← Back to Blog

NullSec Linux on ARM64

March 20, 2026 nullsecarm64

NullSec Linux ARM64 brings the full security toolkit to Raspberry Pi, Apple Silicon, and AWS Graviton. The same tools, the same workflow, on any modern ARM hardware.

◉ Why ARM64?

ARM is everywhere now:

A security distro that only runs on x86 is increasingly incomplete.

◉ Supported Hardware

Raspberry Pi 4 & 5

The primary target for portable field work. Boot from SD card or USB SSD.

# Flash to SD card
sudo dd if=nullsec-arm64.img of=/dev/mmcblk0 bs=4M status=progress
sync

# Boot with 8GB RAM recommended
# Pi 5 performance is excellent — rivals Intel i5

Performance notes:

Apple Silicon (via VM)

Run NullSec in UTM or Parallels on M1/M2/M3 Macs.

# UTM setup
1. Create new VM → Linux → Other ARM64
2. Import nullsec-arm64.iso
3. Allocate 4+ GB RAM, 20+ GB disk
4. Enable Virtualization framework for native performance

Apple Silicon VMs are fast — faster than many native x86 laptops. The ARM-to-ARM virtualization has minimal overhead.

AWS Graviton

For cloud-based security assessments:

# Launch Graviton instance with NullSec AMI
aws ec2 run-instances \
    --image-id ami-0nullsec-arm64 \
    --instance-type c7g.xlarge \
    --key-name mykey

# c7g.xlarge: 4 vCPU, 8 GB RAM, ~$0.12/hr
# 40% cheaper than equivalent c7i.xlarge

Graviton 3 processors include crypto acceleration (AES-NI equivalent), making cryptographic operations competitive with x86.

Generic UEFI ARM64

Any ARM64 hardware with UEFI boot should work:

◉ Architecture Challenges

Porting NullSec to ARM64 wasn't just rebuilding packages. Some tools needed work:

Metasploit

Ruby runs natively. Most payloads are architecture-independent (Meterpreter stages download appropriate binaries). ARM64 native payloads added where needed.

Hashcat

CPU mode works but is slow. No native ARM64 GPU drivers yet, so GPU cracking requires remote x86 rigs. We include hashcat-server for distributed setups.

Burp Suite

Java-based, runs natively on ARM64 JVM. Community edition works fine. Professional edition needs manual ARM64 JVM configuration.

Lateralus

Pure Python runtime — no changes needed. C backend required cross-compilation setup but works perfectly.

# Cross-compile Lateralus to ARM64 binary
lateralus build --target c99 exploit.ltl
aarch64-linux-gnu-gcc -O2 exploit.c -o exploit_arm64

◉ Raspberry Pi Field Kit

Our recommended portable pentest rig:

Component Cost
Raspberry Pi 5 (8GB)$80
256GB NVMe SSD + HAT$45
Official case + fan$15
Alfa AWUS036ACH (WiFi)$50
USB-C PD battery (20,000 mAh)$40
7" touchscreen (optional)$70
Total $230-300

Fits in a jacket pocket. 4-6 hours battery life during active scanning.

◉ Performance Benchmarks

Compared to NullSec x86 on Intel i7-1165G7 (popular pentest laptop):

Task x86 Pi 5 M2 VM
Nmap -sS -T4 /2412s18s11s
SQLMap basic test8s14s7s
Gobuster dir (medium)45s62s41s
Lateralus compile test0.8s1.4s0.6s
Metasploit load14s22s12s

The M2 VM is actually faster than the x86 laptop for many tasks. Pi 5 is ~1.5x slower but perfectly usable.

◉ WiFi Adapter Support

WiFi hacking needs monitor mode. Tested adapters on ARM64:

All external WiFi adapters are tested before NullSec ARM64 releases.

◉ Getting Started

# Download ARM64 image
wget https://lateralus.dev/download/nullsec-2.0-arm64.img.xz

# Verify signature
gpg --verify nullsec-2.0-arm64.img.xz.sig

# Decompress
xz -d nullsec-2.0-arm64.img.xz

# Write to SD/USB (replace sdX with your device)
sudo dd if=nullsec-2.0-arm64.img of=/dev/sdX bs=4M status=progress

Default login: nullsec / nullsec — change immediately after boot!

Full documentation and downloads at the downloads page.