Like many tools, Tor / Whonix itself is a dual use tool. Due to Tor usage statistics (http://planete.inrialpes.fr/papers/TorTraffic-NSS10.pdf) and low rates of abuse, I believe that on average, Tor does more good than harm.
Are there any statistics on pentesting tools, on their good/harm ratio?
I am not sure the combination of anonymity and pentesting is a useful one. Which legitimate use cases come to your mind?
At the moment I believe making anonymous pentesting and more usable and popular (by using Whonix) would on average do more harm than good to the Tor network.
I am asking this, because here https://www.whonix.org/forum/index.php/topic,580.0.html a user asked how to use sqlmap (http://sqlmap.org). Sql pentesting, exploitation and even takeover tool. No obvious intention to do something evil by this user. There is no obligation for me to help with every specific question, but I am wondering it is a useful discussion to have in Whonix forums.
In past I wasn’t sure about this. I decided to simply not answer how to make port scanners work in Whonix and hoped they wouldn’t find out themselves, which they did (fortunately?) not. Obviously this isn’t a great policy.
Few arguments come to my mind. Not necessarily mine. Streisand effect (https://en.wikipedia.org/wiki/Streisand_effect). The other argument is, that bad guys already know how to do it, and to archive the good ones have the same chances, explain for everyone how to do it.