A fully customizable pentest distribution done the Arch Linux way

The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. This means we import the vast majority of the official upstream Arch Linux packages, these packages are unmodified from their upstream source. While our Arch Linux base is primarily untouched, there are times were we have to fork a package to be able to better support our vast selection of tools. All of our packages strive to maintain the Arch Linux standards, methods and philosophies.

We aim to give you everything you love about Arch Linux but designed around the needs and wants of security professionals. We currently support packages optimized for the following architectures: i686, x86_64, and ARMv6h & ARMv7h.

Our ARM based branch is designed to help build the security devices you desire, we also have support for drones (fixed wing & copters). Like the non ARM arch's, this branch is a derivative of ArchLinux|ARM built to ArchLinux|ARM standards and methods. ArchAssault is also your ArchLinux|ARM Rollback machine provider and an ALARM mirror. We aim to support as many ARM devices as possible officially, but we currently have only so much time and hardware. You can find a list of Officially supported devices, and their tested state HERE.

Our strong community is diverse and helpful, and we pride ourselves on the range of skillsets and uses for ArchAssault that stem from it. Come hang out with us on IRC or check out our iso install, repo install or project pages if you want to learn more about ArchAssault.

Learn more...

Latest News

RSS Feed

Tool Count breaks 750


ArchAssault has reached another milestone, we now have over 750 in the ArchAssault base group. This means if you install using only the base group pacman -S archassault and depending on your arch will have over 750 for our i686 and x86_64 repos.

Our ARM repos have reached over 720 tools and is still growing as well.

Keep in mind this is not our full selection of tools, we have even more that are not in the base group due to being limited use case. Thanks for your continued support, suggestions, bug reports and donations. Keep sharing your ideas.

New Tools added to Repos 4/15/2014


New tools released:

  • opendnssec - software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security

  • fwknop - FireWall KNock OPerator: Single Packet Authorization and Port Knocking

Others updated.

Thanks for the newest requests. Keep the requests coming and thanks for the support.

New Tools added to Repos 4/11/2014


New tools released:

  • mac-robber - Forensic tool that collects data from allocated files in a mounted file system. Useful together with sleuthkit.

  • fatback - *NIX tool for recovering files from FAT file systems.

  • stegdetect - Automated tool for detecting steganographic content in images.

Lots of others updated, another update for metasploit, mkbrutus, arachni and many more.

Thanks for the newest requests.

Heartbleed bug - CVE-2014-0160


As most are aware by now openssl is vulnerable to the heartbleed bug, CVE-2014-0160 you can find all you need there. If you have not updated in awhile you should do so now. We have also added the heartbleed test tool in go. There is also an online test tool available


We just added another heartbleed script

  • heartbleed-honeypot-script - This Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's ([email protected]) demo for CVE-2014-0160 'Heartbleed'. Run ...

New Tools added to Repos 4/8/2014


New tools released:

  • nessus-report - Automatically parse and tabulate Nessus findings into OpenDocument tables

  • hulk-git - HULK DoS tool ported to Go with some additional features.

  • themole - Automatic SQL Injection Exploitation Tool

  • mrtparse-git - A module to read and analyze the MRT format data.

  • python2-owasp-pysec - OWASP Python Security Project

  • svn-extractor-git - A simple script to extract all web resources by means of .SVN folder exposed over network.

  • python2-idstools - A collection of Python libraries for working with IDS systems (typically Snort and Suricata).

  • mobiusft - An open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions ...

Older News

New Tool added to Repos 4/4/2014
New Tools released for 3/31/2014
New Iso released - 03/30/14
New Tools released for 3/27/2014
New Tools released for 3/25/2014
New Tools released for 3/24/2014
Tool count breaks 700 & a big thanks
Wiki page updates
New Tools released for 3/22/2014
New Tools released for 3/18/2014

Recent Updates (more)

RSS Feed
ruby1.9-metasploit_data_models 0.17.0-1 any
sysinternals-suite 20140223-1 any
cuckoo 1.1-1 any
mitmproxy 0.10.1-2 any
hash-identifier 1.1-2 any
python2-pygithub 1.24.1-1 any
bitbucket-cli 0.4.1-1 any
sshuttle-git 20140405-1 any
rawr 33.54355a5-1 any
backfuzz 20140223-1 any
set-git 5.4.8-1 any
passcracking 20140416.1651.b19aef6-1 any
tcpcontrol-fuzzer 20140223-1 any
vfeed 0.4.8-1 any
sulley 1.0.c9a9418-1 any