BlackArch Linux – Lightweight Distro for Pentesters


BlackArch Linux –  Lightweight Distro for Pentesters

Introduction

BlackArch Linux is an open-source Linux distribution, built on top of Arch Linux OS, for pentesters and security researchers.

BlackArch Linux

It’s one of the most popular GNU/Linux distro for ethical hacking, penetration testing and security research. The constantly expanding repository currently includes over 1900 tools organized in numerous groups and cateogories: malware, wireless and disassemblers, crackers, anti-forensic, debuggers, fuzzers, keyloggers, decompilers, backdoors, proxy, spoofing, sniffers, etc.

BlackArch Linux fluxbox

Features:

  • A live ISO with multiple window managers: comes with including dwm, Fluxbox, Openbox, Awesome, wmii, i3, and Spectrwm.
  • Support for multiple architectures (x86_64, armv6h, armv7h and aarch64)
  • An 64bit OVA image ready to use with Virtualbox, QEMU, and VMware
  • An optional installer with the ability to build from source.
  • Over 1900 tools (constantly increasing)
BlackArch is relatively new, to report bugs visit issue tracker on Github.

You can install tools individually or in groups. Arch Linux users can setup BlackArch tools collection on top of it.

Some random Tools (no specific order/category/group):

  • 3proxy(tiny free proxy server),
  • a2sv (Auto Scanning to SSL Vulnerability),
  • admsnmp (ADM SNMP audit scanner),
  • android-apktool (a tool for reverse engineering Android apk files),
  • autosploit (automate the exploitation of remote hosts)
  • backhack (tool to perform Android app analysis by backing up and extracting apps),
  • bamf-framework (a modular framework platform to launch attacks against botnets),
  • bettercap (Swiss army knife for network attacks and monitoring),
  • brut3k1t (brute-force attack)
  • cmsmap (a python open source Content Management System scanner for detecting security flaws of the most popular CMSs),
  • cr3dov3r (search for public leaks for email addresses + check creds against 16 websites),
  • cyberscan (Network Pentesting Tool)
  • darkd0rk3r (python script that performs dork searching and searches for local file inclusion and SQL injection errors),
  • ettercap (a network sniffer for ethernet LANs – console),
  • faraday (a new concept (IPE) Integrated Penetration-Test Environment)
  • zmap (fast network scanner designed for Internet-wide network surveys blackarch-scanner),
  • zulu (a lightweight 802.11 wireless frame generation tool to enable fast and easy debugging and probing of 802.11 networks), etc.

See complete BlackArch Linux Tools List

Download/Install

You can simply download the ISO (come with an installer: blackarch-install) from the official download page, burn it on DVD or USB drive. You can also install it on top of existing Arch Linux.

– Installing on top of ArchLinux

# Run https://blackarch.org/strap.sh as root and follow the instructions.

$ curl -O https://blackarch.org/strap.sh
# The SHA1 sum should match: 73aae423a31410e021ef1b8f1becd573d2bd17dc

$ sha1sum strap.sh
# Set execute bit

$ chmod +x strap.sh
# Run strap.sh

$ sudo ./strap.sh

To list all of the available tools, run the following:

# pacman -Sgg | grep blackarch | cut -d’ ’ -f2 | sort -u

For BlackArch categories, run:

# pacman -Sg | grep blackarch

To install a category of tools, type:

# pacman -S blackarch -< category >

– Installing from source

You can build the blackarch packages from source, as an alternative way of installation. Use blackman tool to install entire repo.

# First, you must install blackman. If the BlackArch package repository is setup on your machine,
# you can install blackman like:

$ sudo pacman -S blackman
# Download, compile and install package:

$ sudo blackman -i <package>
# Download, compile and install whole category

$ sudo blackman -g <group>
# Download, compile and install all BlackArch tools

$ sudo blackman -a
# To list blackarch categories

$ blackman -l
# To list category tools

$ blackman -p <category>

– Installing from ISO

You can install BlackArch Linux (packages AND environment) using the Live or Netinstall medium.

# Install blackarch-install-scripts package

$ sudo pacman -S blackarch-install-scripts
# Now, you can run and follow the instructions

$ sudo blackarch-install

BlackArch is compatible with Arch Linux ARM. For installation instructions visit archlinuxarm.org.

Looking for another Kali Linux alternative? Check out Parrot Security OS, a very powerful pentesting distro.