#engine #osint #focused #security #git #bug #issue

bin+lib ankou

An OSINT repo miner focused on high-sev security bug in JS engines

2 releases

0.0.2 Dec 16, 2020
0.0.1 Dec 9, 2020

#15 in #osint

AGPL-3.0

29KB
254 lines

ankou

/ɑːnkuː/
An OSINT git miner focused on enumerating security issues in JavaScript engines.

crates.io-badge docs.rs-badge build-badge license

Current only supports WebKit (which is also still a WIP)

Setup

ak requires the target repository's list of commit objects. The easiest way to grab it is to add the -n/--no-checkout option when running git clone:

git clone -j`nproc` --no-checkout git://git.webkit.org/WebKit.git
cargo run --bin ak webkit -l path/to/cloned/WebKit

Usage

ankou 0.0.2
ecurity-focused OSINT git miner

USAGE:
    ak [FLAGS] [OPTIONS] [api-key] <SUBCOMMAND>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information
    -v               Verbose

OPTIONS:
    -d, --depth <depth>    Maximum depth of parent references to walk [default: 10]

ARGS:
    <api-key>    Bugzilla API key [env: AK_KEY]

SUBCOMMANDS:
    chromium    Enumerate the Google Chromium engine
    gecko       Enumerate the Mozilla Gecko engine
    help        Prints this message or the help of the given subcommand(s)
    webkit      Enumerate the Apple WebKit engine

Dependencies

~13–18MB
~403K SLoC