{ config, pkgs, lib, ... }: let cfg = config.sconfig.security-tools; proxybrowser = pkgs.writeShellScriptBin "proxybrowser" '' exec ${pkgs.ungoogled-chromium}/bin/chromium \ --disable-background-networking \ --disable-default-apps \ --disable-plugins-discovery \ --disk-cache-size=0 \ --ignore-certificate-errors \ --no-default-browser-check \ --no-experiments \ --no-first-run \ --no-pings \ --no-service-autorun \ --user-data-dir="$HOME/.proxybrowser" \ --proxy-server="localhost:8080" \ --proxy-bypass-list='<-loopback>' ''; in { options.sconfig.security-tools = lib.mkEnableOption "Enable security tools"; config = lib.mkIf cfg { environment.systemPackages = with pkgs; [ binutils bridge-utils burpsuite dhcpdump dirb exiftool gef ghidra-bin gobuster iptables-nftables-compat macchanger masscan metasploit net-snmp nmap openvpn postman proxybrowser remmina socat thc-hydra weevely wfuzz unstable.exploitdb unstable.postman ]; programs = { wireshark.enable = true; wireshark.package = pkgs.wireshark; }; users.users.sandy = { isSystemUser = true; useDefaultShell = true; home = "/home/sandy"; createHome = true; }; }; }