No project description provided
Project description
PTKIBANA
Security testing tool for identifying, fingerprinting, and exploiting vulnerabilities in Kibana instances.
The tool:
- Identifies whether or not Kibana is running on a host
- Identifies whether it is running on HTTP or HTTPS
- Identifies whether or not it has authentication enabled
- Identifies CVEs in the Kibana instance
- Identifies whether the /api/console/proxy endpoint is available and runs the tool PTELASTIC through the proxy.
- Test for CVE-2019-7609
- Enumerates:
- Users and their respective roles
- Plugins running on the Kibana instance
- Dump ES index structure
Installation
pip install ptkibana
Adding to PATH
If you're unable to invoke the script from your terminal, it's likely because it's not included in your PATH. You can resolve this issue by executing the following commands, depending on the shell you're using:
For Bash Users
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.bashrc
source ~/.bashrc
For ZSH Users
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.zshrc
source ~/.zshrc
Usage examples
ptkibana -u htttps://www.example.com/
Options
-u --url <url> Connect to URL
-ts --tests <test> Specify one or more tests to perform:
AUTH Kibana authentication test
CVE-2019-7609 Kibana CVE-2019-7609 test
CVE_LOOKUP Kibana CVE lookup
ES_PROXY Kibana Elasticsearch proxy test
HTTPS Kibana HTTP/S test
IS_KIBANA Kibana availability test
STRUCTURE_DUMP Kibana data structure test
SW Kibana software enumeration
USERS Kibana user enumeration
-t --threads <threads> Set thread count (default 10)
-p --proxy <proxy> Set proxy (e.g. http://127.0.0.1:8080)
-T --timeout Set timeout (default 10)
-c --cookie <cookie> Set cookie
-a --user-agent <a> Set User-Agent header
-H --headers <header:value> Set custom header(s)
-r --redirects Follow redirects (default False)
-C --cache Cache HTTP communication (load from tmp in future)
-v --version Show script version and exit
-vv --verbose Enable verbose mode
-h --help Show this help message and exit
-j --json Output in JSON format
-U --user Set user to authenticate as
-P --password Set password to authenticate with
-A --api-key Set API key to authenticate with
-F --file </path/to/file> File to read if host is vulnerable to CVE-2015-5531 (default /etc/passwd)
-di --dump-index <index1, index2, ...> Specify index to dump with data_dump module
-df --dump-field <field1,field2, field3.subfield> Specify fields to dump with data_dump module
-o --output <filename> Specify the name of the file to store structure/data dump to
-ests --elasticsearch-tests <test> Specify one or more tests to perform on Elasticsearch through the Kibana proxy
-b --built-in Enumerate/dump built-in (hidden) Elasticsearch indexes
Dependencies
ptlibs
License
Copyright (c) 2025 Penterep Security s.r.o.
ptkibana is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
ptkibana is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with ptkibana. If not, see https://www.gnu.org/licenses/.
Warning
You are only allowed to run the tool against the websites which you have been given permission to pentest. We do not accept any responsibility for any damage/harm that this application causes to your computer, or your network. Penterep is not responsible for any illegal
or malicious use of this code. Be Ethical!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ptkibana-0.0.11.tar.gz.
File metadata
- Download URL: ptkibana-0.0.11.tar.gz
- Upload date:
- Size: 32.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2f96229672c94ca84857eeb6c0d664a56a4ba90b479572c6f590098a8502f3bb
|
|
| MD5 |
f47fd1bb9c846b4a28bd48e4e3bfa536
|
|
| BLAKE2b-256 |
41efa6a8f2a1dbf9c9178542b3c6658905a364ae6431fa109dfa94451b2aac9f
|
File details
Details for the file ptkibana-0.0.11-py3-none-any.whl.
File metadata
- Download URL: ptkibana-0.0.11-py3-none-any.whl
- Upload date:
- Size: 38.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dc4996e5d06d75a3eb157ed2d306acf0891e20d4706ffa5470b9a77a2670f855
|
|
| MD5 |
1bed1fc99431097b0a8b4abf414b35b7
|
|
| BLAKE2b-256 |
41e97a9e8c6931a401019e44f6e5615a619266974df6a7d4b64e6b80ab98e6e6
|
