Skip to content

1. Home

unrooted edited this page Jul 23, 2022 · 9 revisions

RedNix


screenshot
Hackable NixOS container preloaded with tools for security enthusiasts

What is this project

This is a NixOS container pre-loaded with tools for security auditors, ethical hackers, CTF players and other people interested in infosec.

The goal is to have a reproducible NixOS container, so one can use it in many instances on many NixOS machines and have an identical working environment.

What if I don't have NixOS?

Don't worry. You can use devShells. They will work fine on any Linux system. You can find more info about them on their wiki page

The NixOS Vagrant container will also do the job and will be able to run this container.

Features

This NixOS container is done in declarative-way. Basically, this can be used as an isolation of system services, so you can separate the container from your currently running system.

Note: NixOS containers are NOT perfectly isolated environments. Users with root access to the container can affect the host.

Do NOT give container root access to untrusted users.

It provides more options than a regular, imperative NixOS container. You can, for example, specify the container and its config in the host's system config.

Note: You can still use it the imperative way, using the nixos-container tool. It is described along the declarative way in the next section.

Other projects

This project was influenced by Kalinix made by @balsoft, which takes an imperative approach to similar problem.

The structure of packages and their categories in devShells and their order in packages.nix was heavily influenced by nix-security-box by @fabaff.

applePrincessPackages packages are from here, always a few extra packages for us to use from

More

If you want to learn more, you might want to check the official NixOS container docs here.