Introduction

Description

Codename RKN is a Web Application Attack Surface Mapper, capable of analyzing the behavior and I/O characteristics of modern web applications and web APIs.

You can access Codename RKN via multiple interfaces, such as:

Installation

For installation instructions please refer to the installer.

System requirements

Operating SystemArchitectureRAMDiskCPU
Linuxx86 64bit2GB4GBMulticore

Resource constrained environments

To optimize the resources a scan may use please consult:

CLI

Command-line interface executables can be found under the bin/ directory and at the time of writing are:

  1. rkn -- Direct scanning utility.
  2. rkn_shell -- Starts a Bash shell under the package environment.
  3. rkn_system_info -- Presents system information about the host.

Scanning and reporting

To start a scan and save the report as JSON:

bin/rkn https://ginandjuice.shop/ --report-save-path=report.json

Web UI

The WebUI allows you to easily run, manage and schedule scans and their results via an intuitive web interface.

Boot-up

To boot the Pro interface please run:

bin/rkn_pro

After boot-up, you can visit the interface via your browser of choice.

Features

  • Live scan progress.
  • Scan coverage display.
  • Parallel scans.
  • Recurring scans.
  • Scheduled scans.
    • Simple frequency configuration.
    • Cronline frequency configuration support.
    • Identification of conflicting future scans in calendar.
  • Server/scanner/network health display.
  • Powerful yet intuitive filtering.
  • Website role management.
    • Form login.
    • Script login.
  • Device emulation.
  • Scan profiles.
  • Extensive scan log.

Run air-gapped

In order to run Codename RKN in an air-gapped environment you need to:

  • Place the license file at: ~/.rkn/license.key
    • Either by copying it over from a previous activation on an Internet-enabled machine, or;
    • by activating on-line.

Copyright

Copyright 2024 Ecsypno.

All rights reserved.