π Download Athena OS "Polias" Now π
- Pentesting: Athena can access to BlackArch repository, the biggest pentesting tool warehouse.
- User-oriented: if Arch is born for experienced users, Athena is conceived for decreasing complexity and improving user experience.
- Lightweight: Athena optimizes the disk space consumption by retrieving the tools you need only when you use them. Tools you never use won't be stored and the space is only used for what you really need.
- Performance: Athena is based on Arch Linux so it is configured to load the bare minimum for its purpose. No useless services, no useless modules consuming your resources.
- Flexibility: for its Arch nature, Athena is flexible and can easily evolve to the new needs of the users.
Wiki: https://github.com/Athena-OS/athena-iso/wiki
Dedicating my spare time to Athena OS in order to keep it stable, updated, flawless and with fixed tools is not easy, but providing your support will motivate me to invest my time to keep the project stable and updated.
@IlMioAmicoAle
@mcfly76
@SinSiXX
@anker023
@CriminalShrimp
Do you like it too? You may become a sponsor by offering me one coffee β / month!
Here I would like to inform you about new features already tested and implemented that have been published in the newest release, for keeping you always informed in a comfortable way.
Athena OS, code name "Polias" (ancient Greek: Ξ ΞΏΞ»ΞΉΞ¬Ο "of the city"), comes with several important fixes and new implementations!
If you like it, please support Athena OS! It is appreciated.
Athena Polias will provide:
- Blue Team circular menu!
- New hacking roles: Blue Teamer and DoS Attacker
- 10 terminals to be chosen during the installation of Athena
- CyberChef as APPLICATION! If you need to decode or encode what you wish, you don't need to use the browser for connecting to CyberChef. Athena gives you CyberChef as application! Give a look on the menu dock!
- Automatic install of the right drivers for your PC. Now Athena can recognize your GPU and install the right drivers with no user interaction
- Xorg now is set as default because of being more stable than Wayland (i.e., Screen Share)
- Automatic recognition of environment (if Virtual or Baremetal) and install the right drivers for it
- Automatic recognition of the selected File System and install of related management tools
- Implemented Environment choice during the installation (currently only "No Desktop" and "GNOME" options)
- Implemented several GNOME extensions for improving the productivity of the environment
- Installed modules on PowerShell
- Implemented BASH autosuggestion and ZSH autosuggestion
- Implemented Offline Install
- Implemented Nano syntax highlighting for highlighting your files opened by
nano
according to its programming language - After the installation, Athena recognizes what are the fastest Arch Linux, BlackArch and Chaotic mirrors and set them automatically in your new system.
- Added cpc alias for copying file contents directly on the clipboard without opening files
- Implemented Athena Grub Theme
- Discord replaced by ArmCord for removing Discord telemetry and improve the Privacy of the OS
- Added Mullvad Browser choice in order to have a further browser designed for Privacy (it integrates by OpenVPN too)
- VSCode replaced by Codium for removing Microsoft telemetry (Codium is also faster than VSCode)
- Android mobile smartphones can be recognized by Athena when connected by USB
htb-play
now tracks the machines you found user or root flags- Added more bookmarks and Wayback Machine extension on the browser
- HTB Update now should refresh the HTB Active Machines on PWNage menu each 15 days
- Implementation of OnionShare for sharing in anonymous way all the info you need with your peer!
- Added Tor Browser
- Added Edex-UI: a cinematic terminal environment!
- Implemented GNOME Gestures Improvements for improving the experience of users using touchpads
- ZSWAP replaced by ZRAM
Athena implemented also massive technical changes on her backend to improve her performance!
Remember, I left a small challenge for you inside the system! The tip is clear enough when you login...
- π Introduction
- β System Requirements
- π Installation
- π Configuration
- π₯ Resources
- π· Screenshots
- π£οΈ Roadmap
- β Support
- π’ Publications
- π«Ά Partnerships
- β€οΈ Credits
Athena is designed from scratch, so already during the development phase useless modules and services have been excluded in order to improve performance and resource consumption. Furthermore, this design approach allowed to review in detailed manner each single package and component to include inside the distribution. It led the OS to build a user-friendly environment, despite based on Arch Linux.
The heritage of Arch Linux impacts positively Athena OS:
- Better performance: pacman is faster than apt
- Focused: Athena can be developed and maintained down to the smallest detail
- Much more security tools: Athena can rely on BlackArch repository, that contains much more security tools than APT repositories
- Freedom: during the installation, you can configure your Athena with any resource or service you need.
- Documentation: Arch Linux is very well documented on Internet for any need
Athena's environment is based on GNOME Wayland that provide exciting features the user can enjoy!
Let's give a detailed look on Athena!
Recommended system requirements for smooth usage in Athena are:
- 30 GB of hard disk space, SSD preferred
- At least 4GB of RAM
- Processor with at least two cores
Download the latest Athena release .iso file from the related section. According to your need, you can choose to install Athena on your computer natively, or implement it on a Virtual Machine (e.g., VMware or VirtualBox).
Currently VirtualBox is affected by a bug is enabling 3D Acceleration, so keep it disabled. 3D Acceleration also makes intermittent freezes on the environment if enabled on VMware or VirtualBox if you use xorg. It is strongly suggested to keep it disabled.
When you mount the ISO to your pendrive or your Virtual Machine and boot up Athena, you will meet Athena Calamares Installer, that allows you to customise your future Athena OS as you wish.
After the installation and the first boot:
- open Athena Welcome, clck on
HTB Update
and copy and paste your Hack The Box API key.
The Hack The Box API Key can be retrieved by your Hack The Box profile settings -> "Create App Token".
Remember to update Hack The Box machines by the HTB Update
button periodically.
PenTOXIC Menu is born for organizing in pretty manner all main security tools you need to start your hacking activity. It consists in two levels:
- 1st level containing the several hacking categories as submenu, plus Firefox browser and Code OSS as editor
- 2nd level consisting in the hacking tools deployed for each category
PenTOXIC changes its look according to the applied theme!
The list of the PenTOXIC menu, also deployable by Red Team Button, is:
Information Gathering | Dmitry | Nmap | Spiderfoot | TheHarvester | enum4linux | wafw00f | Fierce |
---|---|---|---|---|---|---|---|
Vulnerability Analysis | Legion | Nikto | unix-privesc-check | ||||
Web Application Analysis | WPScan | Burpsuite | dirb | dirbuster | ffuf | Wfuzz | sqlmap |
Password Attacks | John | Hashcat | Hydra | CEWL | CRUNCH | RSMangler | Medusa |
Sniffing | mitmproxy | Responder | Wireshark | ||||
Wireless Testing | Aircrack-ng | Kismet | Reaver | Wifite | Fern Wifi Cracker | Spooftooph | |
Reverse Engineering | NASM | Radare2 | |||||
Exploitation | SearchSploit | Metasploit | SEToolkit | ||||
Post Exploitation | PowerSploit | Mimikatz | evil-winrm | proxychains-ng | weevely |
PWNage Menu allows you to access quickly to the main hacking platforms for learning purposes and to join the main Discord InfoSec Communities:
- 1st shell deploys all quick links to the main hacking platforms
- 2nd shell can be accessed by the Discurity icon on top where the user has the opportunity to join several Discord InfoSec servers or open Discord App.
Cannot you wait for opening browser and accessing to Hack The Box website? Athena gives you the possibility to play Hack The Box machines directly on your Operating System environment in a quick and comfortable manner. Athena offers:
- Connect/Disconnect to/from Hack The Box VPN servers
- Play any active free machine you wish
- Play Starting Point machines
- Play Retired machines
- Reset the active machine
- Stop any active machine
- Submit a flag and write a review about your hacking experience!
- ... and of course you can access to the Hack The Box website in one click
For playing Active HTB Machines, use PWNage Menu. For playing Retired Machines, just run htb-play
and type the name of the machine you want to play.
Firefox ESR and Brave have been modified in order to integrate at the installation time the addons you need for your web application pentesting activity. The preinstalled addons are:
- Cookie Quick Manager
- FoxyProxy Standard
- Hack-Tools
- HacKontext
- HTTPS Everywhere
- Penetration Testing Kit
- Privacy
- uBlock Origin
- Wappalyzer
- Wayback Machine
Payload to Dock is based on Dash 2 Dock and keeps the access to the most famous payload repositories. It allows you to get the latest version of payloads and accessing their path directly by the shell. It shows:
- Auto Wordlists
- FuzzDB
- PayloadAllTheThings
- SecLists
- Security Wordlist
The Dock contains also links to Mimikatz and Powersploit.
BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. Its repository contains 2800+ tools, classified for categories. You can install tools individually or in groups according to the categories they belong. BlackArch Repository is compatible with only Arch-based distributions as Athena OS.
NIST Feed is a special tool able to inform you as soon as possible about a new published or updated CVE by a popup notification! The notification contains a description of the CVE. Are you curious about it and would like to access to details? Left-click on it and you will be redirected to the official NIST NVD page for further details. Do you want to quickly close the popup notification? Right-click on it!
You can decide which kind of CVE you wish to be informed about, for example CVEs with an high impact on the confidentiality and integrity, or CRITICAL CVEs.
Just execute:
nist-feed -h
for getting more details.
Be aware of new vulnerabilities by NIST Feed!
Keybindings in Athena OS for speeding up your work.
Keybind | Description |
---|---|
CTRL+SPACE |
PenTOXIC menu |
CTRL+SHIFT+SPACE |
PWNage menu |
CTRL+ALT+T |
Open terminal |
Super |
Multi-desktop environment |
Super+Super |
Switch between desktop and "Show Applications" menu |
Super+D |
Show Desktop |
Super+E |
Open Home folder |
Super+F |
Open Aylur's Widgets dashboard |
Super+L |
Screen Lock |
Note that Super
key corresponds to the button showing Windows icon in the usual keyboards.
Environment Variable | Value |
---|---|
$PAYLOADS | /usr/share/payloads |
$AUTOWORDLISTS | /usr/share/payloads/Auto_Wordlists |
$FUZZDB | /usr/share/payloads/FuzzDB |
$PAYLOADSALLTHETHINGS | /usr/share/payloads/PayloadsAllTheThings |
$SECLISTS | /usr/share/payloads/SecLists |
$SECURITYWORDLIST | /usr/share/payloads/Security-Wordlist |
$MIMIKATZ | /usr/share/windows/mimikatz |
$POWERSPLOIT | /usr/share/windows/powersploit |
$ROCKYOU | /usr/share/payloads/SecLists/Passwords/Leaked-Databases/rockyou.txt |
$DIRBIG | /usr/share/payloads/SecLists/Discovery/Web-Content/directory-list-2.3-big.txt |
$DIRMEDIUM | /usr/share/payloads/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt |
$DIRSMALL | /usr/share/payloads/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt |
$WEBAPI_COMMON | /usr/share/payloads/SecLists/Discovery/Web-Content/api/api-endpoints.txt |
$WEBAPI_MAZEN | /usr/share/payloads/SecLists/Discovery/Web-Content/common-api-endpoints-mazen160.txt |
$WEBCOMMON | /usr/share/payloads/SecLists/Discovery/Web-Content/common.txt |
$WEBPARAM | /usr/share/payloads/SecLists/Discovery/Web-Content/burp-parameter-names.txt |
Keybind | Description |
---|---|
CTRL + s |
Super/Mod Key |
Mod_Key + \ |
Split Panel Vertically |
Mod_Key + - |
Split Panel Horizontal |
Mod_Key + r |
Reload tmux |
Mod_Key + SHIFT + i |
Install Plugins |
Mod_Key + SHIFT + u |
Update Plugins |
Mod_Key + c |
New Tab |
SHIFT + Right/Left Arrow Key or Modkey + n |
Switch Between Tabs |
Mod_Key + Right/Left/Up/Down Arrow Key |
Switch Between Splitted Panels |
Mod_Key + w |
List All Windows and Panels |
Mod_Key + x |
Kill Tab or Panel |
Mod_Key + & |
Kill Window |
Mod_key + q |
Show Panel or Tab Number |
Mod_Key + t |
Clock |
Mod_Key + y |
Copy Selected Text to Clipboard |
Mod_Key + SHIFT + y |
Copy Working Directory (install xclip package) |
Mod_Key + p |
Paste |
Mod_Key + d |
Detach Terminal |
Mod_Key + f |
Find |
Mod_Key + z |
Make Panel Full Window |
Mod_Key + m |
Start Monitoring Panel |
Mod_key + $ |
Rename Session |
Mod_key + Esc |
Enter in vim mode |
Command | Description |
---|---|
asciinema |
Record and share your terminal sessions. |
athena-theme-tweak |
Switch to different Athena themes. |
athena-welcome |
Welcome application that allows main security tools installation and mirrorlist update. |
bashtop |
Resource monitor that shows usage and stats for processor, memory, disks, network and processes. |
bat |
A cat clone with syntax highlighting and Git integration. |
bfetch |
SuperB general-purpose fetch displayer. |
bless |
High-quality, full-featured hex editor. |
btrfs-assistant |
GUI management tool to make managing a Btrfs filesystem easier. |
chat-gpt |
ChatGPT Desktop application. |
code |
Core engine of Visual Studio Code. |
commentor |
Extract all comments from the specified URL resource. |
convert |
Convert between image formats as well as resize an image, blur, crop, despeckle, dither, and much more. |
discord |
Cross-platform, all-in-one voice and text chat application. |
downgrade |
Downgrade one (or multiple) packages by using the pacman cache or the Arch Rollback Machine. |
eog |
Image viewer. |
fish |
A smart and user-friendly command line shell. |
git |
Fast, scalable, distributed revision control system. |
gnome-extensions |
Gnome Extension manager. |
gnome-tweaks |
Configure looks and functionality of your desktop. |
gparted |
GNOME Partition Editor for creating, reorganizing, and deleting disk partitions. |
htb-play |
Select any Hack The Box you want to play. |
htb-update |
Set, update or delete your Hack The Box App Token and update Hack The Box machine data. |
kitty |
The fast, feature-rich, GPU based terminal emulator. |
la |
An lsd -a alias. |
ll |
An lsd -alFh alias. |
lsd |
An ls command with a lot of pretty colors and some other stuff. |
nano |
Simple terminal-based text editor. |
nautilus |
File Manager. |
ncdu |
Check which directories are using your disk space. |
neofetch |
CLI system information tool written in BASH. |
nist-feed |
NIST notifier about the newest published CVEs according to your filters. |
nvim |
Vim-fork focused on extensibility and usability. |
octopi |
A powerful Pacman (Package Manager) front end using Qt libs. |
orca |
Screen reader that provides access to the graphical desktop via speech and refreshable braille. |
pacman |
Arch Linux package manager. |
pactree |
Package dependency tree viewer. |
paru |
Pacman wrapping AUR helper with lots of features and minimal interaction. |
pfetch |
A pretty system information tool written in POSIX sh. |
probe |
Probe for hardware, check operability and find drivers. |
pywhat |
Identify anything. It easily lets you identifying emails, IP addresses, and more. |
timeline |
Cross-platform application for displaying and navigating events on a timeline. |
tmux |
Terminal multiplexer that allow you switch easily between several programs in one terminal, detach them and reattach them to a different terminal. |
tree |
Recursive directory listing program that produces a depth indented listing of files. |
vim |
Highly configurable text editor built to make creating and changing any kind of text very efficient. |
vnstat |
Console-based network traffic monitor. |
xcp |
An extended cp command. |
z |
A smarter cd command for your terminal. |
Vim configuration is based on https://github.com/amix/vimrc so it implements smart and useful plugins, color schemes and modes.
If you would like to enable, edit or disable Burn My Window opening and closing effect:
gnome-extensions prefs [email protected]
and check or uncheck your effects.
Change your themes and icons by gnome-tweaks
.
Command | Description |
---|---|
cmatrix |
Scrolling Matrix like screen in the terminal. |
cowsay |
Generate an ASCII picture of a cow saying something provided by the user. |
devil |
Quotes by devil eyes. |
figlet |
Print input using large characters made up of ordinary screen characters. |
fortune |
Print a random, hopefully interesting, adage. |
lolcat |
Concatenate files, or standard input, to standard output, and add rainbow coloring to it. |
myman |
Text-mode Pac-Man. |
nyancat |
Animated, color, ANSI-text program that renders a loop of the classic Nyan Cat animation. |
sl |
A steam locomotive running across your screen. Next time write ls in a good manner. |
toilet |
Print text using large characters made of smaller characters. |
train |
Choo-choo! |
- Ongoing implementation of different themes that can be chosen at time of the installation
- Integration between ExploitDB and NIST Feed
- Athena Docker Container
- Implementation of Blue Team tools
- Implementation of bspwm
If you detect any issues during your experience, please open an issue on athena-iso GitHub repository. Current troubleshooting:
- After the first login of Discord App, at the next access on the application, if it freezes during the starting, reboot the system and the issue will be fixed.
- During the installation or usage, if you are getting issues related to the blackarch.db retrieving packages or keys, check for any firewall your traffic is routed through and whitelist
blackarch.org
. - AkameGaKill theme cannot apply red theme for legacy windows due to GTK 4.0 files missing.
- On Bloodhound, when neo4j database is run by
sudo neo4j console
, we can get some errors like:For solving it, just run neo4j server byException in thread "main" java.lang.LinkageError: Cannot to link java.nio.DirectByteBuffer
systemctl start neo4j
. You can check the proof that the server is correctly running bysystemctl status neo4j
.
PenTest Magazine: https://pentestmag.com/product/pentest-open-source-pentesting-toolkit/ (Click Download for getting the complete Magazine!)
A huge thanks to all Partners of Athena OS! They strongly contribute on making Athena reachable to new users and greater!
- ArcoLinux Project: Resources and Learning materials
- Calamares Team: Calamares Installer
- Simon Schneegans: Fly-Pie menu and Burn My Window extensions
- Hack The Box: Bash and PowerShell icons; Hack The Box icon
- Offensive Security: Kali Linux security tools icons; Offensive Security icon
- Kitsunekun: Athena Chibi Logo
- Red Team Village: PWNage menu icon