MUKI asset fingerprinting tool for red team reconnaissance. Use when performing authorized penetration testing, asset discovery, service fingerprinting, vulnerability scanning, and attack surface mapping. Supports active/passive fingerprinting with 30,000+ signatures, sensitive path detection, and sensitive information extraction. Requires explicit authorization for target systems.
MUKI is an active asset fingerprinting tool built for red team operations. It enables security researchers to rapidly pinpoint vulnerable systems from chaotic C-class segments and massive asset lists.
# Scan single URL
muki -u https://target.com
# Scan multiple URLs from file
muki -l targets.txt
# Scan with proxy
muki -u https://target.com -p socks5://127.0.0.1:1080
# Disable specific modules
muki -u https://target.com -A -N # No active, no directory scan
-h, --help Show help
-u, --url string Single URL to scan
-l, --list string File containing URLs (one per line)
-o, --output string Output file path
-p, --proxy string Proxy server (http:// or socks5://)
-t, --thread int Number of threads (default: 20, max: 100)
-A, --no-active Disable active fingerprint scanning
-N, --no-dir Disable directory scanning
-x, --no-passive Disable passive fingerprint scanning
Sends protocol-specific probes to identify services with high confidence.
Analyzes response artifacts without additional traffic.
Checks for high-risk paths using curated dictionaries.
Automatically extracts high-risk information from responses.
Categories:
{
"target": "https://example.com",
"fingerprints": [
{
"service": "Apache",
"version": "2.4.41",
"confidence": "high"
}
],
"sensitive_paths": [
{
"path": "/admin",
"status": 200,
"risk": "high"
}
],
"sensitive_data": [
{
"type": "email",
"value": "[email protected]",
"source": "response body"
}
]
}
Structured .xlsx report with multiple sheets:
# 1. Prepare target list
cat > targets.txt << 'EOF'