-
Notifications
You must be signed in to change notification settings - Fork 19
1. Home
Hackable NixOS container preloaded with tools for security enthusiasts
This is a NixOS container pre-loaded with tools for security auditors, ethical hackers, CTF players and other people interested in infosec.
The goal is to have a reproducible NixOS container, so one can use it in many instances on many NixOS machines and have an identical working environment.
Don't worry. You can use devShells. They will work fine on any Linux system. You can find more info about them on their wiki page
The NixOS Vagrant container will also do the job and will be able to run this container.
This NixOS container is done in declarative-way. Basically, this can be used as an isolation of system services, so you can separate the container from your currently running system.
Note: NixOS containers are NOT perfectly isolated environments. Users with root access to the container can affect the host.
Do NOT give container root access to untrusted users.
It provides more options than a regular, imperative NixOS container. You can, for example, specify the container and its config in the host's system config.
Note: You can still use it the imperative way, using the nixos-container
tool. It is described along the declarative way in the next section.
This project was influenced by Kalinix made by @balsoft, which takes an imperative approach to similar problem.
The structure of packages and their categories in devShells and their order in packages.nix
was heavily influenced by nix-security-box by @fabaff.
applePrincessPackages
packages are from here, always a few extra packages for us to use from
If you want to learn more, you might want to check the official NixOS container docs here.