Security researchers who rely on BlackArch Linux as a penetration testing platform now have a new more secure edition of their chosen distribution to work with. Version 2018.06.01 is available for download as of today, both as a 64-bit live ISO and a 64-bit Netinstall image. The new release comes with a wide variety of additional tools for Linux security researchers to use while testing server environments in order to see how they hold up against malicious attacks.
In addition to the applications that have been included in previous editions of BlackArch, there are over 60 new hacking tools that Linux security experts can use to pry into server and file structures to ensure that they’ve been hardened. Since these tools are geared toward investigating standard networking protocols, they may also help those who want to run a security-based Linux distribution to inspect non-Linux operating systems like Windows Server or even other flavors of Unix. This release brings the total number of ethical hacking solutions packaged with BlackArch to over 1,900.
A new script for pacman helps to keep an installation clean after installing packages, which is especially useful for those who need a distribution that maintains top performance at all times when poking through potentially exploitable security holes.
Technicians who need to run BlackArch in a virtual machine have access to a third image, which is distributed as an OVA file compatible with VMWare, QEMU and VirtualBox. A SHA1sum is provided for each of the three images to validate downloads, which is more secure than the md5sum values provided by most distributions.
Various security and application software updates were also slipstreamed into the installer as well to freshen up the environment. While BlackArch isn’t entirely designed for use in a production environment, these updated packages help to ensure that it can hold its own against exploits.
Since BlackArch Linux is based on the more popular Arch distribution, it’s possible to install on top of an existing ArchLinux installation. Installing the operating system in this way will allow it to act as an unofficial repository, which further increases its usefulness to security researchers.
A few quality of life improvements, such as i3WM configuration files, round out the offerings that come with this rather expansive update.