qubes-doc/managing-os/pentesting/blackarch.md
Michael Carbone 1348868850
fix typo
2018-02-19 05:40:39 -05:00

2.4 KiB

layout title permalink redirect_from
doc How to Create a BlackArch VM /doc/pentesting/blackarch/
/doc/blackarch/

General reminder:

  • The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

  • Adding additional repositories or tools for installing software extends your trust to those tool providers.

Please keep in mind that using such a VM or VMs based on the template for security and privacy critical tasks is not recommended.

How to Create a BlackArch VM

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1434 tools.

Create ArchLinux Based BlackArch Template

  1. Create ArchlLinux Template

  2. Update Template

     sudo pacman -Syyu
    
  3. Clone template

    1. Via Qubes VM Manager

    2. Via command line

       qvm-clone archlinux blackarch
      
  4. Install BlackArch repository

     $ curl -O https://blackarch.org/strap.sh
    
     # The SHA1 sum should match: 34b1a3698a4c971807fb1fe41463b9d25e1a4a09
     $ sha1sum strap.sh
    
     # Set execute bit
     $ chmod +x strap.sh
    
     # Run strap.sh
     $ sudo ./strap.sh
    
  5. Install tools

    • install all tools

        sudo pacman -S blackarch
      
    • or by category:

        # list available categories
        pacman -Sg | grep blackarch
      
        # install category
        sudo pacman -S blackarch-<category>
      
        # example
        sudo pacman -S blackarch-forensic
      
    • or specific tool

        # Search for tool
        pacman -Ss <tool-name>
      
        # Install tool
        sudo pacman -S <tool-name>
      
        # Example
        pacman -Ss burpsuite
        sudo pacman -S burpsuite
      
  6. Create a AppVMs based on the blackarch template

    • (Optional) Attach necessary devices

Alternative Options to BlackArch