From ArchWiki
Revision as of 13:28, 31 October 2010 by Ryooichi (talk | contribs) (moved oldtools to ArchTrack/oldtools)
Jump to: navigation, search

ArchTrack is an unofficial project that aims to enable both security professionals and newcomers to learn and use security and hacking tools within Arch Linux.


How can one not be inspired by the great work of BackTrack Linux and many other security-oriented distributions and tools? Thanks to open community, we intend to learn from what others have already accomplished and given back to the community at large. We will apply their lessons in the adoption of their examples and tools to Arch Linux.


  • Follow Arch Linux ethos: Arch Linux, The Arch Way, The Arch Way v2.0...
  • Include both the latest stable and development versions of tools, in line with Arch Linux's status as a "rolling-release cutting-edge distribution" (ref)
  • Be a community effort
  • We DO NOT support the use of ArchTrack (or any tool) in an illegal or unethical way
  • We DO suggest that you exercise your responsibility to abide by all applicable laws, regulations, rules and guidelines
  • Don't just be a penetration testing distribution. Include tools from other major roles in cybersecurity such as network security monitoring, forensics, etc.

Required Reading


  • A determined soul will do more with a rusty monkey wrench than a loafer will accomplish with all the tools in a machine shop. -- Robert Hughes


  • Once it's out, it's out.
  • Trust no one.
  • Trust but verify.
  • Nothing is 100% secure.
  • Everything has weaknesses.
  • Physical access = game over
  • Rational paranoia is healthy, irrational paranoia is unhealthy, stupid and worthless.
  • There is no magic silver bullet solution.
  • Security is a process.
  • It's not about the number of tools, vulnerabilities, open ports, checkboxes; it is about the value, impact, result, outcomes...
  • Don't ask questions you don't want to hear the answer to.
  • The only stupid questions are the ones that start with "This might be a stupid question...".
  • Search and you will find either the answer or the right people to ask.


  • Utilize existing (or make new) AUR packages for every tool available in BackTrack plus any other tools that should be included
  • Create ArchTrack packages and submit to AUR
    • ArchTrack/aur/archtrack: The "standard" version. In general, it provides a package that depends on all the tools and their dependencies, AND includes any customizations necessary to make tools work on a "standard" Arch Linux system.
    • ArchTrack/aur/archtrack-dev: Essentially identical to ArchTrack/aur/archtrack with the distinction that the development versions (aka "trunk") are preferred to the latest stable versions of upstream software.
    • ArchTrack/aur/archtrack-artwork: A collection of ArchTrack artwork
    • Add various other ArchTrack packages that properly sub-categorize packages by various criteria. For example, one wants to install all command line and web tools, but no gui tools.
      • Another idea is to sub-categorize by role: pentesting vs vulnerability assessment vs network security monitoring. Although there may be overlap between roles, there may be some value in enabling a "specialist" versions optimized for a particular use. If you disagree with this, you can just ignore these and not worry about it.
  • Provide a pacman repository for all packages included in ArchTrack
  • Provide a functionality like ABS for all packages included in ArchTrack
  • Produce live media (iso/livecd/liveusb via archiso, larch, or something else?)
  • Create & manage marketing materials, logo, themes, wiki pages...
    • I'm not really a graphic designer, but if I have my way... any ArchTrack logo should definitely not be a simple combination of the official Arch Linux logo and the official BackTrack logo. Since ArchTrack is Arch Linux, an ArchTrack logo should include or build upon the Arch Linux logo.
    • Wiki page
      • Continue modularization
      • Use templates to allow for easy transclusion of a tool to appear in multiple functional areas
      • Improve the organization and categorization of the tools tables
        • Add color-coded status column
    • Properly acquire administrative control of freenode irc channel #archtrack
    • Register @ArchTrack twitter account and set up automatic announcements of various events (releases, wiki page edits, commits to the github repo...)
  • Translations?
  • Supporting custom tools or scripts?
    • Single command to update everything
    • Menus
    • Online documentation


If you like this idea and want to help, please dive in. The first milestone is probably the most difficult and will take the longest to accomplish. Accordingly, it is the area of greatest need. There is no official record of "project membership" or "project leaders", just what people contribute. If you feel so moved please investigate how to use the AUR and develop packages for it, then pick a tool off the list and get to work.

Please don't feel restricted to selecting a tool off our list. Many things exist that we just don't know about, although I hope that if it were popular/good my attentive scouring should have found it. We need your eyeballs to help find the tools that ArchTrack should contain (or at least be aware of) ;-) In which case, it'd help if you make a PKGBUILD for it and submit it to the AUR.

Finally, if you want to make sure that we know that your AUR package exists, please send a quick email to ryooichi[PLUS]archtrack[AT]gmail[DOT]com with the name of the tool, which categories it should be in, and the AUR id of your package.

If you have some other contribution (such as logo work, etc) and aren't interested in becoming an AUR package maintainer, I'd recommend that you learn how to do it and/or find someone to help you. I'll restate that this is a community effort and this community needs people who are willing to choose a cause and run with it, not people that require lots of hand-holding and babysitting. Failing that, you could email it to ryooichi[PLUS]archtrack[AT]gmail[DOT]com and I'll incorporate it when possible.


We sincerely appreciate all contributions. These guidelines should help to ensure maximum benefit to all by a person's contribution:

Adding or updating links to tools

This section is DEPRECATED. The script that is not yet finished will automatically generate up-to-date tables, and does not currently aim to detect direct updates and changes to the wiki tables. Instead, a new means to accept updates will be established and will be fully outlined here. It will probably be based on templates or a more raw format such as CSV.

  • In general, there is one subpage/template per package. This is to enable reuse and hopefully minimize inconsistency because the fact that a certain package has a certain AUR "id" is only stored in one place. There are 2 types of packages: Official Arch packages and AUR packages. Both follow this convention as explained here:
  • Official Arch packages
    1. Create a new page with name "ArchTrack/pkg/packagename" and contents: "{{:ArchTrack/pkg|packagename}}". (Example)
    2. If the package isn't already listed on the ArchTrack page, select the best category to place the package under and edit it. Feel free to copy the markup from another tool. Make all your edits to the line. Finally, place the following wiki markup in for the link: "{{:ArchTrack/pkg/packagename}}".
  • AUR packages
    1. Obtain the AUR id for the package. The id is located in the URL of the package's AUR page: "".
    2. Create a new page with name "ArchTrack/aur/packagename" and contents: "{{:ArchTrack/aur|packagename|id}}". (Example)
    3. Edit the ArchTrack page and place the following wiki markup in for the link: "{{:ArchTrack/aur/packagename}}".

Contact Information

Here is a summary of the best places to learn more, communicate, and get involved: