BlackArch 官方文档及常用工具

https://blackarch.org/blackarch-guide-en.pdf

3.2.1.2 blackarch-anti-forensic
Packages that are used for countering forensic activities, including encryption, steganography, and
anything that modifies files/file attributes. This all includes tools to work with anything in general
that makes changes to a system for the purposes of hiding information.
Examples: luks, TrueCrypt, Timestomp, dd, ropeadope, secure-delete
3.2.1.3 blackarch-automation
Packages that are used for tool or workflow automation.
Examples: blueranger, tiger, wiffy
3.2.1.4 blackarch-backdoor
Packages that exploit or open backdoors on already vulnerable systems.
Examples: backdoor-factory, rrs, weevely
3.2.1.5 blackarch-binary
Packages that operate on binary files in some form.
Examples: binwally, packerid
3.2.1.6 blackarch-bluetooth
Packages that exploit anything concerning the Bluetooth standard (802.15.1).
Examples: ubertooth, tbear, redfang
3.2.1.7 blackarch-code-audit
Packages that audit existing source code for vulnerability analysis.
Examples: flawfinder, pscan
3.2.1.8 blackarch-cracker
Packages used for cracking cryptographic functions, ie hashes.
Examples: hashcat, john, crunch
3.2.1.9 blackarch-crypto
Packages that work with cryptography, with the exception of cracking.
Examples: ciphertest, xortool, sbd
10
The BlackArch Linux Guide
3.2.1.10 blackarch-database
Packages that involve database exploitations on any level.
Examples: metacoretex, blindsql
3.2.1.11 blackarch-debugger
Packages that allow the user to view what a particular program is ”doing” in realtime.
Examples: radare2, shellnoob
3.2.1.12 blackarch-decompiler
Packages that attempt to reverse a compiled program into source code.
Examples: flasm, jd-gui
3.2.1.13 blackarch-defensive
Packages that are used to protect a user from malware & attacks from other users.
Examples: arpon, chkrootkit, sniffjoke
3.2.1.14 blackarch-disassembler
This is similar to blackarch-decompiler, and there will probably be a lot of programs that fall into
both, however these packages produce assembly output rather than the raw source code.
Examples: inguma, radare2
3.2.1.15 blackarch-dos
Packages that use DoS (Denial of Service) attacks.
Examples: 42zip, nkiller2
3.2.1.16 blackarch-drone
Packages that are used for managing physically engineered drones.
Examples: meshdeck, skyjack
3.2.1.17 blackarch-exploitation
Packages that takes advantages of exploits in other programs or services.
Examples: armitage, metasploit, zarp
11
The BlackArch Linux Guide
3.2.1.18 blackarch-fingerprint
Packages that exploit fingerprint biometric equipment.
Examples: dns-map, p0f, httprint
3.2.1.19 blackarch-firmware
Packages that exploit vulnerabilities in firmware
Examples: None yet, amend asap.
3.2.1.20 blackarch-forensic
Packages that are used to find data on physical disks or embedded memory.
Examples: aesfix, nfex, wyd
3.2.1.21 blackarch-fuzzer
Packages that use the fuzz testing principle, ie ”throwing” random inputs at the subject to see what
happens.
Examples: msf, mdk3, wfuzz
3.2.1.22 blackarch-hardware
Packages that exploit or manage anything to do with physical hardware.
Examples: arduino, smali
3.2.1.23 blackarch-honeypot
Packages that act as ”honeypots”, ie programs that appear to be vulnerable services used to attract
hackers into a trap.
Examples: artillery, bluepot, wifi-honey
3.2.1.24 blackarch-keylogger
Packages that record and retain keystrokes on another system.
Examples: None yet, amend asap.
3.2.1.25 blackarch-malware
Packages that count as any type of malicious software or malware detection.
Examples: malwaredetect, peepdf, yara
12
The BlackArch Linux Guide
3.2.1.26 blackarch-misc
Packages that don’t particularly fit into any categories.
Examples: oh-my-zsh-git, winexe, stompy
3.2.1.27 blackarch-mobile
Packages that manipulate mobile platforms.
Examples: android-sdk-platform-tools, android-udev-rules
3.2.1.28 blackarch-networking
Package that involve IP networking.
Examples: Anything pretty much
3.2.1.29 blackarch-nfc
Packages that use nfc (near-field communications).
Examples: nfcutils
3.2.1.30 blackarch-packer
Packages that operate on or invlove packers.
packers are programs that embed malware within other executables.
Examples: packerid
3.2.1.31 blackarch-proxy
Packages that acts as a proxy, ie redirecting traffic through another node on the internet.
Examples: burpsuite, ratproxy, sslnuke
3.2.1.32 blackarch-recon
Packages that actively seeks vulnerable exploits in the wild. More of an umbrella group for similar
packages.
Examples: canri, dnsrecon, netmask
3.2.1.33 blackarch-reversing
This is an umbrella group for any decompiler, disassembler or any similar program.
Examples: capstone, radare2, zerowine
13
The BlackArch Linux Guide
3.2.1.34 blackarch-scanner
Packages that scan selected systems for vulnerabilities.
Examples: scanssh, tiger, zmap
3.2.1.35 blackarch-sniffer
Packages that involve analyzing network traffic.
Examples: hexinject, pytactle, xspy
3.2.1.36 blackarch-social
Packages that primarily attack social networking sites.
Examples: jigsaw, websploit
3.2.1.37 blackarch-spoof
Packages that attempt to spoof the attacker such, in that the attacker doesn’t show up as an attacker
to the victim.
Examples: arpoison, lans, netcommander
3.2.1.38 blackarch-threat-model
Packages that would be used for reporting/recording the threat model outlined in a particular scenario.
Examples: magictree
3.2.1.39 blackarch-tunnel
Packages that are used to tunnel network traffic on a given network.
Examples: ctunnel, iodine, ptunnel
3.2.1.40 blackarch-unpacker
Packages that are used to extract pre-packed malware from an executable.
Examples: js-beautify
3.2.1.41 blackarch-voip
Packages that operate on voip programs and protocols.
Examples: iaxflood, rtp-flood, teardown
14
The BlackArch Linux Guide
3.2.1.42 blackarch-webapp
Packages that operate on internet-facing applications.
Examples: metoscan, whatweb, zaproxy
3.2.1.43 blackarch-windows
This group is for any native Windows package that runs via wine.
Examples: 3proxy-win32, pwdump, winexe
3.2.1.44 blackarch-wireless
Packages that operates on wireless networks on any level.
Examples: airpwn, mdk3, wiffy