[Dev] Having Pentesting, Forensic and much more tool from BlackArch repositories
aurelien at hackers.camp
Wed May 4 13:21:48 GMT 2016
aurelien <aurelien at hackers.camp> writes:
> Hello Parabola,
> Here is a discussion from the IRC #Parabola channel on the point we
> could get tools from BlackArch (+1400) tools of pentesting, forensic and
> much more security.
> --Star of the conversation
> <aurelien> fauno there is another thing that could represent some
> interests ... the tools from blackarch (+1400) in pentesting, forensic
> and much more. Most of them are not on archlinux. I know that mean more
> efforts, certainly a dedicaced repo and by the way more hackers. [17:37]
> <aurelien> fauno, or maybe it could be possible to filter non-free them
> From their repo directly [17:38]
> <aurelien> fauno, or to keep it simple, had the repo ... and blacklist
> the non-free that will be discovered one after one ;-)
> <fauno> you mean add the repo and assume everything's free?
> <aurelien> not assume ... but need verification [17:41]
> <fauno> there was a therassology project that could analyze source code
> and find potential issues
> <aurelien> never heard about that
> <fauno> iirc jxself was running a server
> <fauno> can you ask him?
> <aurelien> certainly
> <aurelien> thanks for your lights fauno
> <evc> not fossology? [17:43]
> <fauno> that one, sorry
> <alfplayer> debian copyright files are much simpler
> <fauno> xD
> <aurelien> ok ... i have asked him [17:45]
> <aurelien> ok so ... do you think that we can filter with
> http://www.fossology.org/projects/fossology the blackarch repos? [17:47]
> <pbot> Page title: `FOSSology - Overview - FOSSology'
> <aurelien> jxself, says it help a lot but it is not perfect
> <aurelien> he says that it works fine when license is clearly written
> and by the way help on the rest for further investigation [17:48]
> <aurelien> we could maybe agreed on the one that are free, then grey
> list the one that need more investigation and blacklist the non-free
> <fauno> that seems right [17:50]
> --End of conversation
> I have get a look about Foosology ... it use docker, if our server can
> accept the run of a docker, we could maybe do that.
There is another one that we could also have, archstricke.
Always in security type of Arch, this one seems more active and have
more updated solution.
That would mean we would have to filter free and updated
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 818 bytes
Desc: not available
More information about the Dev