🦚 A web-app pentesting suite written in rust .

Nabeen Tiwaree

Last update: Sep 19, 2023

Related tags

Command-line osint pwntools recon unixporn hackers-tools pwnwriter hacsectools offsec-tools pentesting-suite

Overview

`Kanha` - A web-app pentesting suite written in rust 🦀

`Installation` ⦾ `Subcommands` ⦾ `Contribute`

Kanha is a tool that can help you perform, a variety of attacks based on the target domain . With just kanha you can do, Fuzzing, Reverse dns lookup, common http response, subdomain takeover detection and many more.

The project is inspird by mini.nvim, basically helping you to be productive with less numbers of tools(plugins) installed on your system and be unobtrusive and function as a standalone single binary out of the box.

Built from the ground up with performance, ease of use, and portability in mind in your favourite programming lang rust 💝

🧠 Philosophy

KISS - Keep things simple and stupid.
Ease - Write code that can be used elsewhere as well.
Efficiency - Optimize for performance without sacrificing readability.

🐱 Installation

🪄 Binary

You can directly download the binary of your arch and run it.

🌼 Source

git clone --depth=1 https://github.com/pwnwriter/kanha --branch=main
cd kanha
cargo build --release

Then go to release dir and ./kanha or move the binary to your any $PATH for instant access from anywhere.

🎠 Cargo

Using crates.io
```
cargo install kanha
```
Using binstall
```
cargo binstall kanha
```
Note ⚠️ This requires a working setup of rust/cargo & binstall.

🚩 METIS Linux

sudo/doas pacman -Syyy kanha

🌈 Subcommands

➊ Status :- Just return the HTTP response code of URLs

👻 Help

$ kanha status -h

Just return the HTTP response code of URLs

Usage: kanha status [OPTIONS]

  Options:
  -f, --filename <FILENAME>  A url or a file containing multiple urls
      --stdin                Reads input from the standard in
  -t, --tasks <TASKS>        Define the maximum concurrent tasks [default: 10]
  -h, --help                 Print help
  -V, --version              Print version

🦊 Screenshots

➋ fuzz :- Fuzz URLs and return the response codes

👻 Help

$ kanha fuzz -h
Fuzz URLs and return the response codes

Usage: kanha fuzz [OPTIONS] --wordlist <WORDLIST> --url <URL>

Options:
  -w, --wordlist <WORDLIST>  A file containing a list of possible wordlists
  -u, --url <URL>            Provide a url to fuzz
  -t, --tasks <TASKS>        Define the maximum concurrent tasks [default: 10]
  -h, --help                 Print help
  -V, --version              Print version

🦊 Screenshots

➌ rdns :- Reverse dns lookup

👻 Help

$ kanha rdns  -h
  Reverse dns lookup

  Usage: kanha rdns [OPTIONS] --filename <FILENAME>

  Options:
    -f, --filename <FILENAME>  a file containing a list of possible wordlists
        --stdin                Reads input from the standard in
    -h, --help                 Print help
    -V, --version              Print version

🦊 Screenshots

➍ Takeover :- Check possible subdomain takeover

👻 Help

Check possible subdomain takeover

Usage: kanha takeover [OPTIONS] --json-file <JSON_FILE>

Options:
  -j, --json-file <JSON_FILE>  A json file containing signature values of different services
  -f, --filename <FILENAME>    A file containing a list of urls
      --stdin                  Reads input from the standard in
  -h, --help                   Print help
  -V, --version                Print version

🦊 Screenshots

👐 Contributing

🪶 Recommend a new features
⭐ Give the project a star
🐎 Add new subcommand.
🧑‍🚒 Fix docx // improve code quality

Also see 👀

haylxon :- Blazingly fast tool to grab screenshots of your domain list right from terminal written in rust 🦀
httpx :- httpx is a fast and multi-purpose HTTP toolkit.
ffuf :- Fast web fuzzer written in Go

License 🔐

As always, this project is also licensed under the MIT LICENSE

Comments

chore(deps): bump serde_json from 1.0.105 to 1.0.106
Bumps serde_json from 1.0.105 to 1.0.106.

Release notes

Sourced from serde_json's releases.

v1.0.106

Add Value::as_number accessor (#1069, thanks @chanced)

Add Number::as_str accessor under "arbitrary_precision" feature (#1067, thanks @chanced)

Commits

45f10ec Release 1.0.106

f346308 Elaborate on documentation of Number::as_str

f16cad6 Add cfg banner to documentation of Number::as_str

fc8dd13 Touch up PR 1067

028b643 Merge pull request #1067 from chanced/add-as_str-to-number

db75c22 Fix unintended u8 link inferred by intra doc link

11b603c Resolve rustdoc::redundant_explicit_links lint

95c5d6c Fix documentation typo from PR 1069

5a39516 Reorder Value::as_number after is_number

6a5fef9 Wrap as_number documentation to 80 columns

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 1
chore(deps): bump clap from 4.4.2 to 4.4.3
Bumps clap from 4.4.2 to 4.4.3.

Release notes

Sourced from clap's releases.

v4.4.3

[4.4.3] - 2023-09-12

Documentation

(derive) Clarify use of attributes within the tutorial

Split sections in the builder and derive tutorials into separate modules

Changelog

Sourced from clap's changelog.

[4.4.3] - 2023-09-12

Documentation

(derive) Clarify use of attributes within the tutorial

Split sections in the builder and derive tutorials into separate modules

Commits

e9668b3 chore: Release

bc4986e docs: Update changelog

3d53641 Merge pull request #5122 from epage/docs

32586c7 docs(tutorial): Split into separate modules per section

5f6d4a3 docs(tutorial): Split out into a module

20987de Merge pull request #5121 from epage/docs

9e7404b docs(tutorial): Attempt to clarify attributes

db97a2c docs(derive): Clarify value attributes are for PossibleValue

37ba607 chore: Release

3234c74 docs: Update changelog

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
chore(deps): bump clap from 4.4.3 to 4.4.4
Bumps clap from 4.4.3 to 4.4.4.

Release notes

Sourced from clap's releases.

v4.4.4

[4.4.4] - 2023-09-18

Internal

Update terminal_size to 0.3

Changelog

Sourced from clap's changelog.

[4.4.4] - 2023-09-18

Internal

Update terminal_size to 0.3

Commits

e6e5396 chore: Release

acbb60c docs: Update changelog

f09d521 Merge pull request #5129 from cgwalters/widen-terminal-size

84f99ff chore(builder): Bump terminal_size to 0.3

7f8df27 Merge pull request #5124 from devinherron/master

4dff873 fix(doc): Fix typo in 03_04_subcommands.md

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
chore(deps): bump dns-lookup from 2.0.2 to 2.0.3
Bumps dns-lookup from 2.0.2 to 2.0.3.

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
chore(deps): bump serde_json from 1.0.105 to 1.0.107
Bumps serde_json from 1.0.105 to 1.0.107.

Release notes

Sourced from serde_json's releases.

v1.0.107

impl IntoDeserializer for &RawValue (#1071)

v1.0.106

Add Value::as_number accessor (#1069, thanks @chanced)

Add Number::as_str accessor under "arbitrary_precision" feature (#1067, thanks @chanced)

Commits

b6e113f Release 1.0.107

00626a0 Merge pull request #1073 from dtolnay/rawvalue

b9d296f IntoDeserializer for &RawValue

4ea34a2 Merge pull request #1072 from dtolnay/rawvalue

fe30766 Support deserializing from &RawValue

2c22077 Merge pull request #1062 from osiewicz/remove_build_rs

04f7758 fixup! chore: Remove no_btreemap_get_key_value and no_btreemap_remove_entry.

83bdc5f Omit return keyword in remove_entry

89a2741 Revert "Remove limb_width32 and limb_width64 features"

45f10ec Release 1.0.106

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
add/exclude HTTP status code filter for fuzz

Hi,

I am creating this issue for adding/excluding -is or --include-status and -es or --exclude-status to filter HTTP status code because it's missing the feature in fuzz, Making lots of requests and there is no way to get the exact filtering for HTTP status code.

Looking forward to hearing from you.

Thanks
enhancement good first issue

opened by rudSarkar 1

Releases(v0.1.0)

v0.1.0(Sep 8, 2023)
Initial release v0.1.0 of kanha

Available subcommands

- ➊ Status :- Just return the HTTP response code of URLs - ➋ fuzz :- Fuzz URLs and return the response codes - ➌ rdns :- Reverse dns lookup - ➍ Takeover :- Check possible subdomain takeover
Source code(tar.gz)
Source code(zip)
kanha-0.1.0-aarch64-apple-darwin.tar.gz(1.94 MB)
kanha-0.1.0-aarch64-apple-darwin.tar.gz.sha512(170 bytes)
kanha-0.1.0-aarch64-unknown-linux-gnu.tar.gz(2.50 MB)
kanha-0.1.0-aarch64-unknown-linux-gnu.tar.gz.sha512(175 bytes)
kanha-0.1.0-aarch64-unknown-linux-musl.tar.gz(2.64 MB)
kanha-0.1.0-aarch64-unknown-linux-musl.tar.gz.sha512(176 bytes)
kanha-0.1.0-armv5te-unknown-linux-gnueabi.tar.gz(2.52 MB)
kanha-0.1.0-armv5te-unknown-linux-gnueabi.tar.gz.sha512(179 bytes)
kanha-0.1.0-armv7-unknown-linux-gnueabihf.tar.gz(2.49 MB)
kanha-0.1.0-armv7-unknown-linux-gnueabihf.tar.gz.sha512(179 bytes)
kanha-0.1.0-i686-pc-windows-msvc.zip(1.64 MB)
kanha-0.1.0-i686-unknown-linux-gnu.tar.gz(2.62 MB)
kanha-0.1.0-i686-unknown-linux-gnu.tar.gz.sha512(172 bytes)
kanha-0.1.0-i686-unknown-linux-musl.tar.gz(2.90 MB)
kanha-0.1.0-i686-unknown-linux-musl.tar.gz.sha512(173 bytes)
kanha-0.1.0-x86_64-apple-darwin.tar.gz(2.00 MB)
kanha-0.1.0-x86_64-apple-darwin.tar.gz.sha512(169 bytes)
kanha-0.1.0-x86_64-pc-windows-msvc.zip(1.79 MB)
kanha-0.1.0-x86_64-unknown-linux-gnu.tar.gz(2.58 MB)
kanha-0.1.0-x86_64-unknown-linux-gnu.tar.gz.sha512(174 bytes)
kanha-0.1.0-x86_64-unknown-linux-musl.tar.gz(2.79 MB)
kanha-0.1.0-x86_64-unknown-linux-musl.tar.gz.sha512(175 bytes)

Owner

Nabeen Tiwaree

18y/o, creator of @metis-os, infosec *nix systems.

GitHub https://crates.io/crates/kanha

Coppers is a custom test harnass for Rust that measures the energy usage of your test suite.

Coppers Coppers is a test harness for Rust that can measure the evolution of power consumptions of a Rust program between different versions with the

175 Dec 4, 2022

Holo is a suite of routing protocols designed to support high-scale and automation-driven networks.

Holo is a suite of routing protocols designed to support high-scale and automation-driven networks. For a description of what a routing protocol is, p

42 Apr 16, 2023

JA4+ is a suite of network fingerprinting standards

JA4+ Network Fingerprinting JA4+ is a suite of network fingerprinting methods that are easy to use and easy to share. These methods are both human and

94 Oct 5, 2023

A todo list app that indexes your app to find TODO:'s

forgot A todo list app that indexes your app to find TODO:'s Usage to list all your todos forgot list list all your todos ignoring search in ./target,

2 Oct 6, 2022

Dragonfly, POC full-stack web app DSL

Dragonfly Dragonfly is a toy DSL that explores ways to describe the structure of full-stack web applications. You should not use it in production. For

9 Mar 15, 2023

zigfi is an open-source stocks, commodities and cryptocurrencies price monitoring CLI app, written fully in Rust, where you can organize assets you're watching easily into watchlists for easy access on your terminal.

zigfi zigfi is an open-source stocks, commodities and cryptocurrencies price monitoring CLI app, written fully in Rust, where you can organize assets

18 Oct 24, 2022

A clock app in terminal written in Rust, supports local clock, timer and stopwatch.

clock-tui (tclock) A clock app in terminal. It support the following modes: Clock Timer Stopwatch Countdown Usage Install Install excutable by cargo:

14 Dec 20, 2022

Simple Interactive Terminal Todo App in Rust

todo-rs Simple Interactive Terminal Todo App in Rust Quick Start $ cargo run TODO Controls Keys Description k, j Move cursor up and down Shift+K, Shif

56 Dec 8, 2022

Replace an app's icon from a png with a single terminal script. Made with Rust

Replace macOS App Icon Replace an app's icon from a png with a single terminal CLI. Made with Rust

8 Aug 3, 2022

Simple test app based on rust-psp

PSP Test App Simple test app based on rust-psp. Demonstrating the usage of C libs. Build Download and unzip the prebuilt PSPSDK (built from clang-psp)

4 Nov 28, 2022

🔭 Search Dash.app from Neovim with Telescope. Built with Rust 🦀 and Lua

Dash.nvim Query Dash.app within Neovim with a Telescope picker! The theme used in the recording is lighthaus.nvim. Note: Dash is a Mac-only app, so yo

193 Dec 28, 2022

Simple system monitoring app that runs on terminal. Made purely with Rust.

What is it? RCTOP is a simple WIP system monitoring app that runs purely on terminal and doesn't feature GUI. One can compare it to htop, but more str

7 Oct 14, 2022

Rust-based language and runtime for cross-platform app development

Pax Pax is a cross-platform rendering engine & Rust framework for interactive graphics, animations, and GUIs. Pax extends the Rust programming languag

75 Dec 19, 2022

Simple but convenient CLI-based Matrix client app for sending and receiving (in Rust)

matrix-commander-rs simple but convenient CLI-based Matrix client app for sending and receiving Help create this Rust program! This project is current

19 Dec 30, 2022

A pure Rust, cross-platform soundboard app

afx This thing is my attempt at a soundboard program. afx.mp4 Why? I tried some prior art and decided that none of the existing options fit my needs.

11 Dec 15, 2022

Blazingly fast Rust CLI app to sync data from a folder of excel workbooks into generated c# code for unity usage

Extensions supported ( .xls, .xlsx, .xlsm, .xlsb, .xla, .xlam, .ods ) Speed Test Image shows the results of 5000defs synced from 2 workbooks and 5 she

4 Feb 16, 2023

Demo app duplicated in 5 languages (Go/JavaScript/Python/Ruby/Rust) showing how to go from source code to container image using melange+apko

hello-melange-apko ?? This repo contains an example app duplicated across 5 languages showing how to: Package source code into APKs using melange Buil

16 Jan 23, 2023

A cross-platofrm desktop app to manage your ports made with Dioxus and Rust.

Port Manager A cross-platofrm desktop app to manage your ports made with Dioxus and Rust. This app has been tested only on macOS. Test on other platfo

3 Mar 30, 2024

CLI calculator app and library

calc Yet another CLI calculator. Inspired by the excellent https://github.com/alfredxing/calc. Installation With a Rust toolchain in place: cargo inst

34 Nov 13, 2022

🦚 A web-app pentesting suite written in rust .

Related tags

Overview

Kanha - A web-app pentesting suite written in rust 🦀

Installation ⦾ Subcommands ⦾ Contribute

🧠 Philosophy

🐱 Installation

🌈 Subcommands

👐 Contributing

Also see 👀

License 🔐

Comments

chore(deps): bump serde_json from 1.0.105 to 1.0.106

v1.0.106

chore(deps): bump clap from 4.4.2 to 4.4.3

v4.4.3

[4.4.3] - 2023-09-12

Documentation

[4.4.3] - 2023-09-12

Documentation

chore(deps): bump clap from 4.4.3 to 4.4.4

v4.4.4

[4.4.4] - 2023-09-18

Internal

[4.4.4] - 2023-09-18

Internal

chore(deps): bump dns-lookup from 2.0.2 to 2.0.3

chore(deps): bump serde_json from 1.0.105 to 1.0.107

v1.0.107

v1.0.106

add/exclude HTTP status code filter for fuzz

Releases(v0.1.0)

v0.1.0(Sep 8, 2023)

Initial release v0.1.0 of kanha

Available subcommands

Owner

Nabeen Tiwaree

Coppers is a custom test harnass for Rust that measures the energy usage of your test suite.

Holo is a suite of routing protocols designed to support high-scale and automation-driven networks.

JA4+ is a suite of network fingerprinting standards

A todo list app that indexes your app to find TODO:'s

Dragonfly, POC full-stack web app DSL

zigfi is an open-source stocks, commodities and cryptocurrencies price monitoring CLI app, written fully in Rust, where you can organize assets you're watching easily into watchlists for easy access on your terminal.

A clock app in terminal written in Rust, supports local clock, timer and stopwatch.

Simple Interactive Terminal Todo App in Rust

Replace an app's icon from a png with a single terminal script. Made with Rust

Simple test app based on rust-psp

🔭 Search Dash.app from Neovim with Telescope. Built with Rust 🦀 and Lua

Simple system monitoring app that runs on terminal. Made purely with Rust.

Rust-based language and runtime for cross-platform app development

Simple but convenient CLI-based Matrix client app for sending and receiving (in Rust)

A pure Rust, cross-platform soundboard app

Blazingly fast Rust CLI app to sync data from a folder of excel workbooks into generated c# code for unity usage

Demo app duplicated in 5 languages (Go/JavaScript/Python/Ruby/Rust) showing how to go from source code to container image using melange+apko

A cross-platofrm desktop app to manage your ports made with Dioxus and Rust.

CLI calculator app and library

`Kanha` - A web-app pentesting suite written in rust 🦀

`Installation` ⦾ `Subcommands` ⦾ `Contribute`

Initial release v0.1.0 of `kanha`