5 files changed, 269 insertions, 0 deletions
diff --git a/pwn/packages/ffuf.scm b/pwn/packages/ffuf.scm
new file mode 100644
index 0000000..100822a
--- /dev/null
+++ b/pwn/packages/ffuf.scm
@@ -0,0 +1,82 @@
+;; Authored by awth13, committed by c0co
+(define-module (awth13 packages ffuf)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:use-module (guix build-system go)
+  #:use-module (guix git-download)
+  #:use-module (gnu packages golang)
+  #:use-module (gnu packages golang-build)
+  #:use-module (gnu packages golang-web)
+  #:use-module (gnu packages golang-xyz)
+  #:use-module (gnu packages golang-check)
+  #:use-module (gnu packages golang-compression))
+
+(define-public go-github-com-ffuf-pencode
+  (package
+    (name "go-github-com-ffuf-pencode")
+    (version "0.4")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+              (url "https://github.com/ffuf/pencode")
+              (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
+       (sha256
+        (base32 "0l4kvsb73p8c03xh3sqkgfbzcfljlwh3ab2fl2a5akyqw20p6nqb"))))
+    (build-system go-build-system)
+    (arguments
+     (list
+      #:go go-1.17
+      #:skip-build? #t
+      #:tests? #f
+      #:import-path "github.com/ffuf/pencode"))
+    (home-page "https://github.com/ffuf/pencode")
+    (synopsis "Complex payload encoder")
+    (description
+     "Pencode is a tool that helps you to create payload encoding chains. It has been designed to be used in automation whereever it is required to apply multiple encodings to a payload (and possibly inserting the payload to a template in between).")
+    (license license:expat)))
+
+
+(package
+  (name "go-github-com-ffuf")
+  (version "2.1.0")
+  (source
+   (origin
+     (method git-fetch)
+     (uri (git-reference
+            (url "https://github.com/ffuf/ffuf")
+            (commit (string-append "v" version))))
+     (file-name (git-file-name name version))
+     (sha256
+      (base32 "0ifdclyywv2q9d3c00n1jrhsq9cld0f30mr25s1cq1zd06lhs1zv"))))
+  (build-system go-build-system)
+  (arguments
+   (list
+    #:go go-1.17
+    #:import-path "github.com/ffuf/ffuf"
+    ;; fixed upstream but no release yet (can package commit instead of release)
+    ;; https://github.com/ffuf/ffuf/commit/6487328cd8a67c8f4e3ccd82f9a24d32aa7533bb
+    #:phases
+    #~(modify-phases %standard-phases
+        (add-after 'unpack 'remove-test
+          (lambda* (#:key import-path #:allow-other-keys)
+            (with-directory-excursion (string-append "src/" import-path)
+              (delete-file "pkg/output/file_csv_test.go")))))))
+  (propagated-inputs
+   (list go-github-com-puerkitobio-goquery
+         go-github-com-adrg-xdg
+         go-github-com-andybalholm-brotli
+         go-github-com-ffuf-pencode
+         go-github-com-pelletier-go-toml
+         go-github-com-andybalholm-cascadia
+         go-github-com-davecgh-go-spew
+         go-golang-org-x-net
+         go-golang-org-x-sys))
+  (home-page "https://github.com/ffuf/ffuf")
+  (synopsis "A fast web fuzzer written in GO.")
+   (desription
+   "Ffuf is a web penetration testing / enumeration tool for fuzzing and identifying vhosts, subdomains and web paths with an optional feature to drop into an interactive shell mid-scan to queue-manage and reconfigure filters.")
+  (license license:expat))
+go-github-com-ffuf-pencode
diff --git a/pwn/packages/impacket.scm b/pwn/packages/impacket.scm
new file mode 100644
index 0000000..7fcd547
--- /dev/null
+++ b/pwn/packages/impacket.scm
@@ -0,0 +1,77 @@
+(define-module (gnu packages impacket)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix gexp)
+  #:use-module (guix build-system python)
+  #:use-module (gnu packages python-xyz)
+  #:use-module (gnu packages python-web)
+  #:use-module (gnu packages python-crypto)
+  #:use-module (guix licenses))
+
+(define-public ldapdomaindump
+  (package
+    (name "ldapdomaindump")
+    (version "0.10.0")
+    (source (origin
+	      (method url-fetch)
+	      (uri (string-append "https://github.com/dirkjanm/ldapdomaindump/archive/refs/tags/v" version ".tar.gz"))
+		   (sha256
+		     (base32
+		       "0ngxhfswzzjqxkv1xnpzlcchiviv81n2lyyanw90j5450v8pkn75"))))
+    (build-system python-build-system)
+    (arguments
+      (list
+	#:tests? #f
+	#:phases
+	#~(modify-phases %standard-phases
+			 (add-before 'build 'build-ignore-toml 
+				     (lambda _
+				       (substitute* "pyproject.toml"
+						      (("license = \"MIT\"") ""))))))); upstream bug in pyproject.toml, but license specified by package def anyway
+     (propagated-inputs (list python-dnspython
+			     python-ldap3))
+    (synopsis "Active Directory information dumper via LDAP")
+    (description "In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user (or machine). This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an internal network. A problem is that data from LDAP often is not available in an easy to read format.
+
+ldapdomaindump is a tool which aims to solve this problem, by collecting and parsing information available via LDAP and outputting it in a human readable HTML format, as well as machine readable json and csv/tsv/greppable files.")
+    (home-page "https://github.com/dirkjanm/ldapdomaindump")
+    (license expat)))
+
+(define-public impacket
+  (package
+    (name "impacket")
+    (version "0.12.0")
+    (source (origin
+              (method url-fetch)
+              (uri "https://github.com/fortra/impacket/archive/refs/tags/impacket_0_12_0.tar.gz")
+              (sha256
+               (base32
+                "0v6n3z27bjhvgxx9vh2h723p40051ym8rmlsfkzh6fn054d9ah8w"))))
+    (build-system python-build-system)
+    (arguments
+      (list
+      #:tests? #f
+      #:phases
+      #~(modify-phases %standard-phases
+			 (add-before 'check 'fix-require 
+				     (lambda _
+				       (substitute* "setup.py"
+						      (("pyOpenSSL") "pyOpenSSL>=24.3.0"))))
+			 (delete 'sanity-check)))) ; gets confused over pyOpenSSL version after build success
+      (propagated-inputs (list python-six 
+			   python-pyasn1
+			   python-pyasn1-modules
+			   python-pycryptodomex
+			   python-pyopenssl
+			   python-ldap3
+			   python-flask
+			   python-charset-normalizer 
+			   ldapdomaindump))
+    (synopsis "Forta's Impacket tool suite for low-level programmatic access to packets, protocols and protocol implementations.")
+    (description "
+Impacket was originally created by SecureAuth, and now maintained by Fortra's Core Security.
+
+Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object-oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.")
+    (home-page "https://github.com/fortra/impacket")
+    (license asl2.0)))
+impacket
diff --git a/pwn/packages/medusa.scm b/pwn/packages/medusa.scm
new file mode 100644
index 0000000..0810b99
--- /dev/null
+++ b/pwn/packages/medusa.scm
@@ -0,0 +1,26 @@
+(define-module (pwn packages medusa)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix licenses)
+  #:use-module (gnu packages tls))
+
+(define-public medusa
+  (package
+    (name "Medusa")
+    (version "2.3")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://github.com/jmk-foofus/medusa/releases/download/2.3/medusa-" version
+                                  ".tar.gz"))
+              (sha256
+               (base32
+                "0lg2r31w7lssjmzy61vsdi97q2sqgn38x9asp56175igardvgdxh"))))
+    (build-system gnu-build-system)
+    (arguments '(#:configure-flags '("--enable-silent-rules")))
+    (inputs (list openssl))
+    (synopsis "Modular parallelized login brute-forcer")
+    (description "Medusa is a speedy, parallel, and modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible.")
+    (home-page "https://jmk-foofus.github.io/medusa/medusa.html")
+    (license gpl2)))
+medusa
diff --git a/pwn/packages/onesixtyone.scm b/pwn/packages/onesixtyone.scm
new file mode 100644
index 0000000..6c0f7a9
--- /dev/null
+++ b/pwn/packages/onesixtyone.scm
@@ -0,0 +1,39 @@
+(define-module (pwn packages onesixtyone)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix gexp)
+  #:use-module (guix build-system gnu)
+  #:use-module (guix licenses)
+  #:use-module (gnu packages tls))
+
+(define-public onesixtyone
+	       (package
+		 (name "onesixtyone")
+		 (version "0.3.4")
+		 (source (origin
+			   (method url-fetch)
+			   (uri (string-append "https://github.com/trailofbits/onesixtyone/archive/refs/tags/v" version
+					       ".tar.gz"))
+			   (sha256
+			     (base32
+			       "1an695jmb1mxy3pxl1crnhscsa8zr5vnya897d5x5bixwg631iwf"))))
+		 (build-system gnu-build-system)
+		 (arguments
+		   (list
+		     #:make-flags
+		     #~`("CC=gcc")
+		     #:phases
+		     #~(modify-phases %standard-phases
+				      (delete `configure)
+				      (delete `check)
+				      (replace 'install
+					       (lambda* (#:key outputs #:allow-other-keys)
+							(let* ((out (assoc-ref outputs "out"))
+							       (bin (string-append out "/bin")))
+							  (install-file "onesixtyone" bin)))))))
+		 (synopsis "SNMP scanner")
+		 (description "onesixtyone takes a different approach to SNMP scanning. It takes advantage of the fact that SNMP is a connectionless protocol and sends all SNMP requests as fast as it can. Then the scanner waits for responses to come back and logs them, in a fashion similar to Nmap ping sweeps. By default onesixtyone waits for 10 milliseconds between sending packets, which is adequate for 100MBs switched networks. The user can adjust this value via the -w command line option. If set to 0, the scanner will send packets as fast as the kernel would accept them, which may lead to packet drop.")
+		 (home-page "https://github.com/trailofbits/onesixtyone")
+		 (license gpl2)))
+onesixtyone
+
diff --git a/pwn/packages/packages.scm b/pwn/packages/packages.scm
new file mode 100644
index 0000000..f1fbeef
--- /dev/null
+++ b/pwn/packages/packages.scm
@@ -0,0 +1,45 @@
+(define-module (pwn packages)
+#:use-module (gnu)
+#:use-module (gnu packages dns)
+#:use-module (gnu packages networking)
+#:use-module (gnu packages databases)
+#:use-module (gnu packages rdesktop)
+#:use-module (gnu packages vnc)
+#:use-module (gnu packages admin)
+#:use-module (gnu packages password-utils)
+#:use-module (gnu packages python-web)
+#:use-module (gnu packages package-management)
+#:export (pwn-packages))
+
+(use-package-modules curl rsync samba dns)
+
+(define pwn-packages (list 
+		       ;; guix channel packages
+		       ;; basic packages from (gnu)
+		       curl rsync (list isc-bind "utils")
+		       samba ; provides smbclient 
+		       
+		       ;; from (admin) 
+		       nmap tcpdump
+
+		       ;; from (networking)
+		       socat fping
+		       
+		       ;; from (password-utils)
+		       john-the-ripper-jumbo
+		       hashcat hydra
+
+		       ;; from (databases)
+		       mysql
+		       
+		       ;; from (rdesktop)
+		       freerdp ; provides xfreerdp client
+
+		       ;; from (vnc)
+		       remmina
+
+		       ;; from (python-web)
+		       python-scrapy
+		       
+		       ;; from (package-management)
+		       nix pipx))