A reproducible NixOS-based operating system for IoT penetration testing and hardware hacking.
PRE-RELEASE STATUS: ThingNix is currently in alpha development stage. We're actively looking for testers to help identify issues and provide feedback. See the Testing section to get involved!
ThingNix is a specialized NixOS distribution designed for security researchers, penetration testers, and hobbyists who work with Internet of Things (IoT) devices, embedded systems, and RF communications. It provides a declarative, reproducible environment with pre-configured tools for firmware analysis, radio frequency investigation, and hardware exploitation.
Trying to solve a major problem with other IOT Pentesting distributions. That is the lack of updates/integration with new security tools. Security is a constantly evolving filed and we belive in having cutting edge tools right at our fingertips!
- Reproducible Environments: Built on NixOS with Nix Flakes for consistent, declarative configurations
- Atomic Updates: Safe system upgrades with rollback capability
- Pre-configured Hardware Support: Ready-to-use drivers and udev rules for common pentesting hardware
- Specialized Tooling: Curated collection of tools for IoT security research
- Community-Driven: Open to contributions and tool suggestions
| Tool | Description |
|---|---|
| Binwalk | Firmware analysis and extraction tool |
| Ghidra | NSA's software reverse engineering framework |
| Radare2 | Advanced hexadecimal editor, disassembler, and debugger |
| Radare2-Cutter | GUI for Radare2 |
| Rizin | UNIX-like reverse engineering framework |
| OpenOCD | Open on-chip debugger for JTAG/SWD debugging |
| Flashrom | ROM/flash chip programmer for firmware extraction |
| GDB | GNU debugger for binary analysis |
| GDB-Multitarget | GNU debugger with multi-architecture support |
| IDA Free | Interactive disassembler (free version) |
| Firmware-mod-kit | Tools to extract, modify and rebuild firmware images |
| Unicorn | CPU emulator framework |
| Tool | Description |
|---|---|
| RTL-SDR | Software defined radio with RTL2832U chipset |
| GNURadio | Signal processing framework for SDR |
| GQRX | Software defined radio receiver |
| Inspectrum | Tool for analyzing captured RF signals |
| SDR++ | Modern SDR software with intuitive interface |
| SDRangel | Multi-device SDR receiver/analyzer |
| HackRF | Tools for HackRF SDR platform |
| Multimon-NG | Digital transmission decoder (POCSAG, FLEX, etc.) |
| Baudline | Time-frequency browser for signal analysis |
| Airspy | Tools for Airspy SDR hardware |
| gr-osmosdr | GNURadio block for various SDR hardware |
| Kalibrate-RTL | Tool to check frequency accuracy of GSM base stations |
| Tool | Description |
|---|---|
| KillerBee | Framework for Zigbee/IEEE 802.15.4 security testing |
| Bleah | BLE scanner for smart devices hacking |
| Crackle | Decrypt and crack Bluetooth Smart (BLE) encryption |
| BTLEJack | Bluetooth Low Energy Swiss-army knife |
| Bluez | Linux Bluetooth protocol stack |
| Ubertooth | Open source platform for Bluetooth experimentation |
| Bluez-tools | Command-line utilities for Bluetooth |
| Bluez-alsa | Bluetooth ALSA backend |
| Btscanner | Bluetooth device scanner |
| RFcat | RF analysis for sub-GHz communication |
| Tool | Description |
|---|---|
| Nmap | Network discovery and security auditing tool |
| Metasploit | Penetration testing framework |
| Bettercap | Swiss-army knife for network attacks and monitoring |
| RouterSploit | Framework for embedded device exploitation |
| Expliot | IoT exploitation framework |
| Wireshark | Network protocol analyzer |
| Burpsuite | Web application security testing platform |
| ZAP Proxy | OWASP web application security scanner |
| SQLmap | Automatic SQL injection tool |
| THC-Hydra | Network login cracker |
| John the Ripper | Password cracking tool |
| Hashcat | Advanced password recovery utility |
| Aircrack-ng | Wireless network security assessment tools |
| Tool | Description |
|---|---|
| OpenOCD | On-chip debugging, in-system programming, boundary-scan testing |
| Sigrok | Signal analysis software suite |
| Pulseview | Logic analyzer user interface for Sigrok |
| Avrdude | AVR microcontroller programmer |
| Arduino | Arduino IDE and tools |
| PlatformIO | Cross-platform IDE for embedded development |
| I2C-tools | Utilities for I2C bus |
| SPI-tools | Utilities for SPI bus |
| Flashrom | Universal ROM/flash chip programmer |
| Bus Pirate | Hardware and software tools for bus communication |
| Logic analyzer | Digital signal capture and analysis |
| Tool | Description |
|---|---|
| Python3 | Programming language with tools for IoT security |
| Wireshark | Network protocol analyzer |
| QEMU | Open source machine emulator and virtualizer |
| Sigrok | Signal analysis software suite |
| Git | Version control system |
| VSCode | Code editor for development and analysis |
| Docker | Container platform for isolated testing |
| Virt-Manager | Desktop tool for managing virtual machines |
| OpenSSH | Remote access and file transfer tools |
| Tmux | Terminal multiplexer for managing multiple console sessions |
To build and use ThingNix:
-
Clone the repository:
git clone https://github.com/HexGuard-Security/ThingNix.git cd ThingNix -
Build the ISO using the build script:
./build.sh
-
Flash the ISO to a USB drive:
sudo dd if=build/thingnix-0.1.0-alpha-x86_64_linux.iso of=/dev/sdX bs=4M status=progress
-
Boot from the USB drive and start hacking!
- Minimal: 2GB RAM, dual-core CPU, 20GB storage
- Recommended: 8GB+ RAM, quad-core CPU, 50GB+ SSD, compatible SDR hardware
- x86_64 (primary)
- aarch64 (experimental)
ThingNix uses Nix Flakes to create reproducible builds. The build process varies depending on your host system:
If you're running Linux, you can build ThingNix directly:
# Make sure you have Nix installed with flakes enabled
nix-shell -p nixos-generators git
# Clone and build
git clone https://github.com/HexGuard-Security/ThingNix.git
cd ThingNix
./build.shBuilding NixOS-based systems on macOS requires additional steps. We've provided detailed instructions in docs/BUILD-ON-MAC.md.
In short, you'll need to:
- Set up a Linux VM or container environment
- Build the ISO inside that environment
- Transfer the ISO back to your host system
Building on Windows requires WSL2 (Windows Subsystem for Linux) with a Linux distribution that supports Nix. Follow the Linux instructions after setting up your WSL environment.
We need your help! ThingNix is currently in alpha and we're looking for testers to help improve it before the official release. As a tester, you'll:
- Build and try out pre-release versions of ThingNix
- Test compatibility with various hardware devices
- Report bugs and provide feedback
- Help improve documentation
- Suggest features and improvements
To become a tester:
- Star and watch this repository for updates
- Join our Discord server to connect with other testers
- Check the Issues page for known issues and testing tasks
- Report your findings by creating new issues with the "testing" label
We particularly need testers with:
- Various SDR hardware (RTL-SDR, HackRF, etc.)
- IoT development boards
- JTAG/SWD debugging hardware
- Zigbee/BLE sniffers
ThingNix features a growing collection of custom assets including icons, wallpapers, and themes:
Are you skilled with:
- Vector graphics design (SVG)
- Inkscape or other open-source design tools
- UI/UX design for Linux environments
- GNU/Linux theming
Join our community and help shape the visual identity of ThingNix! We welcome contributions for:
- Additional wallpapers
- Tool-specific icons
- UI theme improvements
- Logo variations
- Documentation illustrations
See our contribution guidelines to get started or join our Discord community.
ThingNix is designed to be easily customizable. See CUSTOMIZATION.md for details on how to:
- Add your own tools and packages
- Customize the desktop environment
- Configure hardware support
- Create custom modules
ThingNix comes with a comprehensive suite of pre-installed security tools. For a complete list, see TOOLS.md.
If you need a tool that isn't included, check our documentation on adding custom packages.
ThingNix is designed to work with common IoT pentesting hardware:
- SDR receivers (RTL-SDR, HackRF, etc.)
- JTAG/SWD debuggers
- Flash programmers (CH341A, etc.)
- Zigbee/BLE sniffers
See HARDWARE.md for detailed compatibility information.
# Clone the repository
git clone https://github.com/HexGuard-Security/ThingNix.git
cd ThingNix
# Build a minimal ISO with the current config
./build.shFor more advanced build options:
# Build for a specific architecture
./build.sh --arch aarch64-linux
# Clean before building
./build.sh --clean
# Get help on build options
./build.sh --helpThingNix welcomes contributions! Please feel free to submit issues or pull requests for:
- Adding new tools to the distribution
- Creating Nix packages for tools not currently in nixpkgs
- Improving hardware compatibility
- Developing automation scripts for common tasks
- Documentation improvements
For tools not available in nixpkgs or issues with current packages, please submit an issue on GitHub.
- Complete base configuration
- Package missing tools (FAT, ZBGoodLord, SDRangel)
- Test hardware compatibility
- Create automation scripts
- Implement kernel tweaks for SDR latency
- Add USB gadget attack capabilities
- Release first ISO image
- Website: hexguard.net
- GitHub: HexGuard-Security/ThingNix
- Discord: Join our community
- Twitter: @HexGuardSec
ThingNix is released under the MIT License.
Developed and maintained by HexGuard Security