[Dev] Having Pentesting, Forensic and much more tool from BlackArch repositories

aurelien aurelien at hackers.camp
Tue May 3 16:14:42 GMT 2016


Hello Parabola,

Here is a discussion from the IRC #Parabola channel on the point we
could get tools from BlackArch (+1400) tools of pentesting, forensic and
much more security.


--Star of the conversation
<aurelien> fauno there is another thing that could represent some
interests ... the tools from blackarch (+1400) in pentesting, forensic
and much more. Most of them are not on archlinux. I know that mean more
efforts, certainly a dedicaced repo and by the way more hackers. [17:37]
<aurelien> fauno, or maybe it could be possible to filter non-free them
From their repo directly [17:38]
<aurelien> fauno, or to keep it simple, had the repo ... and blacklist
the non-free that will be discovered one after one ;-)
<fauno> you mean add the repo and assume everything's free?
<aurelien> not assume ... but need verification                  [17:41]
<fauno> there was a therassology project that could analyze source code
and find potential issues
<aurelien> never heard about that
<fauno> iirc jxself was running a server
<fauno> can you ask him?
<aurelien> certainly
<aurelien> thanks for your lights fauno
<evc> not fossology?                                             [17:43]
<fauno> that one, sorry
<alfplayer> debian copyright files are much simpler
<fauno> xD
<aurelien> ok ... i have asked him                               [17:45]
<aurelien> ok so ... do you think that we can filter with
http://www.fossology.org/projects/fossology the blackarch repos? [17:47]
<pbot> Page title: `FOSSology - Overview - FOSSology'
<aurelien> jxself, says it help a lot but it is not perfect
<aurelien> he says that it works fine when license is clearly written
and by the way help on the rest for further investigation        [17:48]
<aurelien> we could maybe agreed on the one that are free, then grey
list the one that need more investigation and blacklist the non-free
[17:49]
<fauno> that seems right                                         [17:50]

--End of conversation

I have get a look about Foosology ... it use docker, if our server can
accept the run of a docker, we could maybe do that.

-- 
Aurélien DESBRIÈRES


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20160503/774e58f3/attachment.sig>


More information about the Dev mailing list