diff --git a/machines/kat-darknet/configuration.nix b/machines/kat-darknet/configuration.nix
new file mode 100644
index 0000000..a2cdb84
--- /dev/null
+++ b/machines/kat-darknet/configuration.nix
@@ -0,0 +1,48 @@
+{
+  ...
+}:
+{
+  deployment = {
+    targetHost = "darknet.kat";
+    tags = [ "kat-vms" ];
+  };
+
+  imports = [
+    ./hardware-configuration.nix
+    ./disks.nix
+  ];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelParams = [ "console=ttyS0" ];
+  };
+
+  systemd.network.networks."10-enp1s0" = {
+    name = "enp1s0";
+    address = [
+      "192.168.122.8/24"
+      "fe80::8/64"
+    ];
+    routes = [
+      {
+        Gateway = "192.168.122.1";
+      }
+    ];
+    dns = [ "192.168.122.1" ];
+  };
+
+  services = {
+    getty.autologinUser = "root";
+    openssh.enable = true;
+  };
+
+  networking = {
+    useDHCP = false;
+    firewall.enable = false;
+  };
+
+  system.stateVersion = "23.11";
+}
diff --git a/machines/kat-darknet/default.nix b/machines/kat-darknet/default.nix
new file mode 100644
index 0000000..66da70b
--- /dev/null
+++ b/machines/kat-darknet/default.nix
@@ -0,0 +1,4 @@
+{
+  meta.unstable = true;
+  config = import ./configuration.nix;
+}
diff --git a/machines/kat-darknet/disks.nix b/machines/kat-darknet/disks.nix
new file mode 100644
index 0000000..43ff88d
--- /dev/null
+++ b/machines/kat-darknet/disks.nix
@@ -0,0 +1,29 @@
+{
+  disko.devices = {
+    disk = {
+      vda = {
+        device = "/dev/vda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+  boot.initrd.kernelModules = [ "virtiofs" ];
+  fileSystems."/" = {
+    device = "root";
+    fsType = "virtiofs";
+  };
+}
diff --git a/machines/kat-darknet/hardware-configuration.nix b/machines/kat-darknet/hardware-configuration.nix
new file mode 100644
index 0000000..a8ceb20
--- /dev/null
+++ b/machines/kat-darknet/hardware-configuration.nix
@@ -0,0 +1,27 @@
+{
+  lib,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "ahci"
+        "xhci_pci"
+        "virtio_pci"
+        "sr_mod"
+        "virtio_blk"
+      ];
+      kernelModules = [ ];
+    };
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+  };
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/modules/ssh.nix b/modules/ssh.nix
index d7f64ca..b6d353b 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -45,6 +45,11 @@
         proxyJump = "manah.kat";
       };
 
+      "darknet.kat" = {
+        user = "root";
+        hostname = "fe80::8%%virbr0";
+        proxyJump = "manah.kat";
+      };
       "sas.ens" = {
         user = "lbailly";
         hostname = "sas.eleves.ens.fr";