BlackArch Linux, The BlackArch Linux Guide

1 The BlackArch Linux Overview.. What is BlackArch Linux ?.. History of BlackArch Linux .. Supported platforms.. Get involved.. 42 User Installation.. Installing on top of ArchLinux.. Installing packages.. Installing packages from source.. Basic Blackman usage.. Installing from full-, netinstall- ISO or ArchLinux.. 73 Developer Arch s Build System and Repositories.. BlackArch PKGBUILD standards.. Groups.. BlackArch .. BlackArch -anti-forensic.. BlackArch -automation.. BlackArch -backdoor.. BlackArch -binary.. BlackArch -bluetooth.. BlackArch -code-audit.. BlackArch -cracker.. BlackArch -crypto.. BlackArch -database.. BlackArch -debugger.. BlackArch -decompiler.. BlackArch -defensive.. BlackArch -disassembler.

2 BlackArch -dos.. BlackArch -drone.. BlackArch -exploitation.. BlackArch -fingerprint.. BlackArch -firmware.. BlackArch -forensic.. BlackArch -fuzzer.. BlackArch -hardware.. BlackArch -honeypot.. BlackArch -keylogger.. BlackArch -malware.. BlackArch -misc.. BlackArch -mobile.. BlackArch -networking.. BlackArch -nfc.. BlackArch -packer.. BlackArch -proxy.. BlackArch -recon.. BlackArch -reversing.. BlackArch -scanner.. BlackArch -sniffer.. BlackArch -social.. BlackArch -spoof.. BlackArch -threat-model.. BlackArch -tunnel.. BlackArch -unpacker.. BlackArch -voip.. BlackArch -webapp.. BlackArch -windows.. BlackArch -wireless.. Repository structure.. Scripts.. Contributing to repository.. Required tutorials.. Steps for contributing.

3 Example.. Fetch PKGBUILD.. Clean up PKGBUILD.. Adjust PKGBUILD.. Build the package.. Install and test the package.. Add, commit and push package.. Create a pull request.. Adding a remote for upstream.. Requests.. General tips.. 184 Tools Coming Soon.. 19A FAQ s.. AUTHORS.. 20 Chapter OverviewThe BlackArch Linux Guide is divided into several parts: Introduction - Provides a broad overview, introduction, and additional helpful project informa-tion User Guide - Everything a typical user needs to know to effectively use BlackArch Developer Guide - How to get started developing for and contributing to BlackArch Tool Guide - In-depth tool details along example usages (WIP) What is BlackArch Linux ? BlackArch is a complete Linux distribution for penetration testers and security researchers.

4 It is derivedfrom ArchLinuxand users can install BlackArch components individually or in groups directly on topof toolset is distributed as an Arch Linuxunofficial user repositoryso you can install BlackArch ontop of an existing Arch Linux installation. Packages may be installed individually or by constantly expanding repository currently includes over2600tools. All tools are thoroughlytested before being added to the codebase to maintain the quality of the History of BlackArch LinuxComing Supported platformsComing BlackArch Linux Get involvedYou can get in touch with the BlackArch team using the following 2 User InstallationThe following sections will show you how to setup the BlackArch repository and install supports both, installing from the repository using binary packages as well as compilingand installing from is compatible with normal Arch installations.

5 It acts as an unofficial user repository. If youwant an ISO instead, see theISOs Installing on top of ArchLinuxRun root and follow the instructions. See the following # shouldmatch: d062038042c5f141755ea39dbd615e6ff9e23121 sudochmod+x download a fresh copy of the master package list and synchronize Installing packagesYou may now install tools from the BlackArch To list all of the available tools, runpacman-Sgg |grepblackarch |cut-d' ' -f2 |sort-u2. To install all of the tools, runpacman-S blackarch3. To install a category of tools, run6 The BlackArch Linux Guidepacman-S BlackArch -<category>4. To see the BlackArch categories, runpacman-Sg | Installing packages from sourceAs part of an alternative method of installation, you can build the BlackArch packages from can find the PKGBUILDs ongithub.

6 To build the entire repo, you can use theBlackmantool. First, you have to install Blackman. If the BlackArch package repository is setup on yourmachine, you can install Blackman:pacman-S blackman You can build and install Blackman from source:mkdirblackmancd # Or you can install Blackman from the AUR:<whatever AUR helper you use> Basic Blackman usageBlackman is very simple to use, though the flags are different from what you would typically expectfrom something like pacman. Basic usage has been outlined below. Download, compile and install packages:sudoblackman-i package Download, compile and install whole category:sudoblackman-g group Download, compile and install all of the BlackArch tools:sudoblackman-a To list the BlackArch categories:blackman-l To list category tools:blackman-p category7 The BlackArch Linux Installing from full-, netinstall- ISO or ArchLinuxYou can install BlackArch Linux from one of our full- or #iso.

7 The following steps are required after theISO boot up. Install BlackArch -installer package:sudopacman-S BlackArch -installer Runsudoblackarch -install8 Chapter 3 Developer Arch s Build System and RepositoriesPKGBUILD files are build scripts. Each one tells makepkg(1) how to create a package. PKGBUILD files are written in more information, read (or skim through) the following: Arch Wiki: Creating Packages Arch Wiki: makepkg Arch Wiki: PKGBUILD Arch Wiki: Arch Packaging BlackArch PKGBUILD standardsFor the sake of simplicity, our PKGBUILDs are similar to that of the AUR ones, with a few smalldifferences outlined below. Every package must belong to BlackArch at the minimum, there will alsobe a lot of crossover with multiple packages belonging to multiple GroupsTo allow users to install a specific range of packages quickly and easily, packages have been separatedinto groups.

8 Groups allow users to simply go pacman -S <group name> in order to pull a lot blackarchThe BlackArch group is the base group that all packages must belong too. This allows users to installevery package with should be in here: BlackArch Linux BlackArch -anti-forensicPackages that are used for countering forensic activities, including encryption, steganography, andanything that modifies files/file attributes. This all includes tools to work with anything in generalthat makes changes to a system for the purposes of hiding : luks, TrueCrypt, Timestomp, dd, ropeadope, BlackArch -automationPackages that are used for tool or workflow : blueranger, tiger, BlackArch -backdoorPackages that exploit or open backdoors on already vulnerable : backdoor-factory, rrs, BlackArch -binaryPackages that operate on binary files in some : binwally, BlackArch -bluetoothPackages that exploit anything concerning the Bluetooth standard ( ).

9 Examples: ubertooth, tbear, BlackArch -code-auditPackages that audit existing source code for vulnerability : flawfinder, BlackArch -crackerPackages used for cracking cryptographic functions, ie : hashcat, john, BlackArch -cryptoPackages that work with cryptography, with the exception of : ciphertest, xortool, sbd10 The BlackArch Linux BlackArch -databasePackages that involve database exploitations on any : metacoretex, BlackArch -debuggerPackages that allow the user to view what a particular program is doing in : radare2, BlackArch -decompilerPackages that attempt to reverse a compiled program into source : flasm, BlackArch -defensivePackages that are used to protect a user from malware & attacks from other : arpon, chkrootkit, BlackArch -disassemblerThis is similar to BlackArch -decompiler, and there will probably be a lot of programs that fall intoboth, however these packages produce assembly output rather than the raw source : inguma, BlackArch -dosPackages that use DoS (Denial of Service) : 42zip, BlackArch -dronePackages that are used for managing physically engineered : meshdeck, BlackArch -exploitationPackages that takes advantages of exploits in other programs or : armitage, metasploit, zarp11 The BlackArch Linux BlackArch -fingerprintPackages that exploit fingerprint biometric : dns-map, p0f, BlackArch -firmwarePackages that exploit vulnerabilities in firmwareExamples: None yet, amend BlackArch -forensicPackages that are used to find data on physical disks or embedded.

10 Aesfix, nfex, BlackArch -fuzzerPackages that use the fuzz testing principle, ie throwing random inputs at the subject to see : msf, mdk3, BlackArch -hardwarePackages that exploit or manage anything to do with physical : arduino, BlackArch -honeypotPackages that act as honeypots , ie programs that appear to be vulnerable services used to attracthackers into a : artillery, bluepot, BlackArch -keyloggerPackages that record and retain keystrokes on another : None yet, amend BlackArch -malwarePackages that count as any type of malicious software or malware : malwaredetect, peepdf, yara12 The BlackArch Linux BlackArch -miscPackages that don t particularly fit into any : oh-my-zsh-git, winexe, BlackArch -mobilePackages that manipulate mobile : android-sdk-platform-tools, BlackArch -networkingPackage that involve IP : arptools, dnsdiag, BlackArch -nfcPackages that use nfc (near-field communications).