How to Set Up a Pentesting Environment with Arch Linux

August 23, 2016 | Views: 19664

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

As we all know, the most popular Linux distribution for penetration testing is Kali Linux. Sadly, while Kali is a fantastic environment for people new to penetration testing, it’s bloated and not as customizable as an advanced user may want.

Arch Linux, however, is not bloated, very customizable and runs on older hardware. Note that while Arch is a very good distro, it is NOT for people new to Linux or hacking, as it is a VERY complicated distro.


Step 1: Installing Arch Linux

To get started, we need to install Arch Linux. This is probably going to be the most confusing step in this article. To begin, you want to burn the Arch ISO to a CD/DVD.

After that, reboot into your install disk. This is where I stop explaining the steps to install it, as it is a VERY long process and is deserving of an article of its own. The exact instructions for installing Arch Linux can be found here.


Step 2: Installing a Graphical Environment

Once you have Arch installed, you’ll notice that it does not have a graphical environment built in. You have to install one on your own. There are many good window managers to choose from, but here are some of my favorites. They’re well-organized and relatively fast (using up less resources).

  • Openbox
  • Fluxbox
  • TWM

Again, as with the first step, full instructions for installing a graphical environment would require another article. There are many good articles online, and there’s no one-size-fits-all set of instructions, as they vary by window manager.


Step 3: Installing Basic Utilities

Arch Linux is a VERY small Linux distro, and retains its small size by not including many utilities that come pre-installed on other distros. There are many things you need to install and this step can take a while.

The basics that need to be installed include: the browser, office suite, text editor, photo viewer, music player, video player, file manager, archive manager, and terminal. Below are some examples of software for each category.

  • Browsers: Epiphany, Firefox, Chromium
  • Office Suite: Libre Office, Open Office
  • Text Editor: gVIM, Emacs, gedit
  • Photo Viewer: EOG
  • Music Player: VLC, Rhythmbox, mPlayer
  • Video Player: VLC, Totem
  • File Manager: Thunar, Nautilus
  • Archive Manager: File Roller
  • Terminal: RXVT-Unicode, xterm, GNOME-Terminal, aterm

These are only a few examples, and there are many more out there. Most of these can be installed via PacMan, Arch Linux’s default package manager. The syntax to install is “sudo pacman -S <package>”, and the syntax to remove is “sudo pacman -R <package>”.


Step 4: Preparing Arch to Create a Hacking Environment

Now that you have installed the basic utilities for any distro, you must prepare Arch Linux to be converted into a hacking environment. Arch Linux’s default repositories do not contain many hacking tools, but there’s a method to add the correct repositories by running a script from the Blackarch (A powerful, but VERY bloated version of Arch for hacking) team. This will install the correct packages onto your system, and allow access to the Blackarch repos.

  • Make sure you have cURL installed
  • Download install script via “curl -O”
  • Check SHA1 with “sha1sum”. It should equal
  • Add execute permissions using chmod “chmod +x”
  • Execute the script with “sudo ./”


Step 5: Set Up the Hacking Environment

Now you have the Blackarch repositories as a source, and all the proper packages installed on your system, you CAN install every tool or just certain categories. I prefer to install ONLY the tools I will need, and I highly recommend this way of setting it up.

To install packages just use the same PacMan syntax as shown earlier. Below are some tools that you should have AT A MINIMUM.

  • Wireshark (wireshark-gtk)
  • Hydra (hydra)
  • Nmap (nmap)
  • Amap (amap)
  • ZAP (zaproxy)
  • Burp Suite (burpsuite)
  • Metasploit (metasploit)
  • Skipfish (skipfish)
  • SQLMap (sqlmap)
  • TCP Dump (tcpdump)
  • John The Ripper (johnny)
  • SSL Strip (sslstrip)
  • PHP (php)
  • Python (python)
  • Perl (perl)
  • Ruby (ruby)
  • GCC (gcc)
  • NASM (nasm)
  • Geany (geany)

While those are the most recommended tools, there are literally hundreds more in the Blackarch repos. It’s recommended you look through them and see if you may need anything else from there. Note that you should only install tools you need or know how to use, because unused tools are a waste of space.



I have discussed how to install Arch Linux, and showed you how to turn it into a good, well-made hacking environment. I use this same setup, as it’s both fast and reliable, and works on older hardware as well. I plan to post an article discussing Arch installation more in depth at another time, but I hope that this helps you for now.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Nice post, I’ve been familiarizing myself with
    Arch here and there. I started with a VM to get use
    to the install process.

  2. Can you install this into a raspberry pi?

  3. Why not kali-linux ? Because easy to install using GUI&whatever tools mention will be available in kali-linux too.Then Why arch Linux?

    • Using blackarch repositories (+ you have AUR) gives you access to many more tools than Kali has. You can also make your install far less bloated and actually install what you need (for instance, why would you have gnome on pentesting machine?). If you need a “general” pentesting machine with the basic tools for everything and don’t have the time to install/maintain it yourself, then getting Kali makes sense. But say you need a machine specifically for exploit development, reverse engineering or some other purpose? In this case installing the tools you need makes much more sense than to go with Kali, not to mention that you won’t find many of the tools you need in Kali repositories and will need to add additional repositories and/or download programs manually making it much harder to efficiently maintain your machine.

  4. If you want an arch based pentesting OS, why don’t you just use blackarch?

    • Because Blackarch is bloated. Lots of tools pre-installed

    • He is. Blackarch is just a collection of tools (unlike say Kali that takes further steps to make it easier to use as a pentesting distro). If you install Arch and then all the tools from the Blackarch repository you are basically there. Might as well skip the tools you don’t need and you are already doing what OP is suggesting in the article.

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?