npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@kinosec/cli

v0.7.1

Published

Official KinoSec command-line interface

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

fir3midgefir3midge

Keywords

kinosecsecuritypentestcli

Readme

@kinosec/cli

npm version node

The official CLI for KinoSec — run pentests from your terminal.

Install

npm install -g @kinosec/cli

Or run without installing:

npx @kinosec/cli pentest list

Quick Start

# Authenticate with a Personal Access Token
kinosec auth login

# List your assets
kinosec asset list

# Run a pentest
kinosec pentest -t example.com

# Watch progress in real-time
kinosec pentest watch <profile-id>

# Schedule a weekly pentest
kinosec pentest schedule create --asset <id> --pattern weekly --day-of-week 1 --time 09:00

# View findings
kinosec finding list <profile-id>

# Export a report
kinosec report export <report-id> --format markdown > report.md

Commands

kinosec auth login|status|logout        Manage authentication
kinosec me                              Show authenticated user info

kinosec asset list|get|create|delete|verify    Manage assets
kinosec pentest [-t domain]|list|get|cancel|watch  Run and manage pentests
kinosec pentest schedule create|list|get|...  Schedule recurring pentests
kinosec finding list|get|update|retest        Manage findings
kinosec report list|get|export                Manage reports
kinosec token list|create|revoke              Manage API tokens

Every command supports --json for machine-readable output and --help for usage details.

Authentication

The CLI authenticates via Personal Access Tokens (PATs). Tokens are resolved in this order:

  1. --token flag
  2. KINOSEC_TOKEN environment variable
  3. ~/.config/kinosec/credentials.json (saved by kinosec auth login)

Example

$ kinosec auth login
API token: ********
✓ Authenticated as [email protected]
  Plan: security_pro (pro)
  Org: Acme Inc

$ kinosec pentest list
ID                                   Target         Mode   Status      Created
a1b2c3d4-0000-0000-0000-000000000001 example.com    full   Completed   5/1/2026

$ kinosec finding list a1b2c3d4-0000-0000-0000-000000000001
ID                                   Name              Severity  Status
b2c3d4e5-0000-0000-0000-000000000001 Server Version Disclosure  Low  open

$ kinosec finding get b2c3d4e5-0000-0000-0000-000000000001
ID:            b2c3d4e5-0000-0000-0000-000000000001
Name:          Server Version Disclosure
Severity:      Low
Status:        open
Verification:  confirmed
Phase:         active_scanning
Created:       2026-05-01T00:00:00Z

Description
───────────
  The server exposes version information in HTTP responses,
  which may aid attackers in identifying known vulnerabilities...

Solution
────────
  Remove or suppress server version headers in production...

Proof of Concept
────────────────
  GET /api/health HTTP/1.1
  Response: {"version": "3.2.1", "server": "nginx/1.24.0", "debug": true}

$ kinosec report list
ID                                   Target        Mode   Findings          Completed
a1b2c3d4-0000-0000-0000-000000000001 example.com   full   2C 5H 3M 1L 0I   5/1/2026

Requirements

  • Node.js >= 20.0.0

Contributing

This CLI is maintained by KinoSec. External contributions are not accepted at this time.

License

Proprietary. See LICENSE.md for terms.