Blackarch pacman package groups for tools

Blackarch pacman package groups

Install with pacman -S groupname to quickly install a bunch of tools in one command:
This info is available in the blackarch developers guide here: https://blackarch.org/blackarch-guide-en.pdf
– this post is a copy-paste of that info – there are a lot of red-team things in the list,
but to blue-team you need to know what the red-team have at their disposal
(and thats why I have included it here, if you dont use these tools responsibly, then that’s your fault, not mine)
If you dont know what defines a red-team and blue-team, then you probably shouldnt use these tools,
they could end you in a lot of trouble if you can’t control them, or if you point them at the wrong network

3.2.1 Groups
To allow users to install a specific range of packages quickly and easily, packages have been separated
into groups. Groups allow users to simply go “pacman -S group-name” in order to pull a lot of
packages.
blackarch
The blackarch group is the base group that all packages must belong too. This allows users to install
every package with ease.
What should be in here: Everything.
https://blackarch.org/tools.html

blackarch-anti-forensic
Packages that are used for countering forensic activities, including encryption, steganography, and
anything that modifies files/file attributes. This all includes tools to work with anything in general
that makes changes to a system for the purposes of hiding information.
Examples: luks, TrueCrypt, Timestomp, dd, ropeadope, secure-delete

blackarch-automation
Packages that are used for tool or workflow automation.
Examples: blueranger, tiger, wiffy

blackarch-backdoor
Packages that exploit or open backdoors on already vulnerable systems.
Examples: backdoor-factory, rrs, weevely

blackarch-binary
Packages that operate on binary files in some form.
Examples: binwally, packerid

blackarch-bluetooth
Packages that exploit anything concerning the Bluetooth standard (802.15.1).
Examples: ubertooth, tbear, redfang

blackarch-code-audit
Packages that audit existing source code for vulnerability analysis.
Examples: flawfinder, pscan

blackarch-cracker
Packages used for cracking cryptographic functions, ie hashes.
Examples: hashcat, john, crunch

blackarch-crypto
Packages that work with cryptography, with the exception of cracking.
Examples: ciphertest, xortool, sbd

blackarch-database
Packages that involve database exploitations on any level.
Examples: metacoretex, blindsql

blackarch-debugger
Packages that allow the user to view what a particular program is ”doing” in realtime.
Examples: radare2, shellnoob

blackarch-decompiler
Packages that attempt to reverse a compiled program into source code.
Examples: flasm, jd-gui

blackarch-defensive
Packages that are used to protect a user from malware & attacks from other users.
Examples: arpon, chkrootkit, sniffjoke

blackarch-disassembler
This is similar to blackarch-decompiler, and there will probably be a lot of programs that fall into
both, however these packages produce assembly output rather than the raw source code.
Examples: inguma, radare2

blackarch-dos
Packages that use DoS (Denial of Service) attacks.
Examples: 42zip, nkiller2

blackarch-drone
Packages that are used for managing physically engineered drones.
Examples: meshdeck, skyjack

blackarch-exploitation
Packages that takes advantages of exploits in other programs or services.
Examples: armitage, metasploit, zarp

blackarch-fingerprint
Packages that exploit fingerprint biometric equipment.
Examples: dns-map, p0f, httprint

blackarch-firmware
Packages that exploit vulnerabilities in firmware
Examples: None yet, amend asap.

blackarch-forensic
Packages that are used to find data on physical disks or embedded memory.
Examples: aesfix, nfex, wyd

blackarch-fuzzer
Packages that use the fuzz testing principle, ie ”throwing” random inputs at the subject to see what
happens.
Examples: msf, mdk3, wfuzz

blackarch-hardware
Packages that exploit or manage anything to do with physical hardware.
Examples: arduino, smali

blackarch-honeypot
Packages that act as ”honeypots”, ie programs that appear to be vulnerable services used to attract
hackers into a trap.
Examples: artillery, bluepot, wifi-honey

blackarch-keylogger
Packages that record and retain keystrokes on another system.
Examples: None yet, amend asap.

blackarch-malware
Packages that count as any type of malicious software or malware detection.
Examples: malwaredetect, peepdf, yara

blackarch-misc
Packages that don’t particularly fit into any categories.
Examples: oh-my-zsh-git, winexe, stompy

blackarch-mobile
Packages that manipulate mobile platforms.
Examples: android-sdk-platform-tools, android-udev-rules

blackarch-networking
Package that involve IP networking.
Examples: Anything pretty much

blackarch-nfc
Packages that use nfc (near-field communications).
Examples: nfcutils

blackarch-packer
Packages that operate on or invlove packers.
packers are programs that embed malware within other executables.
Examples: packerid

blackarch-proxy
Packages that acts as a proxy, ie redirecting traffic through another node on the internet.
Examples: burpsuite, ratproxy, sslnuke

blackarch-recon
Packages that actively seeks vulnerable exploits in the wild. More of an umbrella group for similar
packages.
Examples: canri, dnsrecon, netmask

blackarch-reversing
This is an umbrella group for any decompiler, disassembler or any similar program.
Examples: capstone, radare2, zerowine

blackarch-scanner
Packages that scan selected systems for vulnerabilities.
Examples: scanssh, tiger, zmap

blackarch-sniffer
Packages that involve analyzing network traffic.
Examples: hexinject, pytactle, xspy

blackarch-social
Packages that primarily attack social networking sites.
Examples: jigsaw, websploit

blackarch-spoof
Packages that attempt to spoof the attacker such, in that the attacker doesn’t show up as an attacker
to the victim.
Examples: arpoison, lans, netcommander

blackarch-threat-model
Packages that would be used for reporting/recording the threat model outlined in a particular scenario.
Examples: magictree

blackarch-tunnel
Packages that are used to tunnel network traffic on a given network.
Examples: ctunnel, iodine, ptunnel

blackarch-unpacker
Packages that are used to extract pre-packed malware from an executable.
Examples: js-beautify

blackarch-voip
Packages that operate on voip programs and protocols.
Examples: iaxflood, rtp-flood, teardown

blackarch-webapp
Packages that operate on internet-facing applications.
Examples: metoscan, whatweb, zaproxy

blackarch-windows
This group is for any native Windows package that runs via wine.
Examples: 3proxy-win32, pwdump, winexe

blackarch-wireless
Packages that operates on wireless networks on any level.
Examples: airpwn, mdk3, wiffy

Leave a Reply