kiterunner-{brute, kb, scan, wordlist}, kite, kr: add page (#16389)

* kiterunner-{brute, kb, scan, wordlist}, kite, kr: add page

* Update pages/common/kiterunner-brute.md

Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com>

* Tweaks

* Update pages/common/kiterunner-brute.md

Co-authored-by: Managor <42655600+Managor@users.noreply.github.com>

* Twe4ks

---------

Co-authored-by: Managor <42655600+Managor@users.noreply.github.com>
Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com>

pages/common/kite.md

@@ -0,0 +1,7 @@
+# kite
+
+> This command is an alias of `kiterunner`.
+
+- View documentation for the original command:
+
+`tldr kiterunner`

pages/common/kiterunner-brute.md

@@ -0,0 +1,37 @@
+# kiterunner brute
+
+> A contextual web scanner for bruteforcing API paths and web endpoints using wordlists.
+> The `brute` subcommand targets one or multiple hosts.
+> More information: <https://github.com/assetnote/kiterunner>.
+
+- Bruteforce a target with an Assetnote wordlist (e.g., first 20,000 API routes):
+
+`kiterunner brute {{https://example.com}} {{[-A|--assetnote-wordlist]}} {{apiroutes-210328:20000}}`
+
+- Bruteforce a target with a custom wordlist:
+
+`kiterunner brute {{https://example.com}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}}`
+
+- Bruteforce using a dirsearch-style wordlist with extension substitution:
+
+`kiterunner brute {{https://example.com}} {{[-w|--wordlist]}} {{path/to/dirsearch.txt}} {{[-D|--dirsearch-compat]}} {{[-e|--extensions]}} {{json,txt}}`
+
+- Bruteforce with specific file extensions appended and output in JSON format:
+
+`kiterunner brute {{https://example.com}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}} {{[-e|--extensions]}} {{aspx,ashx}} {{[-o|--output]}} {{json}}`
+
+- Bruteforce a list of targets from a file with custom concurrency settings for performance:
+
+`kiterunner brute {{path/to/targets.txt}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}} {{[-x|--max-connection-per-host]}} {{5}} {{[-j|--max-parallel-hosts]}} {{100}}`
+
+- Bruteforce and ignore specific content length responses:
+
+`kiterunner brute {{https://example.com}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}} --ignore-length {{100-105}}`
+
+- Bruteforce with custom HTTP headers:
+
+`kiterunner brute {{https://example.com}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}} {{[-H|--header]}} "{{Authorization: Bearer token}}"`
+
+- Bruteforce a list of targets from a file with fail status code filtering:
+
+`kiterunner brute {{path/to/targets.txt}} {{[-w|--wordlist]}} {{path/to/wordlist.txt}} --fail-status-codes {{400,401,404}}`

pages/common/kiterunner-kb.md

@@ -0,0 +1,37 @@
+# kiterunner kb
+
+> A contextual web scanner for manipulating kitebuilder schemas used in API and web endpoint discovery.
+> The `kb` subcommand handles schema compilation, conversion, parsing, and request replay.
+> More information: <https://github.com/assetnote/kiterunner>.
+
+- Compile a kitebuilder schema from JSON to a kite file:
+
+`kiterunner kb compile {{path/to/wordlist.json}} {{path/to/wordlist.kite}}`
+
+- Convert a kite file to a text wordlist:
+
+`kiterunner kb convert {{path/to/wordlist.kite}} {{path/to/wordlist.txt}}`
+
+- Convert a text wordlist to a kite file:
+
+`kiterunner kb convert {{path/to/wordlist.txt}} {{path/to/wordlist.kite}}`
+
+- Convert a kite file to a JSON schema:
+
+`kiterunner kb convert {{path/to/wordlist.kite}} {{path/to/wordlist.json}}`
+
+- Parse a kitebuilder schema and output prettified JSON data:
+
+`kiterunner kb parse {{path/to/wordlist.json}} {{[-o|--output]}} {{json}}`
+
+- Parse a kite file and output prettified text data:
+
+`kiterunner kb parse {{path/to/wordlist.kite}} {{[-o|--output]}} {{text}}`
+
+- Replay a specific request from a kitebuilder schema output:
+
+`kiterunner kb replay {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}} "{{request_output}}"`
+
+- Replay a request through a proxy for inspection:
+
+`kiterunner kb replay {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}} {{[-p|--proxy]}} {{http://localhost:8080}} "{{request_output}}"`

pages/common/kiterunner-scan.md

@@ -0,0 +1,37 @@
+# kiterunner scan
+
+> A contextual web scanner for concurrently scanning API paths and web endpoints using kitebuilder wordlists.
+> The `scan` subcommand targets one or multiple hosts with structured API requests.
+> More information: <https://github.com/assetnote/kiterunner>.
+
+- Scan a target with an Assetnote wordlist (e.g., first 5000 API routes):
+
+`kiterunner scan {{https://example.com}} {{[-A|--assetnote-wordlist]}} {{apiroutes-210228:5000}}`
+
+- Scan a target with a kitebuilder wordlist:
+
+`kiterunner scan {{https://example.com}} {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}}`
+
+- Scan multiple hosts from a file with a kitebuilder wordlist:
+
+`kiterunner scan {{path/to/hosts.txt}} {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}}`
+
+- Scan with an Assetnote wordlist and JSON output:
+
+`kiterunner scan {{https://example.com}} {{[-A|--assetnote-wordlist]}} {{apiroutes-210228:5000}} -o {{json}}`
+
+- Scan with custom concurrency settings for performance:
+
+`kiterunner scan {{https://example.com}} {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}} {{[-x|--max-connection-per-host]}} {{5}} {{[-j|--max-parallel-hosts]}} {{100}}`
+
+- Scan with a wordlist as a normal wordlist, disabling depth scanning:
+
+`kiterunner scan {{https://example.com}} {{[-w|--kitebuilder-list]}} {{path/to/rafter.txt}} {{[-d|--preflight-depth]}} {{0}}`
+
+- Scan with custom headers and ignore specific content length responses:
+
+`kiterunner scan {{https://example.com}} {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}} {{[-H|--header]}} "{{Authorization: Bearer token}}" --ignore-length {{100-105}}`
+
+- Perform a full kitebuilder scan without phase scanning:
+
+`kiterunner scan {{https://example.com}} {{[-w|--kitebuilder-list]}} {{path/to/wordlist.kite}} --kitebuilder-full-scan`

pages/common/kiterunner-wordlist.md

@@ -0,0 +1,33 @@
+# kiterunner wordlist
+
+> A contextual web scanner for managing wordlists used in API and web endpoint discovery.
+> The `wordlist` subcommand handles listing and saving wordlists in `~/.cache/kiterunner`.
+> More information: <https://github.com/assetnote/kiterunner>.
+
+- List all cached and available Assetnote wordlists:
+
+`kiterunner wordlist list`
+
+- List wordlists with JSON output:
+
+`kiterunner wordlist list {{[-o|--output]}} {{json}}`
+
+- List wordlists with verbose debug output:
+
+`kiterunner wordlist list {{[-v|--verbose]}} {{debug}}`
+
+- Save a specific Assetnote wordlist by alias:
+
+`kiterunner wordlist save {{apiroutes-210328}}`
+
+- Save a specific Assetnote wordlist by full filename:
+
+`kiterunner wordlist save {{path/to/httparchive_apiroutes_2024_05_28.txt}}`
+
+- Save multiple wordlists by alias:
+
+`kiterunner wordlist save {{apiroutes-210328,aspx-210328}}`
+
+- Save a wordlist with quiet mode to suppress output:
+
+`kiterunner wordlist save {{apiroutes-210328}} {{[-q|--quiet]}}`

pages/common/kiterunner.md

@@ -0,0 +1,20 @@
+# kiterunner
+
+> A contextual web scanner for discovering API paths and web endpoints using wordlists and kitebuilder schemas.
+> More information: <https://github.com/assetnote/kiterunner>.
+
+- View documentation for bruteforcing API paths and web endpoints:
+
+`tldr kiterunner brute`
+
+- View documentation for concurrently scanning hosts with kitebuilder wordlists:
+
+`tldr kiterunner scan`
+
+- View documentation for manipulating kitebuilder schemas:
+
+`tldr kiterunner kb`
+
+- View documentation for managing cached and remote wordlists:
+
+`tldr kiterunner wordlist`

pages/common/kr.md

@@ -0,0 +1,7 @@
+# kr
+
+> This command is an alias of `kiterunner`.
+
+- View documentation for the original command:
+
+`tldr kiterunner`