Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/pwnwriter/kanha

🦚 A web-app pentesting suite written in rust .
https://github.com/pwnwriter/kanha

hackers-tools hacsectools hactoberfest offsec-tools osint pentesting-suite pwntools pwnwriter recon unixporn

Last synced: about 1 month ago
JSON representation

🦚 A web-app pentesting suite written in rust .

Lists

README 

        




Kanha - A web-app pentesting suite written in rust 🦀
 





  Installation


  Subcommands


  Contribute

 




Crate Release



MIT LICENSE

Ko-fi



![-----------------------------------------------------][line]



img


    

[**`Kanha`**](/) is a tool that can help you perform, a variety of attacks based on the target domain . With just `kanha` you can do, [***`Fuzzing`***][wiki-fuzzing], [***`Reverse dns lookup`***][wiki-dns-lookup], [***`common http response`***][wiki-http], [***`subdomain takeover detection`***][wiki-subdomain] and many [**`more`**][commands]. 



The project is inspird by [`mini.nvim`][mini], basically helping you to be productive with less numbers of *tools(plugins)* installed on your system and be unobtrusive and function as a standalone **`single binary`** out of the box.



Built from the ground up with performance, ease of use, and portability in mind in your favourite programming lang [**`rust`**][rust] 💝



## Philosophy



- **KISS** - Keep things simple and stupid.

- **Ease** - Write code that can be used elsewhere as well.

- **Efficiency** - Optimize for performance without sacrificing readability.



## Installation 

    

   Binary 

     



  - *Manual* : You can directly download the binary of your arch from [**releases**][releases] and run it.

  - *One liner* : Run this script, requires `jq`,`curl`, `tar` & `wget`

   ```bash

wget -qO- "$(curl -qfsSL "https://api.github.com/repos/pwnwriter/kanha/releases/latest" | jq -r '.assets[].browser_download_url' | grep -Ei "$(uname -m).*$(uname -s).*musl" | grep -v "\.sha")" | tar -xzf - --strip-components=1

./kanha -h

``` 

  



> [!IMPORTANT]

> *_For upstream updates, it's recommended to build `kanha` from source !_*



 Source 

 



   

  ```bash

    git clone --depth=1 https://github.com/pwnwriter/kanha --branch=main

    cd kanha

    cargo build --release

  ``` 



 Cargo 



- Using [crates.io][crate]

  ```bash

  cargo install kanha

  ```

- Using [binstall][binstall]

  ```bash

  cargo binstall kanha

  ```



  > **Note** ⚠️

  > This requires a working setup of rust/cargo & binstall.



 METIS Linux 

 

  

  ```bash

  sudo/doas pacman -Syyy kanha

  ```



 Arch user repository 

 

  

  ```bash

  paru/yay -S kanha-git

  ```



## Subcommands

- ➊ `Status` :- Just return the HTTP response code of URLs



  

  Help

   



  ```bash

  $ kanha status -h

  Just return the HTTP response code of URLs



  Usage: kanha status [OPTIONS]



  Options:

    -f, --filename   A file containing multiple urls

    -t, --tasks         Define the maximum concurrent tasks [default: 20]

        --stdin                Reads input from the standard in

        --exclude     Define your status code for selective exclusion

    -h, --help                 Print help

    -V, --version              Print version



  ```



- ➋  `fuzz` :- Fuzz URLs and return the response codes

    

  

  Help

   

    

  ```bash

  $ kanha fuzz -h

  Fuzz a URL and return the response codes



  Usage: kanha fuzz [OPTIONS] --payloads 



  Options:

    -p, --payloads     A file containing a list of payloads

    -u, --url               A single url

    -f, --file-path   Path of the file containing multiple urls

    -t, --tasks           Define the maximum concurrent tasks [default: 20]

        --exclude       Define your status code for selective exclusion

        --stdin                  Reads input from the standard in

    -h, --help                   Print help

    -V, --version                Print version



  ```

  



- ➌ `rdns` :- Reverse dns lookup

    

  Help  

   

      

  ```bash

  

  $ kanha rdns  -h

  Reverse dns lookup



  Usage: kanha rdns [OPTIONS] --filename 



  Options:

    -f, --filename   a file containing a list of possible wordlists

        --stdin                Reads input from the standard in

    -h, --help                 Print help

    -V, --version              Print version

  ```



- ➍ `Takeover` :- Check possible subdomain takeover

    

  Help  

   

      

  ```bash

  $ kanha takeover -h

  Check possible subdomain takeover vulnerability



  Usage: kanha takeover [OPTIONS]



  Options:

    -u, --url               A single url

    -f, --file-path   Path of the file containing multiple urls

    -j, --json-file   A json file containing signature values of different services

        --stdin                  Reads input from the standard in

    -h, --help                   Print help

    -V, --version                Print version



  ```

    



- ➎ `urldencode` :- (De|En) code urls

  

   Help  

   

      

  ```bash

  $ kanha urldencode -h

  (De|En) code urls



  Usage: kanha urldencode [OPTIONS]

  

  Options:

        --encode   Provide a url to encode

        --decode   Provide a url to dencode

    -h, --help             Print help

    -V, --version          Print version

  

  ```



## Contributing

  - Recommend a new feature

  - Give the project a star

  - Add new [subcommand][commands].

  - Fix docx and improve code quality



## Also see 

- [`haylxon`][haylxon] :- Blazingly fast tool to grab screenshots of your domain list right from terminal written in rust 🦀

- [`httpx`][httpx] :- httpx is a fast and multi-purpose HTTP toolkit.

- [`ffuf`][ffuf] :- Fast web fuzzer written in Go



## FAQ 

 

- **Development:**

  - Progress may be gradual, but I assure you of delivering quality code!

- **Why this?**

  - This is a way for me to continually expand my knowledge in cybersecurity and Rust!

- **I want my quote in Kanha.**

  - Please feel free to add it [here][splash].



## Support

I am a student, i like working for open-source during my free time. If you appreciate my work, kindly consider supporting me through [Ko-fi][Ko-Fi].



## Copying 

 `Kanha` is licensed under the [**`MIT LICENSE`**][license], Feel free to consider Kanha as your own!

 



[license]:/LICENSE

[splash]:/src/interface/splashes.rs

[commands]:/src/commands

[releases]:https://github.com/pwnwriter/kanha/releases



[line]:https://github.com/pwnwriter/haylxon/blob/readme-assets/colored.png



[Ko-Fi]:https://ko-fi.com/pwnwriter

[haylxon]:https://github.com/pwnwriter/haylxon



[ffuf]:https://github.com/ffuf/ffuf

[httpx]:https://github.com/projectdiscovery/httpx



[crate]:https://crates.io/crates/kanha

[binstall]:https://github.com/cargo-bins/cargo-binstall

[mini]:https://github.com/echasnovski/mini.nvim

[rust]:https://www.rust-lang.org



[wiki-fuzzing]:https://en.wikipedia.org/wiki/Fuzzing

[wiki-dns-lookup]:https://en.wikipedia.org/wiki/Reverse_DNS_lookup

[wiki-http]:https://en.wikipedia.org/wiki/List_of_HTTP_status_codes

[wiki-subdomain]:https://en.wikipedia.org/wiki/Domain_hijacking





Copyright © 2023 - present  pwnwriter xyz  ☘️