• The installation scripts and provided tools may have bugs, be vulnerable to Man in the Middle (MitM) attacks or other vulnerabilities.

• Adding additional repositories or tools for installing software extends your trust to those tool providers.

Please keep in mind that using such a VM or VMs based on the template for security and privacy critical tasks is not recommended.

How to Create a BlackArch VM

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1434 tools.

• List of tools
• Installation Instructions

Create ArchLinux Based BlackArch Template

1. Create ArchlLinux Template

   • Follow the Archlinux Template instructions

2. Update Template

    sudo pacman -Syyu
   

3. Clone template

   1. Via Qubes VM Manager

   2. Via command line

       qvm-clone archlinux blackarch
      

4. Install BlackArch repository

    $ curl -O https://blackarch.org/strap.sh
   
    # The SHA1 sum should match: 34b1a3698a4c971807fb1fe41463b9d25e1a4a09
    $ sha1sum strap.sh
   
    # Set execute bit
    $ chmod +x strap.sh
   
    # Run strap.sh
    $ sudo ./strap.sh
   

5. Install tools

   • install all tools

       sudo pacman -S blackarch
     

   • or by category:

       # list available categories
       pacman -Sg | grep blackarch
     
       # install category
       sudo pacman -S blackarch-<category>
     
       # example
       sudo pacman -S blackarch-forensic
     

   • or specific tool

       # Search for tool
       pacman -Ss <tool-name>
     
       # Install tool
       sudo pacman -S <tool-name>
     
       # Example
       pacman -Ss burpsuite
       sudo pacman -S burpsuite
     

6. Create a AppVMs based on the blackarch template

   • (Optional) Attach necessary devices

Alternative Options to BlackArch

• Kali
• PenTester Framework (PTF)
• Pentesting