1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|

# Sl (hack) ware
### a Slackware GNU/Linux Pentesting Suite
The aim of this project is to bring a curated collection of programs, tools, libraries and various utilities, ~~packaged~~ (some packages are way too big, sorry) and ready to be installed on Slackware.
### Why Slackware
Because it's the best distro ever.
### We have Kali and/or Parrot
Yes, but I prefer Slackware.
## Tool Catalog
The goal of this repo is to make pentesting tools available on Slackware:
package from scratch what isn't readily available, and point to a good source
for what already is. This table is the catalog. It lists every tool in scope,
whether its SlackBuild lives **In repo** here, and where else to get it.
This list is ever growing, if you want to ask for a package to be prioritized, just open an issue
Legend: ✅ yes / available / build-tested ❎ not on SlackBuilds.org ❔ not yet tested
Where a tool lives:
- **In repo ✅** — written/maintained here (usually because it's not on
SlackBuilds.org, or the SBo version is stale).
- **In repo ❎** — already on SlackBuilds.org, so there's no need to duplicate
it here; install it straight from SBo. Still cataloged because it's part of
the suite.
| Package Name | In repo | SlackBuilds.org available | Maintainer | Upstream | Version | Tested -current | Tested -stable |
| -------------------- | ------- | ------------------------- | ---------- | ------------------------------------------------------------ | ---------- | --------------- | -------------- |
| SecLists | ❎ | ✅ | danix | [danielmiessler/SecLists](https://github.com/danielmiessler/SecLists) | 2026.1 | ✅ | ❔ |
| ffuf | ❎ | ✅ | danix | [ffuf/ffuf](https://github.com/ffuf/ffuf) | 2.1.0 | ✅ | ❔ |
| gobuster | ❎ | ✅ | danix | [OJ/gobuster](https://github.com/OJ/gobuster) | 3.8.2 | ✅ | ❔ |
| hashcat | ❎ | ✅ | B. Watson | [hashcat.net](https://hashcat.net/hashcat/) | 7.1.2 | ✅ | ❔ |
| john | ❎ | ✅ | Kent Fritz | [openwall.com](https://www.openwall.com/john/) | 1.9.0 | ✅ | ❔ |
| exploitdb | ❎ | ✅ | danix | [exploit-db.com](https://www.exploit-db.com/) | 2026-04-30 | ✅ | ❔ |
| nuclei | ❎ | ✅ | danix | [projectdiscovery/nuclei](https://github.com/projectdiscovery/nuclei) | 3.8.0 | ✅ | ❔ |
| feroxbuster | ❎ | ✅ | danix | [epi052/feroxbuster](https://github.com/epi052/feroxbuster) | 2.13.1 | ✅ | ✅ |
| metasploit-framework-bin | ❎ | ✅ | danix | [metasploit.com](https://www.metasploit.com/) | 6.4.143 | ✅ | ✅ |
| cadaver | ✅ | ✅ | danix | [notroj/cadaver](https://notroj.github.io/cadaver/) | 0.28 | ✅ | ❔ |
| netexec | ✅ | ❎ | danix | [Pennyw0rth/NetExec](https://github.com/Pennyw0rth/NetExec) | 1.5.1 | ✅ | ❎ |
| windows binaries | ✅ | ❎ | danix | [kali.org](https://www.kali.org/tools/windows-binaries/) | 0.6.10 | ✅ | ❔ |
| webshells | ✅ | ❎ | danix | [kali.org](https://www.kali.org/tools/webshells/) | 1.1 | ✅ | ❔ |
> [!IMPORTANT]
>
> The exploitdb package pulls also the binsploits which consists of 1.1Gb of exploits.
> [!NOTE]
>
> There's an older `metasploit` package on slackbuilds.org (last updated in 2022) which is now orphaned. This `metasploit-framework-bin` package is a fresh `.deb` repack submitted alongside it, not a takeover of the old one.
>
> The cadaver package is available on slackbuilds.org but it's for an older version. I've reported here the script and built the newest version. The slackbuild includes now a pull from the [notroj/neon](https://github.com/notroj/neon) repository which is usually not allowed for SlackBuilds that are uploaded to slackbuilds.org
>
> The Powershell package is available on slackbuilds.org without modifications necessary so I removed it.
## Git Hooks
This repo ships maintainer git hooks under `.extras/hooks/`. After cloning,
install them with:
```bash
cp .extras/hooks/* .git/hooks/ && chmod 0755 .git/hooks/{pre,post}-commit
```
- **pre-commit** lints each changed package with `sbolint` and blocks the
commit on errors. It also refuses staged source archives (these are fetched
with `sbodl`, never committed). Bypass linting with `SBOLINT=no git commit`.
- **post-commit** offers to build an SBo submission tarball
(`SBo/<package>.tar.gz`) for any added or updated package. To answer the
prompt non-interactively, set `SBO_ARCHIVE=yes` or `SBO_ARCHIVE=no` in the
environment.
|