nixos-config/modules/security-tools.nix

{ config, lib, pkgs, ... }:
let

  cfg = config.sconfig.security-tools;

in
{
  options.sconfig.security-tools = lib.mkEnableOption "Enable security tools";

  config = lib.mkIf cfg {
    environment.systemPackages = with pkgs; [
      binutils
      burpsuite
      exiftool
      feroxbuster
      ghidra
      masscan
      metasploit
      msfpc
      nmap
      openvpn
      remmina
      seclists
      socat
      thc-hydra
      webshells
      weevely
      # wfuzz # TODO: temporarily broken package

      (runCommand "gdb" { } "install -D ${gef}/bin/gef $out/bin/gdb")
    ];

    programs.bash.interactiveShellInit = ''
      alias feroxbuster="feroxbuster --no-state"
    '';

    system.activationScripts.seclists = ''
      mkdir -m 0755 -p /usr/share
      ln -sf /run/current-system/sw/share/seclists /usr/share/
    '';

    networking.firewall.allowedTCPPorts = [
      8000
      8080
      9999
    ];

    programs = {
      wireshark.enable = true;
      wireshark.package = pkgs.wireshark;
    };
  };
}
rm security-toolbox 2022-07-24 16:24:35 +00:00			`{ config, lib, pkgs, ... }:`
create security-tools option 2021-03-28 06:51:59 +00:00			`let`
security-tools: add proxybrowser script 2021-08-18 21:54:23 +00:00
create security-tools option 2021-03-28 06:51:59 +00:00			`cfg = config.sconfig.security-tools;`
security-tools: add proxybrowser script 2021-08-18 21:54:23 +00:00
create security-tools option 2021-03-28 06:51:59 +00:00			`in`
add files 2020-09-18 13:54:09 +00:00			`{`
create security-tools option 2021-03-28 06:51:59 +00:00			`options.sconfig.security-tools = lib.mkEnableOption "Enable security tools";`

			`config = lib.mkIf cfg {`
rm security-toolbox 2022-07-24 16:24:35 +00:00			`environment.systemPackages = with pkgs; [`
			`binutils`
			`burpsuite`
			`exiftool`
			`feroxbuster`
ghidra-bin -> ghidra 2023-11-14 16:35:53 +00:00			`ghidra`
rm security-toolbox 2022-07-24 16:24:35 +00:00			`masscan`
			`metasploit`
			`msfpc`
			`nmap`
			`openvpn`
			`remmina`
replace security-wordlists with seclists 2023-01-16 02:43:10 +00:00			`seclists`
rm security-toolbox 2022-07-24 16:24:35 +00:00			`socat`
			`thc-hydra`
			`webshells`
			`weevely`
disable wfuzz 2024-07-17 23:12:57 +00:00			`# wfuzz # TODO: temporarily broken package`
edit some security tools 2023-01-19 02:01:47 +00:00
			`(runCommand "gdb" { } "install -D ${gef}/bin/gef $out/bin/gdb")`
rm security-toolbox 2022-07-24 16:24:35 +00:00			`];`
backport postman 2021-08-18 17:34:34 +00:00
edit some security tools 2023-01-19 02:01:47 +00:00			`programs.bash.interactiveShellInit = ''`
			`alias feroxbuster="feroxbuster --no-state"`
			`'';`

replace security-wordlists with seclists 2023-01-16 02:43:10 +00:00			`system.activationScripts.seclists = ''`
			`mkdir -m 0755 -p /usr/share`
			`ln -sf /run/current-system/sw/share/seclists /usr/share/`
			`'';`

security-tools: allow ports 8000/9999 2023-01-26 19:34:48 +00:00			`networking.firewall.allowedTCPPorts = [`
			`8000`
security-tools: open another tcp port 2024-02-15 05:38:33 +00:00			`8080`
security-tools: allow ports 8000/9999 2023-01-26 19:34:48 +00:00			`9999`
			`];`

whitespace 2021-03-28 06:52:09 +00:00			`programs = {`
			`wireshark.enable = true;`
			`wireshark.package = pkgs.wireshark;`
			`};`
create security-tools option 2021-03-28 06:51:59 +00:00			`};`
add files 2020-09-18 13:54:09 +00:00			`}`