NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
18.27k stars 14.25k forks source link

NixOS for Pentesting Overview #81418

Open JoshuaFern opened 4 years ago

JoshuaFern commented 4 years ago

NixOS for Pentesting

This represents an effort to bring Security and Forensics software to NixOS, so that it can become a viable alternative to projects like Kali Linux and BlackArch.

Expect updates here to any progress we may be making. Contributions are welcome.

Exploitation - [ ] [armitage](https://repology.org/project/armitage/information) not maintained - [x] [backdoor-factory](https://repology.org/project/backdoor-factory/information) not maintained - [ ] [beef-xss](https://repology.org/project/beef-browser-exploitation/information) - [x] [cisco-auditing-tool](https://repology.org/project/cisco-auditing-tool/information) not maintained, no upstream source - [x] [cisco-global-exploiter](https://repology.org/project/cisco-global-exploiter/information) not maintained, no upstream source - [x] [cisco-ocs](https://repology.org/project/cisco-ocs/information) not maintained - [x] [cisco-torch](https://repology.org/project/cisco-torch/information) not maintained - [x] [commix](https://repology.org/project/commix/information) #177726 @fabaff - [x] [crackle](https://repology.org/project/crackle/information) @fortuneteller2k - [x] [exploitdb](https://repology.org/project/exploitdb/information) @applePrincess - [x] [jboss-autopwn](https://repology.org/project/jboss-autopwn/information) not maintained - [x] [linux-exploit-suggester](https://repology.org/project/linux-exploit-suggester/information) #185034 @emilytrau - [ ] [maltego-teeth](https://repology.org/project/maltego-teeth/information) - [x] [metasploit](https://repology.org/project/metasploit/information) @fabaff - [x] [msfpc](https://repology.org/project/msfpc/information) - [x] [routersploit](https://repology.org/project/routersploit/information) #177860 @fabaff - [x] [set](https://repology.org/project/set/information) - [x] [shellnoob](https://repology.org/project/shellnoob/information) not maintained - [x] [sqlmap](https://repology.org/project/sqlmap/information) @bennofs - [x] [thc-ipv6](https://repology.org/project/thc-ipv6/information) @ajs124 - [x] [yersinia](https://repology.org/project/yersinia/information)
Forensics - [ ] [autopsy](https://repology.org/project/autopsy/information) - [x] [binwalk-full](https://repology.org/project/python:binwalk-full/information) @k0ral - [x] [bulk-extractor](https://repology.org/project/bulk-extractor/information) - [x] [capstone](https://repology.org/project/capstone/information) @thoughtpolice @risicle - [ ] [cuckoo](https://repology.org/project/cuckoo/information) - [x] [dc3dd](https://repology.org/project/dc3dd/information) - [x] [ddrescue](https://repology.org/project/ddrescue/information) @fpletz @domenkozar - [x] [ddrescueview](https://repology.org/project/ddrescueview/information) @orivej - [ ] [dff](https://repology.org/project/dff/information) - [x] [distorm3](https://repology.org/project/distorm3/information) @fabaff - [x] [dumpzilla](https://repology.org/project/dumpzilla/information) not maintained - [x] [ext4magic](https://repology.org/project/ext4magic/information) @rkoe - [x] [extundelete](https://repology.org/project/extundelete/information) @domenkozar - [x] [galleta](https://repology.org/project/galleta/information) - [x] [ghidra](https://repology.org/project/ghidra/information) @roblabla - [ ] [guymager](https://repology.org/project/guymager/information) - [x] [p0f](https://repology.org/project/p0f/information) @thoughtpolice - [x] [pdf-parser](https://repology.org/project/pdf-parser/information) @lightdiscord - [x] [pdfid](https://repology.org/project/pdfid/information) not maintained - [x] [pdgmail](https://repology.org/project/pdgmail/information) not maintained - [x] [peepdf](https://repology.org/project/peepdf/information) not maintained - [x] [regripper](https://repology.org/project/regripper/information) - [x] [sleuthkit](https://repology.org/project/sleuthkit/information) @gfrascadorio @7c6f434c - [x] [volatility](https://repology.org/project/volatility/information) @bosu - [ ] [xplico](https://repology.org/project/xplico/information)
Hardware - [x] [apktool](https://repology.org/project/apktool/information) @offlinehacker - [x] [arduino](https://repology.org/project/arduino/information) @antono @auntieNeo @robberer @bjornfor @bergey - [x] [bytecode-viewer](https://repology.org/project/bytecode-viewer/information) - [x] [dex2jar](https://repology.org/project/dex2jar/information) @makefu - [x] [enjarify](https://repology.org/project/enjarify/information) @SuperSandro2000 - [ ] [sakis3g](https://repology.org/project/sakis3g/information) - [ ] [smali](https://repology.org/project/smali/information)
Information Gathering - [ ] [ace-voip](https://repology.org/project/ace-voip/information) - [x] [amap](https://repology.org/project/amap-pentesting/information) not maintained - [x] [arp-scan](https://repology.org/project/arp-scan/information) @bjornfor @mikoim @r-burns - [x] [automater](https://repology.org/project/tekdefense-automater/information) not maintained - [ ] [bing-ip2hosts](https://repology.org/project/bing-ip2hosts/information) - [x] [braa](https://repology.org/project/braa/information) - [x] [cdpsnarf](https://repology.org/project/cdpsnarf/information) not maintained - [ ] [copy-router-config](https://repology.org/project/copy-router-config/information) - [x] [dmitry](https://repology.org/project/dmitry/information) not maintained - [x] [dnmap](https://repology.org/project/dnmap/information) not maintained - [x] [dnsenum](https://repology.org/project/dnsenum/information) @c0bw3b - [ ] [dnsmap](https://repology.org/project/dnsmap/information) - [x] [dnsrecon](https://repology.org/project/dnsrecon/information) @c0bw3b @fabaff - [ ] [dotdotpwn](https://repology.org/project/dotdotpwn/information) - [x] [enum4linux](https://repology.org/project/enum4linux/information) @fishi0x01 - [x] [eyewitness](https://repology.org/project/eyewitness/information) -> we have gowitness - [x] [faraday-cli](https://repology.org/project/faraday-cli/information) @fabaff - [x] [fierce](https://repology.org/project/fierce/information) @c0bw3b - [x] [firewalk](https://repology.org/project/firewalk/information) - [ ] [fragroute](https://repology.org/project/fragroute/information) - [ ] [fragrouter](https://repology.org/project/fragrouter/information) - [ ] [golismero](https://repology.org/project/golismero/information) - [ ] [goofile](https://repology.org/project/goofile/information) - [x] [hping](https://repology.org/project/hping/information) - [ ] [ident-user-enum](https://repology.org/project/ident-user-enum/information) - [ ] [lbd](https://repology.org/project/lbd/information) - [x] [masscan](https://repology.org/project/masscan/information) @rnhmjoj - [x] [nbtscan-unixwiz](https://repology.org/project/nbtscan-unixwiz/information) not maintained - [x] [nmap](https://repology.org/project/nmap/information) @thoughtpolice @fpletz - [x] [ntopng](https://repology.org/project/ntopng/information) @bjornfor - [ ] [osrframework](https://repology.org/project/osrframework/information) - [ ] [recon-ng](https://repology.org/project/recon-ng/information) - [x] [smbmap](https://repology.org/project/smbmap/information) - [ ] [smtp-user-enum](https://repology.org/project/smtp-user-enum/information) - [x] [sn0int](https://repology.org/project/sn0int/information) @xrelkd - [x] [sparta](https://repology.org/project/sparta/information) not maintained - [x] [sslcaudit](https://repology.org/project/sslcaudit/information) not maintained - [x] [sslsplit](https://repology.org/project/sslsplit/information) @contrun - [x] [sslstrip](https://repology.org/project/sslstrip/information) #296863 @fabaff - [x] [sslyze](https://repology.org/project/sslyze/information) @veehaitch - [x] [sublist3r](https://repology.org/project/sublist3r/information) not maintained - [x] [theharvester](https://repology.org/project/theharvester/information) @c0bw3b @treemo - [x] [testssl](https://repology.org/project/testssl/information) @etu - [x] [twofi](https://repology.org/project/twofi/information) not maintained - [x] [unicornscan](https://repology.org/project/unicornscan/information) not maintained - [ ] [urlcrazy](https://repology.org/project/urlcrazy/information) - [x] [wireshark](https://repology.org/project/wireshark/information) @bjornfor @fpletz - [ ] [wol-e](https://repology.org/project/wol-e/information)
Maintaining Access - [ ] [cryptcat](https://repology.org/project/cryptcat/information) - [ ] [cymothoa](https://repology.org/project/cymothoa/information) - [ ] [dbd](https://repology.org/project/dbd/information) - [ ] [dns2tcp](https://repology.org/project/dns2tcp/information) - [x] [httptunnel](https://repology.org/project/httptunnel/information) @k0ral - [x] [intersect](https://repology.org/project/intersect/information) not maintained - [ ] [nishang](https://repology.org/project/nishang/information) - [ ] [polenum](https://repology.org/project/polenum/information) - [ ] [powersploit](https://repology.org/project/powersploit/information) - [x] [pwnat](https://repology.org/project/pwnat/information) @viric - [ ] [ridenum](https://repology.org/project/ridenum/information) - [ ] [sbd](https://repology.org/project/sbd-netcat/information) - [ ] [shellter](https://repology.org/project/shellter/information) - [ ] [u3-pwn](https://repology.org/project/u3-pwn/information) - [ ] [webshells](https://repology.org/project/webshells/information) - [ ] [weevely](https://repology.org/project/weevely/information) - [ ] [winexe](https://repology.org/project/winexe/information)
Passwords - [x] [brutespray](https://repology.org/project/brutespray/information) @ma27 - [x] [cewl](https://repology.org/project/cewl/information) @elohmeier - [x] [chntpw](https://repology.org/project/chntpw/information) @deepfire - [x] [cmospwd](https://repology.org/project/cmospwd/information) @t4ccer - [x] [creddump](https://repology.org/project/creddump/information) @fishi0x01 - [x] [crowbar](https://repology.org/project/crowbar/information) @Pamplemousse - [x] [crunch](https://repology.org/project/crunch/information) @lnl7 - [x] [findmyhash](https://repology.org/project/findmyhash/information) not maintained - [x] [gpp-decrypt](https://repology.org/project/gpp-decrypt/information) not maintained - [x] [hash-identifier](https://repology.org/project/hash-identifier/information) @ethancedwards8 - [x] [hashcat](https://repology.org/project/hashcat/information) @kierdavis @zimbatm - [x] [hashcat-utils](https://repology.org/project/hashcat-utils/information) @fadenb - [x] [hcxtools](https://repology.org/project/hcxtools/information) @dywedir - [x] [thc-hydra](https://repology.org/project/thc-hydra/information) @offlinehacker - [x] [john](https://repology.org/project/john/information) @offlinehacker @matthewbauer - [x] [johnny](https://repology.org/project/johnny/information) - [ ] [keimpx](https://repology.org/project/keimpx/information) - [ ] [maskprocessor](https://repology.org/project/maskprocessor/information) - [ ] [multiforcer](https://repology.org/project/multiforcer/information) - [x] [ncrack](https://repology.org/project/ncrack/information) @siraben - [ ] [oclgausscrack](https://repology.org/project/oclgausscrack/information) - [ ] [ophcrack](https://repology.org/project/ophcrack/information) - [ ] [pack](https://repology.org/project/pack/information) - [x] [patator](https://repology.org/project/python:patator/information) @y0no @SuperSandro2000 - [x] [phrasendrescher](https://repology.org/project/phrasendrescher/information) @bjornfor - [ ] [rainbowcrack](https://repology.org/project/rainbowcrack/information) - [ ] [rcracki-mt](https://repology.org/project/rcracki-mt/information) - [ ] [rsmangler](https://repology.org/project/rsmangler/information) - [x] [seclists](https://repology.org/project/seclists/information) - [ ] [sqldict](https://repology.org/project/sqldict/information) - [ ] [statsprocessor](https://repology.org/project/statsprocessor/information) - [ ] [thc-pptp-bruter](https://repology.org/project/thc-pptp-bruter/information) - [x] [truecrack](https://repology.org/project/truecrack/information) @ethancedwards8 - [ ] [webscarab](https://repology.org/project/webscarab/information) not maintained
Reporting - [ ] [casefile](https://repology.org/project/casefile/information) - [x] [cherrytree](https://repology.org/project/cherrytree/information) - [x] [cutycapt](https://repology.org/project/cutycapt/information) not maintained - [ ] [dradis](https://repology.org/project/dradis/information) - [ ] [magictree](https://repology.org/project/magictree/information) - [ ] [metagoofil](https://repology.org/project/metagoofil/information) - [x] [nipper-ng](https://repology.org/project/nipper-ng/information)) not maintained - [ ] [pipal](https://repology.org/project/pipal/information) - [x] [rdpy](https://repology.org/project/python:rdpy/information) not maintained
Sniffing & Spoofing - [x] [bettercap](https://repology.org/project/bettercap/information) @y0no - [x] [dnschef](https://repology.org/project/dnschef/information) @gfrascadorio - [x] [dsniff](https://repology.org/project/dsniff/information) @symphorien - [x] [fiked](https://repology.org/project/fiked/information) not maintained - [x] [hamster-sidejack](https://repology.org/project/hamster-sidejack/information) not maintained - [x] [hexinject](https://repology.org/project/hexinject/information) not maintained - [x] [ismtp](https://repology.org/project/ismtp/information) not maintained - [x] [isr-evilgrade](https://repology.org/project/isr-evilgrade/information) not maintained - [x] [mitmproxy](https://repology.org/project/mitmproxy/information) @fpletz @kamilchm - [x] [ohrwurm](https://repology.org/project/ohrwurm/information) not maintained - [x] [protos-sip](https://repology.org/project/protos-sip/information) not maintained - [x] [rebind](https://repology.org/project/rebind/information) not maintained - [x] [responder](https://repology.org/project/responder/information) - [x] [rshijack](https://repology.org/project/rshijack/information) @xrelkd - [x] [rtpbreak](https://repology.org/project/rtpbreak/information) not maintained - [x] [rtpinsertsound](https://repology.org/project/rtpinsertsound/information) not maintained - [x] [rtpmixsound](https://repology.org/project/rtpmixsound/information) not maintained - [x] [sctpscan](https://repology.org/project/sctpscan/information) not maintained - [x] [siparmyknife](https://repology.org/project/siparmyknife/information) not maintained - [x] [sipp](https://repology.org/project/sipp/information) - [x] [sipvicious](https://repology.org/project/sipvicious/information) @fabaff - [x] [sniffglue](https://repology.org/project/sniffglue/information) @xrelkd - [x] [sniffjoke](https://repology.org/project/sniffjoke/information) not maintained - [x] [voiphopper](https://repology.org/project/voiphopper/information) not maintained - [x] [wifi-honey](https://repology.org/project/wifi-honey/information) not maintained - [x] [xspy](https://repology.org/project/xspy/information) not maintained
Stress Testing - [x] [dhcpig](https://repology.org/project/dhcpig/information) @Tochiaha - [ ] [funkload](https://repology.org/project/funkload/information) - [ ] [iaxflood](https://repology.org/project/iaxflood/information) - [ ] [inundator](https://repology.org/project/inundator/information) - [ ] [inviteflood](https://repology.org/project/inviteflood/information) - [ ] [ipv6-toolkit](https://repology.org/project/ipv6-toolkit/information) - [x] [mdk3](https://repology.org/project/mdk3/information) not maintained - [x] [reaverwps](https://repology.org/project/reaver-wps/information) @nico202 @volth - [x] [reaverwps-t6x](https://repology.org/project/reaver-t6x/information) @nico202 @volth - [x] [rtpflood](https://repology.org/project/rtpflood/information) not maintained - [x] [slowhttptest](https://repology.org/project/slowhttptest/information) @fabaff - [ ] [t50](https://repology.org/project/t50/information) - [ ] [termineter](https://repology.org/project/termineter/information) - [ ] [thc-ssl-dos](https://repology.org/project/thc-ssl-dos/information)
Vulnerability Analysis - [x] [bbqsql](https://repology.org/project/bbqsql/information) not maintained - [x] [bed](https://repology.org/project/bed-bruteforce-exploit-detector/information) not maintained - [x] [doona](https://repology.org/project/doona/information) @Pamplemousse - [x] [hexorbase](https://repology.org/project/hexorbase/information) not maintained, source no longer available - [ ] [jsql-injection](https://repology.org/project/jsql-injection/information) - [x] [lynis](https://repology.org/project/lynis/information) @ryneeverett - [ ] [openvas](https://repology.org/project/openvas/information) - [x] [oscanner](https://repology.org/project/oscanner/information) not maintained - [x] [powerfuzzer](https://repology.org/project/powerfuzzer/information) not maintained - [x] [sfuzz](https://repology.org/project/sfuzz/information) source not available - [x] [sidguesser](https://repology.org/project/sidguesser/information) source not available - [x] [sqlninja](https://repology.org/project/sqlninja/information) not maintained - [x] [sqlsus](https://repology.org/project/sqlsus/information) not maintained - [x] [tnscmd10g](https://repology.org/project/tnscmd10g/information) not maintained - [x] [unix-privesc-check](https://repology.org/project/unix-privesc-check/information) not maintained - [x] [vulnix](https://repology.org/project/vulnix/information) @ckauhaus
Web Applications - [x] [apache-users](https://repology.org/project/apache-users/information) - [x] [arachni](https://repology.org/project/arachni/information) not maintained, superseded by Codename SCNR - [x] [blindelephant](https://repology.org/project/blindelephant/information) not maintained, Python 2 - [x] [burpsuite](https://repology.org/project/burpsuite/information) @bennofs - [x] [davtest](https://repology.org/project/davtest/information) - [x] [deblaze](https://repology.org/project/deblaze/information) not maintained - [x] [dirb](https://repology.org/project/dirb/information) @bennofs - [x] [dirbuster](https://repology.org/project/dirbuster/information) not maintained - [x] [fimap](https://repology.org/project/fimap/information) not maintained - [x] [gobuster](https://repology.org/project/gobuster/information) @Pamplemousse - [x] [grabber](https://repology.org/project/grabber/information) not maintained - [x] [hurl](https://repology.org/project/hurl-http-requester/information) @eonpatapon - [x] [joomscan](https://repology.org/project/joomscan/information) - [x] [nikto](https://repology.org/project/nikto/information) @SCOTT-HAMILTON - [x] [padbuster](https://repology.org/project/padbuster/information) - [ ] [paros](https://repology.org/project/paros/information) - [x] [parsero](https://repology.org/project/parsero/information) - [x] [plecost](https://repology.org/project/plecost/information) - [x] [skipfish](https://repology.org/project/skipfish/information) not maintained - [x] [uniscan](https://repology.org/project/uniscan/information) not maintained - [x] [w3af](https://repology.org/project/w3af/information) not maintained - [x] [webshag](https://repology.org/project/webshag/information) not maintained - [x] [webslayer](https://repology.org/project/webslayer/information) not maintained - [x] [websploit](https://repology.org/project/websploit/information) - [x] [wfuzz](https://repology.org/project/wfuzz/information) @Pamplemousse - [x] [whatweb](https://repology.org/project/whatweb/information) @WolfangAukang - [x] [wpscan](https://repology.org/project/wpscan/information) @nyanloutre @manveru - [x] [xsser](https://repology.org/project/xsser/information) - [x] [zap](https://repology.org/project/zaproxy/information) @mogorman
Wireless - [x] [aircrack-ng](https://repology.org/project/aircrack-ng/information) - [x] [asleap](https://repology.org/project/asleap/information) @theHedgehog0 - [ ] [bluelog](https://repology.org/project/bluelog/information) - [ ] [bluepot](https://repology.org/project/bluepot/information) - [ ] [blueranger](https://repology.org/project/blueranger/information) - [ ] [bluesnarfer](https://repology.org/project/bluesnarfer/information) - [x] [bully](https://repology.org/project/bully/information) @edwtjo - [x] [cowpatty](https://repology.org/project/cowpatty/information) @nico202 @fabaff - [ ] [eapmd5pass](https://repology.org/project/eapmd5pass/information) - [ ] [fern-wifi-cracker](https://repology.org/project/fern-wifi-cracker/information) - [ ] [freeradius-wpe](https://github.com/brad-anton/freeradius-wpe) - [x] [ghost-phisher](https://repology.org/project/ghost-phisher/information) not maintained - [ ] [giskismet](https://repology.org/project/giskismet/information) not maintained - [x] [gqrx](https://repology.org/project/gqrx/information) @bjornfor - [x] [gr-scan](https://repology.org/project/gr-scan/information) not maintained - [ ] [hostapd-wpe](https://github.com/OpenSecurityResearch/hostapd-wpe) - [x] [kalibrate-hackrf](https://repology.org/project/kalibrate-hackrf/information) @mogorman - [x] [kalibrate-rtl](https://repology.org/project/kalibrate-rtl/information) @bjornfor - [x] [killerbee](https://repology.org/project/killerbee/information) https://github.com/NixOS/nixpkgs/pull/282429 @fabaff - [x] [kismet](https://repology.org/project/kismet/information) - [x] [mfcuk](https://repology.org/project/mfcuk/information) @offlinehacker - [x] [mfoc](https://repology.org/project/mfoc/information) @offlinehacker - [x] [mfterm](https://repology.org/project/mfterm/information) not maintained - [x] [multimon-ng](https://repology.org/project/multimon-ng/information) @markuskowa - [x] [pixiewps](https://repology.org/project/pixiewps/information) @nico202 - [x] [pyrit](https://repology.org/project/pyrit/information) @danielfullmer - [x] [redfang](https://repology.org/project/redfang/information) @fortuneteller2k - [x] [rtlsdr-scanner](https://repology.org/project/rtlsdr-scanner/information) not maintained - [x] [spooftooph](https://repology.org/project/spooftooph/information) not maintained - [ ] [wifiphisher](https://repology.org/project/wifiphisher/information) - [ ] [wifitap](https://repology.org/project/wifitap/information) - [x] [wifite2](https://repology.org/project/wifite2/information) @Lassulus @danielfullmer

Also see: Are We Hackers Yet?

Why?

We live in a digital age where high-tech network attacks are rampant, it's critical to regularly scan for vulnerabilities and undergo penetration testing at least once a year to ensure our security practices are working. The only real way to have solid defensive security is to approach it from the mindset of an offensive attacker.

dhess commented 4 years ago

radare2 is in nixpkgs.

7c6f434c commented 4 years ago

dsniff is obsolete in the age of allegedely working switches? I thought overloading a switch still works sometimes…

dhess commented 4 years ago

I tried (unsuccessfully) to upstream libprelude to nixpkgs a few years ago. If anyone wants to try again, there's a working derivation here:

https://github.com/hackworthltd/hacknix/blob/master/pkgs/development/libraries/libprelude/default.nix

I believe that among the objections was the fact that I wasn't handling the Python bindings correctly, so that'll probably need cleaning up.

JoshuaFern commented 4 years ago

Thanks for your contribution. @Ma27

makefu commented 4 years ago

I packaged dex2jar in for my nur repo ( nix-shell -p pkgs.nur.repos.makefu.dex2jar ) https://github.com/makefu/nur-packages/blob/master/dex2jar/default.nix

There is also drozer ( https://github.com/makefu/nur-packages/blob/master/drozer/default.nix ) and beef ( https://github.com/makefu/nur-packages/tree/master/beef ) however i am unsure how far i went to package these tools and if all functionality is working. They seem to build at least.

maybe we are lucky with other packages in NUR.

devhell commented 4 years ago

You're missing sleuthkit and autopsy in your list. ;-)

However, sleuthkit is in nixpkgs, but autopsy is not.

JoshuaFern commented 4 years ago

It's not a comprehensive list, however I'm happy to add any particular packages people request. If I added absolutely everything to the list it would be well over 2500 items long ;)

I added sleuthkit and autopsy to the list, thanks.

devhell commented 4 years ago

You're absolutely right, but sleuthkit and autopsy are two staple DF tools that shouldn't miss on any list. Thank you for adding them ;)

deliciouslytyped commented 4 years ago

enjarify may be more reliable than dex2jar, and bytecode-viewer is a good frontend / is bundled with procyon (and or cfr? I dont remember) which was a pretty good decompiler - or at least I had better luck than with others, even on old code - though FWIW it seems to be just a jar file and runs fine with java -jar

Edit: looks like it defaults to fernflower which is apparrently what intellij idea uses.

xrelkd commented 4 years ago

Could we add sn0int into this list? sn0int is a Information Gathering tool. The PR #85282 has been created. Thank you!

Pamplemousse commented 4 years ago

67413 is a discussion to get angr on nix.

As of now, it is available as a nur repository .

Pamplemousse commented 4 years ago

And BTW, ZAProxy is already available: https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/networking/zap/default.nix.

JoshuaFern commented 4 years ago

OP updated, now with expanding categories!

JoshuaFern commented 4 years ago

Thanks @xrelkd OP updated.

helinko commented 4 years ago

Zap seems to be broken, I opened a ticket https://github.com/NixOS/nixpkgs/issues/87106

Also, in the OP Zap should probably be under Web Applications, not Passwords.

offlinehacker commented 4 years ago

I think some packages are not useful to have in nixpkgs, maybe creating pentest overlay would be good, where we can have all different packages.

Mic92 commented 4 years ago

I have frida and keystone in my NUR packages. Keystone is a disassembler required for tools like gef

JJJollyjim commented 4 years ago

I set up a little tool to show which of the Kali packages by category are installable through nix: https://jjjollyjim.github.io/arewehackersyet/index.html

It relies on the mappings being made manually: PR here if you find one that actually is packaged.

You could also import default.nix to install the sets of packages yourself, though not many of them exist yet :)

makefu commented 4 years ago

I set up a little tool to show which of the Kali packages by category are installable through nix: https://jjjollyjim.github.io/arewehackersyet/index.html

Great stuff, could you add this issue to the introduction text?

JJJollyjim commented 4 years ago

good idea, done :)

oxzi commented 4 years ago

The Are We Hackers Yet? list contains the ubertooth package, for which I submitted an unnoticed PR (#87750) a while back. I hope it is not rude to point this out here. It would be nice to get a review.

veehaitch commented 4 years ago

I've created a PR for sslyze: https://github.com/NixOS/nixpkgs/pull/89034 🙂

d4g commented 4 years ago

I want to add to the list:

mweinelt commented 4 years ago

snallygaster might be of interest. https://github.com/NixOS/nixpkgs/pull/104126

https://github.com/hannob/snallygaster

Pamplemousse commented 3 years ago

Wordlists are very necessary when doing pentesting; Kali / Parrot seems to have several of them by default.

I started NixOS/nixpkgs#104712 to have wordlists in nixpkgs. As I commented over there, I am not too sure if the format it takes fits nixpkgs...

What are your thoughts on that effort? Don't hesitate to leave feedback and comments on the PR!

berbiche commented 3 years ago

It would be great if there was an infrastructure to build Ghidra with plugins and user scripts, akin to Emacs' emacsWithPackages and other packages with the same pattern.

Plugins and scripts can be found through https://github.com/topics/ghidra.

deliciouslytyped commented 3 years ago

Boy do I have something for you @berbiche .

I built a bit of a spaceship a while ago https://github.com/deliciouslytyped/nix-ghidra-wip . I don't think I've updated it for the latest rootedoverlay. It should work? Maybe? It looks like I did pin nixpkgs. Find me on IRC? You probably want to update ghidra too, etc.

berbiche commented 3 years ago

@berbiche I built a bit of a spaceship a while ago https://github.com/deliciouslytyped/nix-ghidra-wip . I don't think I've updated it for the latest rootedoverlay. It should work? Maybe? It looks like I did pin nixpkgs. Find me on IRC? You probably want to update ghidra too, etc.

Thanks for the groundwork, I guess what comes next is adapting this to nixpkgs with withPackages and makeScope stuff. Not to hijack this discussion, but do you know whether there is any documentation? I've read https://github.com/NixOS/nixpkgs/issues/59344

deliciouslytyped commented 3 years ago

I wrote rootedoverlay because I didn't like those - or at least I didn't really understand makeScope at the time (until I wrote rootedoverlay) - , but yeah something like that. - and rooted-overlay isn't really finished. - off topic for this thread though. Documentation for what?

deliciouslytyped commented 3 years ago

Experience report: I used bytecode-viewer (jar, since unpackaged), apktool (package), jdk (package), and ghidra-bin (package), the other day and things worked more or less fine.

buckley310 commented 3 years ago

I got weevely set up this weekend. I'm not sure if it's packaged "correctly" or anything... If someone feels like taking this and running with it, feel free. If not, I may get back to it when I get a chance. https://github.com/buckley310/nixos-config/blob/b62617260061bf6b86281fec32a616af3fe2cf25/pkgs/weevely/default.nix

nixos-discourse commented 3 years ago

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/proposing-tangerinixos-a-nixos-tailored-for-pentesting/10538/1

kamadorueda commented 3 years ago

Just leaving a short message here to tell that this is an awesome initiative

applePrincess commented 3 years ago

@d4g So I wrote partially complete (i.e. there's a lot of things to open PR) pwncat in my repo.

https://github.com/applePrincess/hackpkgs/tree/master/pkgs/tools/security/pwncat

The repo itself is just a quick and dirty workaround, not aiming to beat nixpkgs, and thus will be removed once all packages are added to nixpkgs repo.

fabaff commented 3 years ago

The next one will be EXPLIoT which is an IoT Security Testing and Exploitation framework.

Missing dependencies:

unrooted commented 3 years ago

Hi, we, @redcode-labs, are not providing any Kali nor BlackArch packages as of right now, but I've decided to flakerize our Golang tools (Sammler, Snowcrash and GoSH, but I've added nix-shell to GodSpeed as well), I hope this can be a helpful thing and a little step towards making Nix and NixOS more pentester friendly.

fabaff commented 3 years ago

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

Elements of the OpenVAS eco-system:

wamserma commented 3 years ago

I just noticed that Faraday already has nix-expressions in its repo to build the application and a Docker container including a systemd service. So it should be easy to port over to nixpkgs.

fabaff commented 3 years ago

Faraday

Parts of the Faraday eco-system:

pinpox commented 2 years ago

Regarding openvas: I've been trying to package it, for now my attempt is here: https://github.com/pinpox/openvas-nix It's not working yet, would anyone here be interested in helping out?

fabaff commented 2 years ago

I was working on the OpenVAS's integration in the past. But I didn't made everything into PRs.

aanderse commented 2 years ago

Regarding openvas: I've been trying to package it, for now my attempt is here: https://github.com/pinpox/openvas-nix It's not working yet, would anyone here be interested in helping out?

@pinpox - Have you put some time in on the gsa frontend which uses nodejs?

pinpox commented 2 years ago

@pinpox - Have you put some time in on the gsa frontend which uses nodejs?

I haven't continued on this. Did you make any progress?

aanderse commented 2 years ago

No. A long time ago I did some work on the other components, but not the frontend. I lost interest and didn't feel like packaging the frontend because the build system didn't make it easy on nix. I was pretty new to nix back then too, so not the best "getting started" project...

FedX-sudo commented 2 years ago

Moving alphabetically through Kali tools, I make a PR for AESfix. AESKeyfind is next. https://github.com/NixOS/nixpkgs/pull/166301

WolfangAukang commented 2 years ago

FYI, whatweb has been packaged and merged.

pinpox commented 2 years ago

crackmapexec is missing. I build a simple flake to run it, maybe someone wants to use it to put it into nixpkgs:

{
  description = "crackmapexec packaged using poetry2nix";

  inputs.flake-utils.url = "github:numtide/flake-utils";
  inputs.nixpkgs.url = "github:NixOS/nixpkgs";
  inputs.poetry2nix.url = "github:nix-community/poetry2nix";

  inputs.crackmapexec.url = "github:byt3bl33d3r/CrackMapExec";
  inputs.crackmapexec.flake = false;

  outputs = { self, nixpkgs, flake-utils, poetry2nix, crackmapexec }:
    (flake-utils.lib.eachDefaultSystem (system:
      let
        pkgs = import nixpkgs { inherit system; };
      in
      {
        packages.default = pkgs.poetry2nix.mkPoetryApplication {
          projectDir = crackmapexec;
        };
      }));
}
kamadorueda commented 2 years ago

The following PRs are ready to be merged:

It would be nice if someone with write access help us merging them

pyrox0 commented 2 years ago

Same with mine, #175969.

fabaff commented 2 years ago

Same with mine, https://github.com/NixOS/nixpkgs/pull/175969.

175969 still need work.