qubes-doc/managing-os/pentesting/blackarch.md

---
layout: doc
title: How to Create a BlackArch VM
permalink: /doc/pentesting/blackarch/
redirect_from:
- /doc/blackarch/
---

**General Remainder:**

- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

- Adding additional repositories or tools for installing software extends your trust to those tool provider.

Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.  

How to Create a BlackArch VM
============================

[BlackArch](http://www.blackarch.org) Linux is an [Arch Linux](http://www.archlinux.org/)-based distribution for penetration testers and security researchers. The repository contains [1434](http://www.blackarch.org/tools.html) tools.

- List of [tools](http://www.blackarch.org/tools.html)
- [Installation Instructions](http://www.blackarch.org/downloads.html)

Create ArchLinux Based BlackArch Template
-----------------------------------------

1. Create ArchlLinux Template

    - Follow the [Archlinux Template instructions](/doc/templates/archlinux/)


2. Update Template

        sudo pacman -Syyu

3. Clone template

    1. Via Qubes VM Manager

    2. Via command line

            qvm-clone archlinux blackarch

4. Install BlackArch repository

        $ curl -O https://blackarch.org/strap.sh

        # The SHA1 sum should match: 86eb4efb68918dbfdd1e22862a48fda20a8145ff
        $ sha1sum strap.sh

        # Set execute bit
        $ chmod +x strap.sh

        # Run strap.sh
        $ sudo ./strap.sh

5. Install tools

    - install all tools

            sudo pacman -S blackarch

    - or by category:

            # list available categories
            pacman -Sg | grep blackarch

            # install category
            sudo pacman -S blackarch-<category>

            # example
            sudo pacman -S blackarch-forensic

    - or specific tool

            # Search for tool
            pacman -Ss <tool-name>

            # Install tool
            sudo pacman -S <tool-name>

            # Example
            pacman -Ss burpsuite
            sudo pacman -S burpsuite

6. Create a AppVMs based on the `ptf` template

    - (Optional) Attach necessary devices

Alternative Options to BlackArch
--------------------------------

- [Kali](/doc/kali/)
- [PenTester Framework (PTF)](/doc/ptf/)
- [Pentesting](/doc/pentesting/)
pentesting 2016-06-13 20:24:23 -04:00			`---`
			`layout: doc`
			`title: How to Create a BlackArch VM`
Fix broken link to BlackArch page 2016-06-27 14:57:40 -04:00			`permalink: /doc/pentesting/blackarch/`
			`redirect_from:`
			`- /doc/blackarch/`
pentesting 2016-06-13 20:24:23 -04:00			`---`

legal notice and general remainder 2016-06-17 12:19:35 -04:00			`General Remainder:`

			`- The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.`

			`- Adding additional repositories or tools for installing software extends your trust to those tool provider.`

			`Please keep in mind that using such a VM or VM's based on the template for security and privacy critical tasks is not recommended.`

pentesting 2016-06-13 20:24:23 -04:00			`How to Create a BlackArch VM`
			`============================`

			`[BlackArch](http://www.blackarch.org) Linux is an [Arch Linux](http://www.archlinux.org/)-based distribution for penetration testers and security researchers. The repository contains [1434](http://www.blackarch.org/tools.html) tools.`

			`- List of [tools](http://www.blackarch.org/tools.html)`
			`- [Installation Instructions](http://www.blackarch.org/downloads.html)`

			`Create ArchLinux Based BlackArch Template`
			`-----------------------------------------`

layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`1. Create ArchlLinux Template`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`- Follow the [Archlinux Template instructions](/doc/templates/archlinux/)`
pentesting 2016-06-13 20:24:23 -04:00

layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`2. Update Template`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`sudo pacman -Syyu`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`3. Clone template`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`1. Via Qubes VM Manager`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`2. Via command line`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`qvm-clone archlinux blackarch`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`4. Install BlackArch repository`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`$ curl -O https://blackarch.org/strap.sh`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# The SHA1 sum should match: 86eb4efb68918dbfdd1e22862a48fda20a8145ff`
			`$ sha1sum strap.sh`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# Set execute bit`
			`$ chmod +x strap.sh`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# Run strap.sh`
			`$ sudo ./strap.sh`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`5. Install tools`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`- install all tools`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`sudo pacman -S blackarch`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`- or by category:`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# list available categories`
			`pacman -Sg \| grep blackarch`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# install category`
			`sudo pacman -S blackarch-<category>`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# example`
			`sudo pacman -S blackarch-forensic`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`- or specific tool`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# Search for tool`
			`pacman -Ss <tool-name>`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# Install tool`
			`sudo pacman -S <tool-name>`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`# Example`
			`pacman -Ss burpsuite`
			`sudo pacman -S burpsuite`
pentesting 2016-06-13 20:24:23 -04:00
layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			6. Create a AppVMs based on the `ptf` template

			`- (Optional) Attach necessary devices`
pentesting 2016-06-13 20:24:23 -04:00
			`Alternative Options to BlackArch`
			`--------------------------------`

layout fixes, indentation and small typo fixes 2016-06-25 20:20:13 -04:00			`- [Kali](/doc/kali/)`
			`- [PenTester Framework (PTF)](/doc/ptf/)`
			`- [Pentesting](/doc/pentesting/)`