61 lines
2.8 KiB
Nix
61 lines
2.8 KiB
Nix
|
{ pkgs, config, lib, ... }:
|
||
|
let
|
||
|
cfg = config.shiva.modules.web;
|
||
|
gui = config.shiva.gui-tools;
|
||
|
in
|
||
|
{
|
||
|
options.shiva.modules.web = {
|
||
|
enable = lib.mkEnableOption "Web Application and API Hacking";
|
||
|
burpsuite.proEdition = lib.mkOption {
|
||
|
type = lib.types.bool;
|
||
|
default = false;
|
||
|
description = "Install Burpsuite Pro";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = lib.mkIf cfg.enable {
|
||
|
environment.systemPackages = with pkgs; [
|
||
|
apachetomcatscanner # Tool to scan for Apache Tomcat server vulnerabilities
|
||
|
arjun # HTTP parameter discovery suite
|
||
|
brakeman # Static analysis security scanner for Ruby on Rails
|
||
|
cansina # Web Content Discovery Tool
|
||
|
cariddi # Crawler for URLs and endpoints
|
||
|
chopchop # CLI to search for sensitive services/files/folders
|
||
|
clairvoyance # Tool to obtain GraphQL API schemas
|
||
|
commix # Automated Command Injection Exploitation Tool
|
||
|
crackql # GraphQL password brute-force and fuzzing utility
|
||
|
crlfsuite # CRLF injection (HTTP Response Splitting) scanner
|
||
|
dalfox # Tool for analysing parameter and XSS scanning
|
||
|
dismap # Asset discovery and identification tools
|
||
|
dirstalk # Tool to brute force paths on web servers
|
||
|
gau # Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
|
||
|
gospider # Fast web spider written in Go
|
||
|
gotestwaf # Tool for API and OWASP attack simulation
|
||
|
gowitness # Web screenshot utility
|
||
|
graphqlmap # Tool to interact with a GraphQL endpoint
|
||
|
graphw00f # GraphQL Server Engine Fingerprinting utility
|
||
|
gungnir # A command-line tool that continuously monitors certificate transparency (CT) logs for newly issued SSL/TLS certificates
|
||
|
hakrawler # Web crawler for the discovery of endpoints and assets
|
||
|
httpx # Fast and multi-purpose HTTP toolkit
|
||
|
jsubfinder # Tool to search for subdomains and secrets hidden in JavaScript
|
||
|
jwt-hack # Tool for attacking JWTs
|
||
|
mantra # Tool used to hunt down API key leaks in JS files and pages
|
||
|
ntlmrecon # Information enumerator for NTLM authentication enabled web endpoints
|
||
|
plecost # Vulnerability fingerprinting and vulnerability finder for Wordpress blog engine
|
||
|
snallygaster # Tool to scan for secret files on HTTP servers
|
||
|
wad # Tool for detecting technologies used by web applications
|
||
|
webanalyze # Tool to uncover technologies used on websites
|
||
|
wprecon # WordPress vulnerability recognition tool
|
||
|
wpscan # Black box WordPress vulnerability scanner
|
||
|
wsrepl # WebSocket REPL
|
||
|
wuzz # Interactive cli tool for HTTP inspection
|
||
|
xcrawl3r # A CLI utility to recursively crawl webpages
|
||
|
] ++ lib.optionals gui [
|
||
|
(burpsuite.override {
|
||
|
proEdition = cfg.burpsuite.proEdition;
|
||
|
}) # An integrated platform for performing security testing of web applications
|
||
|
zap
|
||
|
];
|
||
|
};
|
||
|
}
|