potential vulnerability in the package manager cannot compromise the entire system.

ISO Download & Verification

Download the latest Almighty Linux ISO from the Download page.

SHA256 Verification

After downloading the ISO, verify its integrity using the provided SHA256 checksum:

sha256sum almighty-linux-1.0-beta-amd64.iso

Compare the output with the checksum provided on the download page. If they match, the file is intact and unmodified.

USB Writing

You can write the ISO to a USB drive using any of the following methods:

dd (Linux / macOS)

Warning: The dd command will erase ALL data on the target device. Double-check the device path before executing.
sudo dd if=almighty-linux-1.0-beta-amd64.iso of=/dev/sdX bs=4M status=progress && sync

Replace /dev/sdX with your USB device path (e.g., /dev/sdb). Use lsblk to identify the correct device.

Ventoy

  1. Download and install Ventoy on your USB drive.
  2. Copy the Almighty Linux ISO file to the Ventoy partition.
  3. Boot from the USB and select the ISO from the Ventoy menu.

Rufus (Windows)

  1. Download Rufus.
  2. Select your USB device and the Almighty Linux ISO.
  3. Use DD Image mode for best compatibility.
  4. Click Start and wait for the process to complete.

Booting

  1. Insert the prepared USB drive into the target machine.
  2. Enter the BIOS/UEFI firmware settings (typically via F2, F12, DEL, or ESC during POST).
  3. Set the USB drive as the primary boot device or use the one-time boot menu.
  4. Save settings and reboot.
  5. The Almighty Linux boot menu will appear. Select Live to try the system without installation.

Calamares Installation

Almighty Linux uses the Calamares graphical installer for a straightforward installation experience.

  1. Boot into the live environment.
  2. Launch the Install Almighty Linux shortcut from the desktop or application menu.
  3. Follow the guided steps:
    • Language & Locale: Select your preferred language and region.
    • Keyboard: Choose your keyboard layout.
    • Partitioning: Select automatic (erase disk) or manual partitioning.
    • User Setup: Create your username and password.
    • Summary: Review your selections.
  4. Click Install and wait for the process to complete.
  5. Reboot and remove the USB drive.
Tip: For dual-boot setups, use manual partitioning and ensure you have a dedicated partition for Almighty Linux. GRUB will automatically detect other operating systems.

Basic Usage

Running Tools

All Almighty tools are installed in /usr/local/bin and can be invoked directly from the terminal.

The tools can also be accessed via the Menu - Almighty OSINT section. The tools are categorized.

System Updates

sudo update
Caution: Due to the hybrid Debian Testing / Kali base, review package changes carefully before confirming upgrades. Snapshot your system if possible.

Almighty OSINT Browser

Status: Alpha/Development
Currently in Alpha/Development stage. Not suitable for critical tasks. Some security/privacy features may not function correctly. Use with a Tor router for maximum security.

A browser developed from scratch based on Chromium / PyQt6 Web Engine. It features built-in OSINT tools and a wide range of user agents.

Cool Tools

Almighty Linux includes a collection of ASCII art terminal splash screens. These can be run as commands to display themed terminal logos:

Command Description
anon Anonymity-themed terminal splash logo
eye Eye-figured terminal splash logo
katana Katana-figured terminal splash logo
raven1 Raven-themed terminal splash logo (v1)
raven2 Raven-themed terminal splash logo (v2)
skull Skull-figured terminal splash logo
skull2 Alternative skull-figured terminal splash logo
wing Wing-figured terminal splash logo

Run any command in the terminal to display the corresponding ASCII art:

$ skull
$ raven1
$ eye

Commands

System utility commands bundled with Almighty Linux:

Command Description
almighty-panel System management panel for Almighty Linux configuration and administration.
almighty-fetch ASCII system information display (neofetch-style) with Almighty branding.
flatpak-setup Flatpak installation and configuration script.
mullvad-installer Mullvad Browser and VPN installation script.
update System update script for upgrading all packages. 
# Run the system panel
$ almighty-panel

# Show system info
$ almighty-fetch

# Update system
$ sudo update

Frequently Asked Questions

What is the base of Almighty Linux?

Almighty Linux is a hybrid structure based on Debian Testing and Kali Linux.

What distinguishes Almighty Linux from others?

It comes with many custom-developed OSINT tools, advanced OpSec (Operational Security) modules, specially configured browsers, and performance/security-oriented Hardened Kernel tunings.

What is a hybrid operating system?

It refers to systems using the base of two different distributions together. Almighty Linux provides a wide scope for the user by utilizing the stability of Debian and the comprehensive tool library of Kali simultaneously.

Does the distribution have its own repository?

No. For security reasons and to minimize maintenance overhead, it does not use its own repository system; it draws directly from Debian and Kali repositories.

The system receives regular updates for security and Kali tools.

The currency of custom Almighty tools is ensured through periodically released 'Major Update' ISOs. This is a deliberate decision taken to preserve system stability.

What is the desktop environment?

MATE. It offers a fast, high-performance, and visually optimized experience.

What is included in the system?

  • Digital Trackers: Deep information gathering tools via usernames, emails, or images.
  • Visual Analysis: Special software mapping social media networks and data connections.
  • Privacy Shield: Security layers concealing identity during scanning and analysis processes.

New to cybersecurity; is it suitable?

Probably not. The distribution requires basic/intermediate level Linux and cybersecurity knowledge.

Potential conflicts or breakages due to the Testing base and hybrid structure may occur.

Furthermore, most tools are not graphical user interface (GUI) based; they rely on traditional terminal/parameter usage.

Why the name Almighty Linux? What is its meaning?

The name is derived from "The Almighty" ability possessed by the legendary character Yhwach from the Bleach anime. Yhwach's ability allows seeing all future possibilities. As an OSINT distribution, Almighty Linux has been developed with the philosophy of making all scattered data and hidden connections on the internet "visible."

Submission of custom tools by developers?

Yes, conditions:

  • Languages: Only tools written in C, Python, Go, Bash, and Perl are accepted (for integration and analysis ease).
  • Security: Tools must be submitted as source code, not packaged (deb, tar.gz).
  • Quality: Projects that are non-functional, overly simple, easily broken, or copies of existing tools are not accepted.
  • Review: Submitted tools are tested in Sandbox/VM environments and additionally analyzed by models such as Claude Opus.

How to contact?

This distribution is under the management of Nixovena Labs. For questions, bug reports, or collaborations: nixovena.org/contact

How did this distribution emerge?

The first version was built in early 2025. It originated as a personal project based on Debian/Parrot but was shelved for a period. When rediscovered in the archives, the core structure was found too powerful to be wasted; the base was updated with Kali and the decision was made to open it to the community.

Bug Reports

Found a bug or unexpected behavior? Please report it through our contact portal:

Report a Bug

When reporting, please include:

  • Almighty Linux version and kernel version (uname -a)
  • Steps to reproduce the issue
  • Relevant terminal output or error messages
  • Hardware specifications if relevant

Contact

For general inquiries, collaboration proposals, or support requests:

Contact Us

Website: nixovena.org