synchronous/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

generation 486 25.11.20250714.62e0f05

Browse Source
This commit is contained in:
Jake Ginesin
2025-08-04 22:31:49 -04:00
parent 5f41363bf2
commit f6f3887d18
7 changed files with 52 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -25,7 +25,7 @@ sudo nixos-rebuild switch --flake.#thonkpad
- [hlissner](https://github.com/hlissner/dotfiles) (also uses bspwm) - [hlissner](https://github.com/hlissner/dotfiles) (also uses bspwm)
# For if you're not me # For if you're not me
My setup is designed for (1) [academic research](https://jakegines.in/research) in my PhD, and (2) security research, in my work as a cryptographic auditor. I would highly recommend *not* (not) installing this bare and trying to figure out my system. Read my system manually and pick out the parts you're interested in. My setup is designed for (1) [academic research](https://jakegines.in/research) in my PhD, and (2) security research, in my work as a cryptographic auditor. I would highly recommend *not* (not) installing this bare and trying to rawdog figure out my system. Read my system configuration manually and pick out the parts you're interested in.
Some subtleties about my setup: Some subtleties about my setup:
- tailscale and syncthing are automatically set up. my note system is integrated with the OS itself with [nf](https://github.com/JakeGinesin/nix-dots/blob/master/home/scripts/journal/nf.sh), alacritty, and rofi. syncing of notes between my server, my phone, and my computer(s) is fully automatic, bootstrapping from the agenix'ed API keys - tailscale and syncthing are automatically set up. my note system is integrated with the OS itself with [nf](https://github.com/JakeGinesin/nix-dots/blob/master/home/scripts/journal/nf.sh), alacritty, and rofi. syncing of notes between my server, my phone, and my computer(s) is fully automatic, bootstrapping from the agenix'ed API keys

2
home/home.nix
View File

@@ -130,6 +130,8 @@ in {
dhcpcd dhcpcd
wireshark wireshark
postman postman
nuclei
subfinder
] ]
++ ( ++ (
with lib; let with lib; let

1
home/scripts/security/sg.sh Normal file
View File

@@ -0,0 +1 @@
semgrep --config=p/cwe-top-25 --config=p/owasp-top-ten --config=/home/synchronous/extras/semgrep-rules --exclude '*example*' --exclude '*test*' --severity ERROR -- .

33
home/scripts/security/sub-to-ip.sh Executable file
View File

@@ -0,0 +1,33 @@
if [ -z "$1" ]; then
echo "Usage: $0 domain.com"
exit 1
fi
DOMAIN="$1"
OUTPUT_FILE="ips.txt"
SUBS_FILE="subs.txt"
echo "[*] Enumerating subdomains for $DOMAIN..."
subfinder -silent -d "$DOMAIN" -o "$SUBS_FILE"
if [ ! -s "$SUBS_FILE" ]; then
echo "[!] No subdomains found or subfinder failed."
exit 1
fi
echo "[*] Resolving IPs..."
> "$OUTPUT_FILE"
while read -r sub; do
ips=$(dig +short "$sub" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$')
if [ -n "$ips" ]; then
for ip in $ips; do
echo "[+] $sub resolved to $ip"
echo "$ip" >> "$OUTPUT_FILE"
done
else
echo "[-] $sub did not resolve"
fi
done < "$SUBS_FILE"
echo "[*] IPs saved to $OUTPUT_FILE"

7
home/scripts/security/subenum2.sh Executable file
View File

@@ -0,0 +1,7 @@
if [ -z "$1" ]; then
echo "Usage: $0 <domain>"
echo "Example: $0 example.com"
exit 1
fi
subfinder -silent -d $1

7
home/scripts/security/testssl.sh Normal file
View File

@@ -0,0 +1,7 @@
# https://github.com/testssl/testssl.sh
if [ -z "$1" ]; then
echo "Usage: $0 <domain>"
echo "Example: $0 example.com"
exit 1
fi
docker run --rm -it ghcr.io/testssl/testssl.sh $1

1
home/scripts/security/truffle.sh Normal file
View File

@@ -0,0 +1 @@
docker run --rm -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest filesystem .