Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rhacknarok/nixoffsec
Automated Nixos and NixOffsec virtual machines installation
https://github.com/rhacknarok/nixoffsec
nixoffsec nixos vagrant
Last synced: about 23 hours ago
JSON representation
Automated Nixos and NixOffsec virtual machines installation
- Host: GitHub
- URL: https://github.com/rhacknarok/nixoffsec
- Owner: Rhacknarok
- License: gpl-3.0
- Created: 2025-01-10T13:07:18.000Z (1 day ago)
- Default Branch: main
- Last Pushed: 2025-01-10T13:44:54.000Z (1 day ago)
- Last Synced: 2025-01-10T14:27:25.212Z (1 day ago)
- Topics: nixoffsec, nixos, vagrant
- Language: Nix
- Homepage:
- Size: 3.71 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# NixOffsec
## So why this project ?
Nixos is a declarative OS, which means it provides reliable and atomic updates. but nix(os) is more than that, it's also a package manager. and this declarative operation allows identical rebuildability and reproducibility.
Our aim here is not to revolutionize anything, but to be as efficient as possible in order to have a fast and reliable pentesting machine, so to avoid any cumbersome and tedious installation, we've automated everything. This applies to both VM installation and the installation of Nixos configuration files, which have been made modular.
### So what we have to the menu ? 
1. Native format (just nixos).
2. Not provided but prepared for that.
3. Already provisioned. (with Offensive tools)
> [!NOTE]
> In either case if you modify the vagrantfile in the right way you should be able to either provision yourself with your specific packages, or add packages to the version already provisioned, just modify the configuration files in [`modules`](./modules) folder.
> [!CAUTION]
> For the NixOffsec part, you need at least 40g of available space, the OS alone = 30g, in flexible disk by default I've given it 70g.
## Prerequisites
Of course, as a prerequisite, you need vagrant and the plugins linked to it.
> [Vagrant](https://developer.hashicorp.com/vagrant/install)
> For Vmware the desktop plugin are necessary
```
vagrant plugin install vagrant-vmware-desktop
```
## Installation
You only need the [`Vagrantfile`](./Vagrantfile) and vagrant to install the machines.
and in the folder where you had copied the [`Vagrantfile`](./Vagrantfile) you can run one of the following commands, depending on your provider and what you want to do !
### Native Nixos
```
vagrant up nixos-vbox
vagrant up nixos-vmware
```
### To provide
```
vagrant up nixos-vbox-offsec
vagrant up nixos-vmware-offsec
```
### Already provided (With Offsec Tools)
```
vagrant up nixOffsec-vbox
vagrant up nixOffsec-vmware
```
## Our Native Nixos Configuration
You can also find our configuration files for the βnativeβ version in the folder [`native-nixos-conf`](./native-nixos-conf).
## Vagrant box construction
The manual box-building method [here](./vagrantBox-construction/README.md). 
**Yes**, we know that packer exists and that it allows you to create iso's or provision methods for boxes, but for nixos the methodology is too daunting and cumbersome for nothing.
Knowing that, the updates are without real risk, and that they are atomic you don't need to recreate the whole thing for each update, even major ones.
> [!NOTE]
> In fact, you could just do it once and update declaratively, and it would be exactly the same.
> That's one of the strength of Nixos: you can now say "it works on my machine" without being insulted.
### Credit
Inspired by work of [fabaff](https://github.com/fabaff) (thank's a lot for his contribution to the nix security packages π)
Also inspired by the nix-community work and in particular the [nixbox project](https://github.com/nix-community/nixbox)