NixOS tailored for pentesting.
Think Kali / Parrot, but being a customisation of NixOS instead of being based on Debian.
It is meant to be installed and run from a NixOS host, using a qemu virtual machine.
# Pull the configuration
git clone [email protected]:Pamplemousse/tangerinixos.git
# Optional, to speed-up evaluation.
cachix use tangerinixos
# Build and run the VM
nix-shell -p nixos-generators --run "nixos-generate -f vm -c ./tangerinixos.nix --run"- Use tangerinixos.cachix.org (updated using GitHub Actions) to speed-up the build by pulling cached binaries;
- Shared folder: Host's
/run/user/$(id -u)/nix-vm.<ID>is mounted as/tmp/xchgin VM; - SSH traffic is forwarded from host:
ssh [email protected] -p 8022to connect to the VM.
- VM configuration:
Is defined by the
nixos-generate -f vmcommand given above, with no control over the image parameters, or the starting script. It would be great to be able define alternative networking options (interfacing, mapping of ports between host and guest, etc.). - Customizability:
It requires manual editing of files after the
clone. It would be nice to offer higher level options. - Lack of packages:
Are We Hackers Yet? keeps track of the effort of bringing Kali packages into
Nixpkgs. Not all are yet available, but it's getting there! Be part of the effort by contributing to NixOS for Pentesting Overview. - Too many packages (for maintenance):
Not all the packages from Kali available in
Nixpkgsevaluate properly... Increasing the number of packages fortangerinixosimplies increasing the risk of evaluation (hence building) failures.
- The logo uses:
- A picture shared by Doudoulolita, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons;
- Artwork from the NixOS organisation, CC BY 4.0, https://creativecommons.org/licenses/by/4.0/.