blob: 27a36bbc3a849ecca3e858eddc487b4ddd44e8a8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
{
config,
lib,
pkgs,
inputs,
...
}:
with lib; let
cfg = config.nixfiles.modules.nmap;
in {
options.nixfiles.modules.nmap.enable = mkEnableOption "Nmap";
config = mkIf cfg.enable {
hm = {
home = {
file = {
".nmap/scripts/vulners/vulners.nse".source = "${inputs.nmap-vulners}/vulners.nse";
".nmap/scripts/vulscan/vulscan.nse".source = "${inputs.nmap-vulscan}/vulscan.nse";
};
packages = with pkgs; [nmap nmap-formatter];
activation.regenerateNmapScriptDatabase = with pkgs; ''
# TODO Add an update timestamp and pull files only when they are old.
# declare -a vulscandbs=(
# "cve"
# "exploitdb"
# "openvas"
# "osvdb"
# "scipvuldb"
# "securityfocus"
# "securitytracker"
# "xforce"
# )
# for i in "''${vulscandbs[@]}"; do
# ${curl}/bin/curl \
# -o "$HOME/.nmap/scripts/vulscan/$i.csv" \
# "https://www.computec.ch/projekte/vulscan/download/$i.csv"
# done
${nmap}/bin/nmap --script-updatedb
'';
};
programs.bash = {
shellAliases = let
base = "${pkgs.nmap}/bin/nmap -sV";
in {
nmap-vulscan = "${base} --script=vulscan/vulscan.nse";
nmap-vulners = "${base} --script=vulners/vulners.nse";
};
initExtra = mkAfter ''
_complete_alias nmap-vulscan _nmap nmap
_complete_alias nmap-vulners _nmap nmap
'';
};
};
};
}
|
