Details

Category: Discovery

Publisher: trickest

Created Date: 11/13/2021

Container: quay.io/trickest/kiterunner:7d5824c-patch-1

Source URL: https://github.com/assetnote/kiterunner

Parameters

delay
string
Command: --delay - Delay to place inbetween requests to a single host
hosts
file
required
Command: - Target hosts
quiet
boolean
Command: --quiet - Quiet mode. will mute unecessarry pretty text
header
string
Command: --header - Headers to add to requests (default [x-forwarded-for: 127.0.0.1])
output
string
Command: --output - Output format. Can be json,text,pretty (default pretty)
kb-mode
boolean
Command: kb - Kb mode. Manipulate the kitebuilder schema
timeout
string
Command: --timeout - Timeout to use on all requests (default 3s)
verbose
string
Command: --verbose - Level of logging verbosity. can be error,info,debug,trace (default info)
wordlist
file
required
Command: -w - Normal/ogl wordlist to use for scanning
scan-mode
boolean
required
Command: scan - Scan mode.
brute-mode
boolean
required
Command: brute - Bruteforce mode.
filter-api
string
Command: --filter-api - Only scan apis matching this ksuid
user-agent
string
Command: --user-agent - User agent to use for requests (default Chrome. Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36)
config-file
file
Command: --config - Specify the config file.
force-method
string
Command: --force-method - Whether to ignore the methods specified in the ogl file and force this method
profile-name
string
Command: --profile-name - Name for profile output file
ignore-length
string
Command: --ignore-length - A range of content length bytes to ignore. you can have multiple. e.g. 100-105 or 1234 or 123,34-53. This is inclusive on both ends
kb-mode-debug
boolean
Command: -d - Debug mode will attempt to convert the schema with error handling
kb-mode-parse
file
Command: parse - Parse an kitebuilder schema and print out the prettified data
max-redirects
string
Command: --max-redirects - Maximum number of redirects to follow (default 3)
wordlist-mode
boolean
Command: wordlist - Wordlist mode. Look at your cached wordlists and remote wordlists
kb-mode-replay
string
Command: replay - Replay a kitebuilder request based on the input
kb-mode-convert
file
Command: convert - onvert an input file format into the specified output file format
preflight-depth
string
Command: --preflight-depth - When performing preflight checks, what directory depth do we attempt to check. 0 means that only the docroot is checked (default 1)
blacklist-domain
string
Command: --blacklist-domain - Domains that are blacklisted for redirects. We will not follow redirects to these domains
disable-precheck
boolean
Command: --disable-precheck - Whether to skip host discovery
kitebuilder-list
file
Command: --kitebuilder-list - Ogl wordlist to use for scanning
fail-status-codes
string
Command: --fail-status-codes - Which status codes blacklist as fail. if this is set, this will override success-status-codes
assetnote-wordlist
string
required
Command: --assetnote-wordlist - Use the wordlists from wordlist.assetnote.io. specify the type/name to use, e.g. apiroutes-210228. You can specify an additional maxlength to use only the first N values in the wordlist, e.g. apiroutes-210228;20000 will only use the first 20000 lines in that wordlist
max-parallel-hosts
string
Command: --max-parallel-hosts - Max number of concurrent hosts to scan at once (default 50)
wildcard-detection
string
Command: --wildcard-detection - Can be set to false to disable wildcard redirect detection (default true)
wordlist-mode-list
boolean
Command: list - List the wordlists cached and available
wordlist-mode-save
string
Command: save - Save the wordlists specified (full filename or alias)
quarantine-threshold
string
Command: --quarantine-threshold - If the host return N consecutive hits, we quarantine the host as wildcard. Set to 0 to disable (default 10)
success-status-codes
string
Command: --success-status-codes - Which status codes whitelist as success. this is the default mode
brute-mode-extensions
string
Command: --extensions - Extensions to append while scanning
kitebuilder-full-scan
boolean
Command: --kitebuilder-full-scan - Perform a full scan without first performing a phase scan.
max-connection-per-host
string
Command: --max-connection-per-host - Max connections to a single host (default 3)
kb-mode-compile-wordlist
file
Command: compile - Compile an kitebuilder schema and write the data to the specified file
brute-mode-dirsearch-compat
boolean
Command: --dirsearch-compat - This will replace %EXT% with the extensions provided. backwards compat with dirsearch because shubs loves him some dirsearch
kb-mode-compile-output-file
string
Command: -
kb-mode-convert-output-file-format
string
Command: - kb mode convert mode output file format