ARCHIVED: Pentesting is not the first priority for me now, so this channel is not really maintainable.
Chur is a Guix channel providing the pentesting- and security-related packages not (yet) present in the upstream Guix.
Chur can be installed as a Guix channel. To do so, add it to ~/.config/guix/channels.scm:
(cons*
(channel
(name 'chur)
(url "https://github.com/aartaka/chur-guix"))
%default-channels)Then run guix pull.
This channel was created out of perfectionism and reluctance to commit changes in several rounds. If some of these packages are to be commited to main Guix repo, these should be good-written and fully-functional ones. This channel is, then, just a testing ground for the packages that will (possibly) find their way into Guix and the place for the (possibly proprietary) ones that somewhy won’t.
Chur is the ancient Slavic god of borders and private property. Small etymology section:
- Up to this day, people in Russia (and, I bet, in some other Slavic countries) say “(Be) Chur on me! [Чур меня!]” when they want to be guarded from the bad things happening around.
- “Chur, it’s me! [Чур, я!]” is, oppositely, a manifestation of a person’s property and willingness to own some thing/role/idea.
All in all, even though Chur as a god may have not existed at all (you never know…), it’s a good concept to tie to Pentesting-related channel. Pentesting, after all, is about drawing boundaries and outlining property – it’s exactly what Chur is responsible for :)
Use this channel for good and be Chur on you!
Manifest file with all the Chur packages and all the packages from Guix/elsewhere you might need for pentesting is in the writing. You can help with it by opening an issue with the packages you find necessary in your workflow!
There’s no system declaration file for hardened and pentesting-ready system yet, so you can be a person to contribute it!
Lynis can be handy in searching for security problems on your particular system, and its suggestions are the best starting points for the system declaration file.
You’re welcome to contribute the packages you think Chur lacks! Some tips:
- The packages you contribute should be related to Information Security in one way or another.
- Use GNU Guix Coding Style as a style reference.
- Make sure that the package you contribute is not present in the recent Guix versions :)
- If you cannot contribute the package yourself but need it implemented – open an issue with a “Package Request” template.
- The package division is not clear yet, so look at Kali and BlackArch in how they divide packages by categories and put the contributed packages in the same category, creating a new package-file if necessary.