2 files changed, 82 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/tools/security/zgrab2/default.nix b/nixpkgs/pkgs/tools/security/zgrab2/default.nix
new file mode 100644
index 000000000000..c91c1b876099
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/zgrab2/default.nix
@@ -0,0 +1,36 @@
+{ lib
+, buildGoModule
+, fetchFromGitHub
+}:
+
+buildGoModule rec {
+  pname = "zgrab2";
+  version = "unstable-2023-03-23";
+
+  src = fetchFromGitHub {
+    owner = "zmap";
+    repo = pname;
+    rev = "911c86f13080ceae98f8d63d1ae0e85c4a8f7f61";
+    hash = "sha256-VOWkBM/SziY3jiIaYYWq+LRzG4vKitiscqdIDfRUkYY=";
+  };
+
+  vendorHash = "sha256-Q3FCqvh4vn64QXqcePhVWTyIHJarI6I4YonH3X/7RhI=";
+
+  patches = [
+    # Without this, we get error messages like:
+    # vendor/golang.org/x/sys/unix/syscall.go:83:16: unsafe.Slice requires go1.17 or later (-lang was set to go1.16; check go.mod)
+    # The patch was generated by changing "go 1.12" to "go 1.17" and executing `go mod tidy -compat=1.17`.
+    ./fix-go-version-error.patch
+  ];
+
+  subPackages = [
+    "cmd/zgrab2"
+  ];
+
+  meta = with lib; {
+    description = "Web application scanner";
+    homepage = "https://github.com/zmap/zgrab2";
+    license = with licenses; [ asl20 isc ];
+    maintainers = with maintainers; [ fab juliusrickert ];
+  };
+}
diff --git a/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch b/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch
new file mode 100644
index 000000000000..797bd542be80
--- /dev/null
+++ b/nixpkgs/pkgs/tools/security/zgrab2/fix-go-version-error.patch
@@ -0,0 +1,46 @@
+diff --git a/go.mod b/go.mod
+index 888f10e..5463ef5 100644
+--- a/go.mod
++++ b/go.mod
+@@ -1,25 +1,33 @@
+ module github.com/zmap/zgrab2
+
+-go 1.12
++go 1.17
+
+ require (
+-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+-	github.com/go-kit/kit v0.10.0 // indirect
+-	github.com/golang/protobuf v1.5.3 // indirect
+ 	github.com/hdm/jarm-go v0.0.7
+ 	github.com/prometheus/client_golang v1.14.0
+-	github.com/prometheus/common v0.42.0 // indirect
+-	github.com/prometheus/procfs v0.9.0 // indirect
+ 	github.com/sirupsen/logrus v1.9.0
+-	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
+ 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
+ 	github.com/zmap/zflags v1.4.0-beta.1.0.20200204220219-9d95409821b6
+ 	golang.org/x/crypto v0.7.0
+ 	golang.org/x/net v0.8.0
+ 	golang.org/x/sys v0.6.0
+ 	golang.org/x/text v0.8.0
+-	google.golang.org/protobuf v1.30.0 // indirect
+ 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
+ 	gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22
+ 	gopkg.in/yaml.v2 v2.4.0
+ )
++
++require (
++	github.com/beorn7/perks v1.0.1 // indirect
++	github.com/cespare/xxhash/v2 v2.2.0 // indirect
++	github.com/golang/protobuf v1.5.3 // indirect
++	github.com/kr/pretty v0.2.1 // indirect
++	github.com/kr/text v0.1.0 // indirect
++	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
++	github.com/prometheus/client_model v0.3.0 // indirect
++	github.com/prometheus/common v0.42.0 // indirect
++	github.com/prometheus/procfs v0.9.0 // indirect
++	github.com/weppos/publicsuffix-go v0.30.0 // indirect
++	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
++	google.golang.org/protobuf v1.30.0 // indirect
++)