npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

pwnkit-cli

v0.11.1

Published

pwnkit-cli npm launcher — downloads and runs the standalone binary on first invocation.

Downloads

572

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

peaktwilightpeaktwilight

Keywords

aiapplication-securitymcpowaspsecurityred-teamllmprompt-injection

Readme

pwnkit-cli (npm launcher)

This package is a thin launcher for pwnkit, an autonomous AI pentesting framework. From v0.10.0 onwards pwnkit-cli ships as a tiny launcher that downloads the standalone binary on first run, caches it under ~/.pwnkit/cache/v<version>/, and re-execs the user's arguments against it. Subsequent runs are an instant exec from the cache.

$ npx pwnkit-cli scan --target https://example.com
[pwnkit] first-run setup — downloading pwnkit-darwin-arm64 (~75 MB)…
[pwnkit] cached at /Users/you/.pwnkit/cache/v0.10.0/pwnkit-darwin-arm64

  pwnkit v0.10.0
    scanning target https://example.com
…

The binary has the Bun runtime baked in, so the full OpenTUI mission control + live scan view works even when invoked under Node via npx.

Install paths

The launcher works through any of these:

npx pwnkit-cli scan --target https://example.com    # one-shot, no install
bunx pwnkit-cli scan --target https://example.com   # same, faster cold start

npm i -g pwnkit-cli   &&  pwnkit-cli scan ...       # global install
bun add -g pwnkit-cli &&  pwnkit-cli scan ...       # global install via bun

If you'd rather skip the launcher entirely and install the binary directly (zero Node, zero Bun, zero node_modules), run:

curl -fsSL https://raw.githubusercontent.com/0sec-labs/pwnkit/main/install.sh | bash

That drops a single binary into ~/.pwnkit/bin/.

Supported platforms

The launcher picks the right binary at runtime from the v<version> GitHub Release:

  • pwnkit-darwin-arm64 — Apple Silicon
  • pwnkit-linux-x64
  • pwnkit-linux-arm64
  • pwnkit-windows-x64.exe

Intel Mac (darwin-x64) is intentionally not shipped — Apple stopped selling them in 2022 and our self-hosted macos-13 pool is unreliable. Install Bun and compile from source (scripts/bun-compile.sh) on those.

Env knobs

  • PWNKIT_BINARY — explicit path to a binary; bypasses cache + download
  • PWNKIT_NO_DOWNLOAD=1 — never download; print install.sh URL and exit 1
  • PWNKIT_DOWNLOAD_TIMEOUT_MS — per-attempt download timeout (default 120000)

Source

https://github.com/0sec-labs/pwnkit