diff options
| author | Danilo M. <danix@danix.xyz> | 2026-07-11 12:41:28 +0200 |
|---|---|---|
| committer | Danilo M. <danix@danix.xyz> | 2026-07-11 12:41:28 +0200 |
| commit | 6444c92b3464904bcd5a07801be7693df04da88d (patch) | |
| tree | 904686a2fb7d48fd0521e1e58320ef9a9e128589 | |
| parent | d3049e83cf06b3c28f533f97f77045a53ce430ea (diff) | |
| download | sbo-slackbuilds-6444c92b3464904bcd5a07801be7693df04da88d.tar.gz sbo-slackbuilds-6444c92b3464904bcd5a07801be7693df04da88d.zip | |
Track moved pentesting packages; document their build strategies
Add nvchecker stanzas for the seven packages moved from pentesting-suite
(SecLists, ffuf, gobuster, exploitdb, nuclei, feroxbuster,
metasploit-framework-bin) and a Build Strategies section covering Go/Rust
source builds, .deb repacks, and data packages, plus the metasploit
msfvenom-completion and man-page regeneration procedures.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
| -rw-r--r-- | .extras/nvchecker.toml | 44 | ||||
| -rw-r--r-- | CLAUDE.md | 87 |
2 files changed, 131 insertions, 0 deletions
diff --git a/.extras/nvchecker.toml b/.extras/nvchecker.toml index e258581..5347939 100644 --- a/.extras/nvchecker.toml +++ b/.extras/nvchecker.toml @@ -9,3 +9,47 @@ url = "https://www.urbanterror.info/downloads/" regex = "UrbanTerror(\\d+)_full\\.zip" from_pattern = "(\\d)(\\d)(\\d)" to_pattern = "\\1.\\2.\\3" + +[SecLists] +source = "github" +github = "danielmiessler/SecLists" +use_latest_tag = "true" + +[gobuster] +source = "git" +git = "https://github.com/OJ/gobuster.git" +use_latest_tag = "true" +prefix = "v" + +[ffuf] +source = "github" +github = "ffuf/ffuf" +use_latest_tag = "true" +prefix = "v" + +[exploitdb] +source = "gitlab" +gitlab = "exploit-database/exploitdb" +use_max_tag = "true" + +[exploitdb-bin-sploits] +source = "gitlab" +gitlab = "exploit-database/exploitdb-bin-sploits" +use_max_tag = "true" + +[nuclei] +source = "github" +github = "projectdiscovery/nuclei" +use_latest_release = "true" +prefix = "v" + +[feroxbuster] +source = "github" +github = "epi052/feroxbuster" +use_latest_release = "true" +prefix = "v" + +[metasploit-framework-bin] +source = "regex" +url = "https://apt.metasploit.com/" +regex = "metasploit-framework_([A-Za-z0-9._-]+)~.*_amd64.deb" @@ -35,6 +35,93 @@ the repo root. --- +## Build Strategies + +Packages fall into several categories; the SlackBuild style differs +accordingly. + +### Source builds (Go) + +Packages such as `ffuf`, `gobuster`, `nuclei` are built from upstream source +tarballs using `go build`. Key points: + +- Set `GOPATH`, `GOPROXY`, `GOFLAGS` before building +- Use `-buildmode=pie -trimpath -mod=readonly -modcacherw` +- Strip ELF binaries after build +- Clean up `$GOPATH` / Go module cache before packaging +- `REQUIRES="google-go-lang"` in the `.info` file + +### Source builds (Rust) + +Packages such as `feroxbuster` build from a vendored crates tarball +(`<pkg>-<version>-vendor.tar.gz`) declared as a second source in `.info`, +alongside the upstream tarball. The SlackBuild unpacks it, points cargo at it +via `.cargo/config.toml`, and builds fully offline (`cargo build --offline +--locked`). The vendor tarball is generated once per version with +`cargo-vendor-filterer`, with `SOURCE_DATE_EPOCH` pinned to the release tag's +commit date for a byte-for-byte reproducible archive. The exact command is +recorded in the package's own `README`. + +### Binary repacks — Debian `.deb` + +Packages such as `metasploit-framework-bin` are repacked from upstream `.deb` +archives (SBo convention: `.deb`/binary repacks take a `-bin` suffix): + +- Extract with: `ar p <file>.deb data.tar.gz | tar xzv` +- Set `DOWNLOAD="UNSUPPORTED"` and use `DOWNLOAD_x86_64` / `MD5SUM_x86_64` + (plus the i386 pair when the package is multi-arch) +- Strip ELF binaries after extraction + +#### `metasploit-framework-bin`: msfvenom bash-completion + +The shipped `msfvenom.bash-completion` is a **pre-generated snapshot**, not a +static file. Upstream (kali) no longer ships it; they generate it at build +time with a ruby script that loads the framework and dumps the live +payload/encoder/arch/platform/format lists. We ship a snapshot instead of +running ruby at build time (hermetic build, no build-time dep). + +**Regenerate it on every version bump.** After building and installing the +new package so `/opt/metasploit-framework` is live, pull the current +generator and run it against the installed framework's bundled ruby: + +```bash +curl -o /tmp/gen.rb \ + https://gitlab.com/kalilinux/packages/metasploit-framework/-/raw/kali/master/debian/generate-msfvenom-bash-completion.rb +/opt/metasploit-framework/embedded/bin/ruby \ + -I/opt/metasploit-framework/embedded/framework/lib /tmp/gen.rb \ + > metasploit-framework-bin/msfvenom.bash-completion +``` + +Verify the output is non-empty and the `%s` slots were filled (grep for real +payload names like `windows/meterpreter`), then commit it with the bump. + +#### `metasploit-framework-bin`: man pages + +The .deb ships **no** metasploit man pages (its `share/man` tree is only for +bundled deps like postgres/ruby). We ship `msfconsole.1` and `msfvenom.1` +from kali, who maintain them by hand (no generator script). The SlackBuild +gzips them into `/usr/man/man1`. **Refresh them on version bumps** in case +kali has updated them: + +```bash +for p in msfconsole msfvenom ; do + curl -o metasploit-framework-bin/$p.1 \ + https://gitlab.com/kalilinux/packages/metasploit-framework/-/raw/kali/master/debian/extra/$p.1 +done +``` + +For metasploit bumps, `PRGNAM=metasploit-framework-bin` with +`SRCNAM=metasploit-framework` drives the `.deb` glob and `/opt` path; pull +both-arch filenames and MD5s from the apt Packages indexes (`binary-amd64` +and `binary-i386`). + +### Data / archive packages + +Packages such as `SecLists`, `exploitdb` install data files rather than +compiled binaries. No stripping needed. + +--- + ## SlackBuild Scripting Guidelines - Follow the [SBo template](https://slackbuilds.org/templates/) as the base for all scripts |
