Meta package question - penetration testing / forensic tools

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Meta package question - penetration testing / forensic tools

Bryan Everly
Hi ports@

I've always thought that it made the most sense for an information security professional doing penetration testing or forensics to use a secure operating system, and yet most use Kali Linux which runs everything as root. I did a quick analysis of the default tools that Kali has installed and determined which ones of them we already have in the ports collection. Turns out there are a fair number.

Ideally, I'd like to get as many of those tools added to our ports collection and installable with a single pkg_add command. I was looking at how gnome and kde work as a "meta package" and that wouldn't be appropriate for this use case as I'd have to move everything under a "pentester" (or some name) directory which I think would be awkward and possibly annoying to the folks who maintain these ports.

Instead, I'd like some sort of package that could pick these up as "dependencies" and install them when invoked. I thought about a simple "do nothing" port that installed some sort of shell script marker in /usr/local/bin but that seems goofy and I was wondering if we had a mechanism I could leverage to do something like this.

Any help would be appreciated.

Thanks.
Reply | Threaded
Open this post in threaded view
|

Re: Meta package question - penetration testing / forensic tools

Landry Breuil-5
On Tue, Mar 19, 2019 at 03:50:25PM +0000, Bryan Everly wrote:
> Hi ports@
>
> I've always thought that it made the most sense for an information security professional doing penetration testing or forensics to use a secure operating system, and yet most use Kali Linux which runs everything as root. I did a quick analysis of the default tools that Kali has installed and determined which ones of them we already have in the ports collection. Turns out there are a fair number.
>
> Ideally, I'd like to get as many of those tools added to our ports collection and installable with a single pkg_add command. I was looking at how gnome and kde work as a "meta package" and that wouldn't be appropriate for this use case as I'd have to move everything under a "pentester" (or some name) directory which I think would be awkward and possibly annoying to the folks who maintain these ports.

Look at meta/ subdir. meta doesnt mean "moving all ports under a common
subdir", it's just an empty dummy port with a README and RUN_DEPENDS.

Landry