LinuxCommandLibrary

kiterunner-kb

Search Kiterunner's knowledge base for vulnerability information

TLDR

Compile a kitebuilder schema from JSON to a kite file

$ kiterunner kb compile [path/to/wordlist.json] [path/to/wordlist.kite]
copy

Convert a kite file to a text wordlist
$ kiterunner kb convert [path/to/wordlist.kite] [path/to/wordlist.txt]
copy

Convert a text wordlist to a kite file
$ kiterunner kb convert [path/to/wordlist.txt] [path/to/wordlist.kite]
copy

Convert a kite file to a JSON schema
$ kiterunner kb convert [path/to/wordlist.kite] [path/to/wordlist.json]
copy

Parse a kitebuilder schema and output prettified JSON data
$ kiterunner kb parse [path/to/wordlist.json] [[-o|--output]] [json]
copy

Parse a kite file and output prettified text data
$ kiterunner kb parse [path/to/wordlist.kite] [[-o|--output]] [text]
copy

Replay a specific request from a kitebuilder schema output
$ kiterunner kb replay [[-w|--kitebuilder-list]] [path/to/wordlist.kite] "[request_output]"
copy

Replay a request through a proxy for inspection
$ kiterunner kb replay [[-w|--kitebuilder-list]] [path/to/wordlist.kite] [[-p|--proxy]] [http://localhost:8080] "[request_output]"
copy

SYNOPSIS

Building a custom KB:

kiterunner build-kb -w <wordlist_path> [-w <another_wordlist>...] [-r <rules_path>] -o <output_kb_path> [-f]

Updating the official KB:
kiterunner update-kb [-o <output_kb_path>] [-f]

PARAMETERS

-w <wordlist_path>, --wordlist <wordlist_path>
    (For build-kb) Specifies the path to one or more wordlists to be included in the Knowledge Base. This option can be used multiple times to combine several wordlists.

-r <rules_path>, --rules <rules_path>
    (For build-kb) Specifies the path to one or more rule files that define how the words from the wordlists should be transformed or combined. This allows for complex pattern generation.

-o <output_kb_path>, --output <output_kb_path>
    Specifies the output path and filename for the generated or updated Knowledge Base (e.g., ./kiterunner.kb). For update-kb, the default output is kiterunner.kb in the current directory.

-f, --force
    Forces the operation to overwrite an existing Knowledge Base file at the specified output path without prompting for confirmation.

-h, --help
    Displays a help message with available options for the respective subcommand and exits.

DESCRIPTION

The term kiterunner-kb refers to the functionalities within the Kiterunner tool that are dedicated to managing its 'Knowledge Base' (KB) files. Unlike a standalone command, kiterunner-kb conceptually encompasses operations performed via Kiterunner's subcommands such as kiterunner build-kb and kiterunner update-kb.

A Kiterunner Knowledge Base is a highly optimized binary file (with a .kb extension) that stores a vast collection of known web endpoints, directories, and associated rules. This structure allows Kiterunner to perform extremely fast and efficient enumeration of web attack surfaces by minimizing redundant requests and intelligently guessing paths based on observed server responses and pre-defined patterns.

The kiterunner build-kb subcommand is used to create a custom Knowledge Base from local wordlists and rules files, giving users flexibility to tailor their enumeration efforts. Conversely, the kiterunner update-kb subcommand is designed to download and update the official, pre-built Knowledge Base provided by Assetnote, ensuring users have access to the latest and most comprehensive set of enumeration data. These KB files are crucial for Kiterunner's performance and effectiveness in discovering hidden or obscure web resources.

CAVEATS

The term kiterunner-kb is a conceptual reference rather than a direct executable command. All Knowledge Base management operations are performed via the main kiterunner command and its specific subcommands (e.g., kiterunner build-kb, kiterunner update-kb). Users must have the Kiterunner tool installed and available in their system's PATH. Building large custom Knowledge Bases with kiterunner build-kb can be a memory and CPU-intensive process, potentially requiring significant time depending on the size and number of input wordlists and rules.

KNOWLEDGE BASE TYPES

Kiterunner utilizes two primary types of Knowledge Bases:

  • Official Knowledge Base: Provided and maintained by Assetnote, updated regularly via kiterunner update-kb. This is the recommended default for most users.
  • Custom Knowledge Base: Built by users from their own wordlists and rules using kiterunner build-kb. This offers maximum flexibility for specialized enumeration tasks.

KB FILE USAGE

Once a Knowledge Base (either official or custom) is available, it can be utilized by the main kiterunner scan command using the -kb or --kb flag. For example: 

kiterunner scan -u https://example.com -kb ./my_custom.kb
This tells Kiterunner which pre-compiled set of paths and rules to use for its web enumeration process.

HISTORY

Kiterunner is a web path enumeration tool developed by Assetnote, a company specializing in attack surface management. It was created to address the limitations of traditional wordlist-based enumeration tools by leveraging a highly efficient binary 'Knowledge Base' (KB) format. The development of the KB management features (like building and updating) was crucial to enable both customizability and the ability to distribute regularly updated enumeration data, significantly enhancing the tool's performance and accuracy in discovering hidden web resources.

SEE ALSO

kiterunner(1)

Copied to clipboard