• Pentesting: Athena can access to BlackArch repository, the biggest pentesting tool warehouse.
• User-oriented: if Arch is born for experienced users, Athena is conceived for decreasing complexity and improving user experience.
• Lightweight: Athena optimizes the disk space consumption by retrieving the tools you need only when you use them. Tools you never use won't be stored and the space is only used for what you really need.
• Performance: Athena is based on Arch Linux so it is configured to load the bare minimum for its purpose. No useless services, no useless modules consuming your resources.
• Flexibility: for its Arch nature, Athena is flexible and can easily evolve to the new needs of the users.

Wiki: https://github.com/Athena-OS/athena-iso/wiki

Here I would like to inform you about new features already tested and implemented that have been published in the newest release, for keeping you always informed in a comfortable way.

Athena OS, code name "Nike" (ancient Greek: "Victory"), comes with several important fixes and new implementations, and carries the new GNOME 43!

Athena Nike will provide:

• Hacking roles: you can choose among several roles for your hacking activity:
  • Bug Bounty Hunter
  • Cracker
  • Enthusiast Student
  • Forensic Analyst
  • Malware Analyst
  • Mobile Analyst
  • Network Analyst
  • Red Teamer
  • Web Pentester
• Hacking environment variable viewer: you can easily list the set of environment variables you need for your activity
• Autotiling feature: you can now tile windows by Autotiling icon on the top-right of the screen
• osert tool: Markdown Templates for Offensive Security exam reports. Just get it by pacman!
• BASH and ZSH as shells to be chosen
• GRUB Athena background
• A lot of security resources as bookmarks in Firefox ESR
• Hack-Tools extension in Firefox ESR
• CTRL+ALT+T for invoking the terminal, SUPER+D for minimizing all the windows, SUPER+E for opening the Home folder
• Snapper for creating snapshots of your system for recovering purpose
• Octopi as graphical package manager

Furthermore, heavy changes come at system level for improving the performance of the system:

• Migration to GNOME 43
• Firefox run on RAM for speeding up the performance
• Parallel code compilation
• Building from files in RAM
• OOM handling
• Process priority managers
  • Ananicy
  • IRQBalance
• Improved kernel characteristics:
  • Dirty Ratio
  • Dirty Background Ratio
  • OOM Dump Tasks
  • OOM Kill Allocating Task
  • Overcommit Memory
  • Swappiness
  • VFS Cache Pressure
  • CFS zen tweaks for non-zen kernels

Remember, I left a small challenge for you inside the system! The tip is clear enough when you login...

Screenshots:

• Currently, due to some Arch Linux PGP key issue, the Athena installation will fail for the current release. It will be solved in the next release that contains a logic to autofix repository key issues.

  • Run the ISO but dont run the Installation. Then:

    sudo nano /etc/calamares/modules/shellprocess-before.conf
    

    At the end of the file, add the following lines:

    - command: "pacman -Syy"
    - command: "pacman -S --noconfirm archlinux-keyring"
    - command: "pacman-key --init"
    - command: "pacman-key --populate"
    

    Note: keep "command" rows aligned with the already existing ones. Save the file, close it. Run the installer

    Note that, if you choose Sweet Dark as theme, you need to do some small manual fix because I updated the Sweet Dark theme package to be compliant with the next release automatically. It means you need to open GNOME Tweaks from application, go to Appearance, go to Legacy Applications and select Sweet-Dark.

• On Bloodhound, when neo4j database is run by sudo neo4j console, we can get some errors like:

  Exception in thread "main" java.lang.LinkageError: Cannot to link java.nio.DirectByteBuffer
  

  For solving it, just run neo4j server by systemctl start neo4j. You can check the proof that the server is correctly running by systemctl status neo4j.
• VSCode does not show close, maximize and minimize buttons due to some bug related to Electron19. Bug already reported: microsoft/vscode#161586
  • Issue solved by VSCode Team: just update it sudo pacman -Syu.
• Evil-WinRM does not currently work in all Arch-based distros and produces the following output:

  Error: An error of type OpenSSL::Digest::DigestError happened, message is Digest initialization failed: initialization error
  
  Error: Exiting with code 1
  

  • Workaround: edit /etc/ssl/openssl.cnf by adding legacy = legacy_sect under default = default_sect in order to appear as:

    [openssl_init]
    providers = provider_sect
    
    # List of providers to load
    [provider_sect]
    default = default_sect
    legacy = legacy_sect
    

    and by uncommenting # activate = 1 under [default_sect] and adding [legacy_sect] and activate = 1 under them in order to appear as:

    [default_sect]
    activate = 1
    [legacy_sect]
    activate = 1
    

• Zsteg does not show the entire output when run zsteg -a image.png. It occurs due to file tool bug. In the next file release the bug will be fixed.
  • Workaround: run sudo downgrade file and select 5.39.

• 🎉 Introduction
• ⚓ System Requirements
• 🎁 Installation
• 📐 Configuration
• 🔥 Resources
• 📷 Screenshots
• 🛣️ Roadmap
• ❓ Support
• 📢 Publications
• ❤️ Credits

Athena is designed from scratch, so already during the development phase useless modules and services have been excluded in order to improve performance and resource consumption. Furthermore, this design approach allowed to review in detailed manner each single package and component to include inside the distribution. It led the OS to build a user-friendly environment, despite based on Arch Linux.

The heritage of Arch Linux impacts positively Athena OS:

• Better performance: pacman is faster than apt
• Focused: Athena can be developed and maintained down to the smallest detail
• Much more security tools: Athena can rely on BlackArch repository, that contains much more security tools than APT repositories
• Freedom: during the installation, you can configure your Athena with any resource or service you need.
• Documentation: Arch Linux is very well documented on Internet for any need

Athena's environment is based on GNOME Wayland that provide exciting features the user can enjoy!

Let's give a detailed look on Athena!

Recommended system requirements for smooth usage in Athena are:

• 20 GB of hard disk space, SSD preferred
• At least 4GB of RAM
• Processor with at least two cores

Download the latest Athena release .iso file from the related section. According to your need, you can choose to install Athena on your computer natively, or implement it on a Virtual Machine (e.g., VMware or VirtualBox).

Currently VirtualBox is affected by a bug is enabling 3D Acceleration, so keep it disabled. 3D Acceleration also makes intermittent freezes on the environment if enabled on VMware or VirtualBox if you use xorg. It is strongly suggested to keep it disabled.

When you mount the ISO to your pendrive or your Virtual Machine and boot up Athena, you will meet Athena Calamares Installer, that allows you to customise your future Athena OS as you wish.

After the installation and the first boot:

• open Kitty terminal, run htb-update and copy and paste your Hack The Box API key.

The Hack The Box API Key can be retrieved by your Hack The Box profile settings -> "Create App Token".

Until your API key will be valid, your system will update the Hack The Box contents automatically for you at each login or when htb-update is run.

PenTOXIC Menu is born for organizing in pretty manner all main security tools you need to start your hacking activity. It consists in two levels:

• 1st level containing the several hacking categories as submenu, plus Firefox browser and Code OSS as editor
• 2nd level consisting in the hacking tools deployed for each category

PenTOXIC changes its look according to the applied theme!

The list of the PenTOXIC menu, also deployable by Red Team Button, is:

PWNage Menu allows you to access quickly to the main hacking platforms for learning purposes and to join the main Discord InfoSec Communities:

• 1st shell deploys all quick links to the main hacking platforms
• 2nd shell can be accessed by the Discurity icon on top where the user has the opportunity to join several Discord InfoSec servers or open Discord App.

Cannot you wait for opening browser and accessing to Hack The Box website? Athena gives you the possibility to play Hack The Box machines directly on your Operating System environment in a quick and comfortable manner. Athena offers:

• Connect/Disconnect to/from Hack The Box VPN servers
• Play any active free machine you wish
• Reset the active machine
• Stop any active machine
• Submit a flag and write a review about your hacking experience!
• ... and of course you can access to the Hack The Box website in one click

For playing Active HTB Machines, use PWNage Menu. For playing Retired Machines, just run htb-play and type the name of the machine you want to play.

Firefox ESR has been modified in order to integrate at the installation time the addons you need for your web application pentesting activity. The preinstalled addons are:

• Cookie Quick Manager
• FoxyProxy Standard
• Hack-Tools
• HacKontext
• HTTPS Everywhere
• Penetration Testing Kit
• Privacy
• uBlock Origin
• Wappalyzer

Payload to Dock is based on Dash 2 Dock and keeps the access to the most famous payload repositories. It allows you to get the latest version of payloads and accessing their path directly by the shell. It shows:

• Auto Wordlists
• FuzzDB
• PayloadAllTheThings
• SecLists
• Security Wordlist

The Dock contains also links to Mimikatz and Powersploit.

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. Its repository contains 2800+ tools, classified for categories. You can install tools individually or in groups according to the categories they belong. BlackArch Repository is compatible with only Arch-based distributions as Athena OS.

NIST Feed is a special tool able to inform you as soon as possible about a new published or updated CVE by a popup notification! The notification contains a description of the CVE. Are you curious about it and would like to access to details? Left-click on it and you will be redirected to the official NIST NVD page for further details. Do you want to quickly close the popup notification? Right-click on it!

You can decide which kind of CVE you wish to be informed about, for example CVEs with an high impact on the confidentiality and integrity, or CRITICAL CVEs.

Just execute:

nist-feed -h

for getting more details.

Be aware of new vulnerabilities by NIST Feed!

Keybindings in Athena OS for speeding up your work.

Note that Super key corresponds to the button showing Windows icon in the usual keyboards.

Vim configuration is based on https://github.com/amix/vimrc so it implements smart and useful plugins, color schemes and modes.

If you would like to enable, edit or disable Burn My Window opening and closing effect:

gnome-extensions prefs [email protected]

and check or uncheck your effects.

Change your themes and icons by gnome-tweaks.

• Ongoing implementation of different themes that can be chosen at time of the installation
• Integration between ExploitDB and NIST Feed
• Athena Docker Container
• Implementation of Blue Team tools

If you detect any issues during your experience, please open an issue on athena-iso GitHub repository. Current troubleshooting:

• After the first login of Discord App, at the next access on the application, if it freezes during the starting, reboot the system and the issue will be fixed.
• During the installation or usage, if you are getting issues related to the blackarch.db retrieving packages or keys, check for any firewall your traffic is routed through and whitelist blackarch.org.
• AkameGaKill theme cannot apply red theme for legacy windows due to GTK 4.0 files missing.
• Visual Code does not show close, maximize and minimize buttons due to a bug in Electron19 19.1.4.

PenTest Magazine: https://pentestmag.com/product/pentest-open-source-pentesting-toolkit/

• ArcoLinux Project: Resources and Learning materials
• Calamares Team: Calamares Installer
• Simon Schneegans: Fly-Pie menu and Burn My Window extensions
• HackTheBox: Bash and PowerShell icons; Hack The Box icon
• Offensive Security: Kali Linux security tools icons; Offensive Security icon
• Kitsunekun: Athena Chibi Logo
• Red Team Village: PWNage menu icon