kanha: A web-app pentesting suite written in Rust

by ddos ·

kanha

Kanha is a tool that can help you perform, a variety of attacks based on the target domain. With just kanha, you can do, FuzzingReverse dns lookupcommon http responsesubdomain takeover detection and many more.

The project is inspired by mini.nvim, basically helping you to be productive with less numbers of tools(plugins) installed on your system be unobtrusive, and function as a standalone single binary out of the box.

Philosophy

  • KISS – Keep things simple and stupid.
  • Ease – Write code that can be used elsewhere as well.
  • Efficiency – Optimize for performance without sacrificing readability.

Use

Status :- Just return the HTTP response code of URLs

$ kanha status -h
Just return the HTTP response code of URLs

Usage: kanha status [OPTIONS]

Options:
  -f, --filename <FILENAME>  A file containing multiple urls
  -t, --tasks <TASKS>        Define the maximum concurrent tasks [default: 20]
      --stdin                Reads input from the standard in
      --exclude <EXCLUDE>    Define your status code for selective exclusion
  -h, --help                 Print help
  -V, --version              Print version

fuzz :- Fuzz URLs and return the response codes

$ kanha fuzz -h
Fuzz a URL and return the response codes

Usage: kanha fuzz [OPTIONS] --payloads <PAYLOADS>

Options:
  -p, --payloads <PAYLOADS>    A file containing a list of payloads
  -u, --url <URL>              A single url
  -f, --file-path <FILE_PATH>  Path of the file containing multiple urls
  -t, --tasks <TASKS>          Define the maximum concurrent tasks [default: 20]
      --exclude <EXCLUDE>      Define your status code for selective exclusion
      --stdin                  Reads input from the standard in
  -h, --help                   Print help
  -V, --version                Print version

rdns :- Reverse dns lookup


$ kanha rdns  -h
Reverse dns lookup

Usage: kanha rdns [OPTIONS] --filename <FILENAME>

Options:
  -f, --filename <FILENAME>  a file containing a list of possible wordlists
      --stdin                Reads input from the standard in
  -h, --help                 Print help
  -V, --version              Print version

Takeover :- Check possible subdomain takeover

$ kanha takeover -h
Check possible subdomain takeover vulnerability

Usage: kanha takeover [OPTIONS]

Options:
  -u, --url <URL>              A single url
  -f, --file-path <FILE_PATH>  Path of the file containing multiple urls
  -j, --json-file <JSON_FILE>  A json file containing signature values of different services
      --stdin                  Reads input from the standard in
  -h, --help                   Print help
  -V, --version                Print version

urldencode :- (De|En) code urls

$ kanha urldencode -h
(De|En) code urls

Usage: kanha urldencode [OPTIONS]

Options:
      --encode <ENCODE>  Provide a url to encode
      --decode <DECODE>  Provide a url to dencode
  -h, --help             Print help
  -V, --version          Print version

Install

Copyright (c) 2023 PwnWriter < pwnwriter.xyz >