>_ osk

Free offensive security toolkit for your terminal — reverse shells, encoding, hashing, JWT analysis, nmap building, XSS payloads, SQLi payloads, header security analysis, CVSS scoring, subnet calculation, terminal output formatting, wordlist generation, and more.

Part of OffSecKit — all tools also available as browser tools.

Install

pip install offseckit

Or clone and install locally:

git clone https://github.com/offseckit/osk.git
cd osk
pip install .

Quick Start

# Generate a reverse shell
osk revshell -i 10.10.10.10 -l python

# Encode text to Base64
osk encode -o base64-encode "Hello World"

# Identify a hash
osk hash id 5d41402abc4b2a76b9719d911017c592

# Decode a JWT token
osk jwt decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

# Build an nmap command
osk nmap build -t 10.10.10.0/24 --syn --top-ports 1000

# Generate XSS payloads
osk xss gen --context html-attr --action alert

# Generate SQLi payloads
osk sqli gen -d mysql -t union -c 3

# Analyze security headers
curl -sI https://example.com | osk headers analyze

# Calculate a CVSS score
osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

# Calculate subnet details
osk subnet calc 192.168.1.0/24

# Generate a wordlist with mutations
osk wordlist gen password admin --leet --numbers

# Format terminal output with a styled frame
nmap -sV 10.10.10.10 | osk format render

Tools

Command	Description
osk revshell	Generate reverse shell one-liners in 12+ languages
osk encode	Encode/decode text (Base64, URL, Hex, HTML, Unicode, Binary, ROT13, ...)
osk hash	Identify hash types and generate hashes (MD5, SHA1, SHA256, NTLM, ...)
osk jwt	Decode and analyze JWT tokens for security issues
osk nmap	Build nmap commands with scan types, scripts, timing, and evasion
osk xss	Generate context-aware XSS payloads with WAF bypass and encoding
osk sqli	Generate SQL injection payloads for MySQL, MSSQL, PostgreSQL, Oracle, SQLite
osk headers	Analyze HTTP response headers for security misconfigurations
osk cvss	Calculate CVSS 3.1 and 4.0 vulnerability scores
osk subnet	Calculate subnet details, split networks, check IP containment
osk format	Format and beautify terminal output with styled window frames
osk wordlist	Generate custom wordlists with leet speak, case mutations, and password patterns

Reverse Shells

# Bash reverse shell
osk revshell -i 10.10.10.10 -p 4444

# Python reverse shell with Base64 encoding
osk revshell -i 10.10.10.10 -l python -e base64

# PowerShell reverse shell
osk revshell -i 10.10.10.10 -l powershell

# Show all netcat variants
osk revshell -i 10.10.10.10 -l netcat --all

# List all supported languages
osk revshell list

Options

Flag	Description	Default
-i, --ip	Attacker IP address	(required)
-p, --port	Attacker port	4444
-l, --lang	Language	bash
-v, --variant	Specific variant	first available
-e, --encoding	raw, base64, url, double-url	raw
--all	Show all variants	—
--no-listener	Hide listener command	—

Encoding & Decoding

# Base64 encode
osk encode -o base64-encode "Hello World"

# URL decode
osk encode -o url-decode "%48%65%6C%6C%6F"

# Chain: Base64 then URL encode
osk encode -o base64-encode -o url-encode "test payload"

# Double URL encode for WAF bypass
osk encode -o url-encode -o url-encode "<script>alert(1)</script>"

# Show intermediate steps
osk encode -o base64-encode -o url-encode -o hex-encode "test" --steps

# Pipe from stdin
echo "secret" | osk encode -o hex-encode

# List all operations
osk encode list

Hash Identification & Generation

# Identify a hash
osk hash id 5d41402abc4b2a76b9719d911017c592

# Generate MD5 + SHA-256 + NTLM
osk hash generate -a md5 -a sha256 -a ntlm "password"

# Generate all default hashes
osk hash generate "hello"

# List supported algorithms
osk hash list

JWT Decoder & Analyzer

# Decode a JWT token
osk jwt decode eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U

# Analyze for security issues
osk jwt analyze eyJhbGciOiJIUzI1NiIs...

# List supported algorithms
osk jwt algorithms

Nmap Command Builder

# Quick recon scan
osk nmap preset quick-recon -t 10.10.10.0/24

# Full port SYN scan with service detection
osk nmap build -t 10.10.10.10 --syn --all-ports --service-version

# Stealth scan with evasion
osk nmap build -t 10.10.10.10 --syn --timing T2 --fragment

# List presets
osk nmap presets

# List scan types
osk nmap scans

XSS Payload Generator

# Generate payloads for HTML attribute context
osk xss gen --context html-attr --action alert

# Generate with WAF bypass encoding
osk xss gen --context js-string --waf cloudflare

# Generate with blocked characters
osk xss gen --context html-tag --block "<" --block ">"

# Show polyglot payloads
osk xss polyglots

# List all contexts
osk xss contexts

SQL Injection Payload Generator

# Generate UNION-based payloads for MySQL
osk sqli gen -d mysql -t union -c 3

# Generate error-based payloads for MSSQL
osk sqli gen -d mssql -t error-based

# Generate time-blind payloads for PostgreSQL
osk sqli gen -d postgresql -t time-blind

# Generate with WAF bypass (case swap)
osk sqli gen -d mysql -t union --waf case-swap

# Show authentication bypass payloads
osk sqli auth

# List supported databases
osk sqli dbs

HTTP Header Security Analyzer

# Fetch headers directly from a URL
osk headers analyze -u https://example.com

# Pipe headers from curl
curl -sI https://example.com | osk headers analyze

# Read from a file
osk headers analyze -f response-headers.txt

# Output as JSON for CI/CD
osk headers analyze -u https://example.com --json

# List all security headers checked
osk headers list

CVSS Calculator

# Calculate CVSS 3.1 score from a vector
osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

# Calculate CVSS 4.0 score
osk cvss calc CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

# Output as JSON for CI/CD
osk cvss calc CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H --json

# Show common vulnerability presets
osk cvss presets

# Compare two vectors
osk cvss compare CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Subnet Calculator

# Calculate subnet details from CIDR
osk subnet calc 192.168.1.0/24

# Calculate with JSON output for scripting
osk subnet calc 10.10.10.0/26 --json

# Split a network into equal subnets
osk subnet split 10.0.0.0/16 --into 4

# Check if an IP is within a CIDR range
osk subnet contains 192.168.1.0/24 192.168.1.100

# List all usable hosts in a subnet
osk subnet list 192.168.1.0/28

CLI Output Formatter

# Render terminal output with a styled window frame
nmap -sV 10.10.10.10 | osk format render

# Render from a file with a custom title
osk format render -f output.txt --title "Nmap Scan Results"

# Add line numbers
cat output.log | osk format render -n --title "Server Logs"

# Strip all ANSI escape codes
cat colored-output.log | osk format strip

# Get output statistics
cat output.log | osk format stats --json

Wordlist Generator

# Generate wordlist from base words with case variations
osk wordlist gen password admin

# Enable leet speak mutations
osk wordlist gen password --leet

# Append numbers (0-9) and symbols
osk wordlist gen company --numbers --symbols

# Full mutation suite and save to file
osk wordlist gen company admin john -o wordlist.txt --case --leet --numbers --symbols --suffixes

# Read base words from a file
osk wordlist gen -f base_words.txt --leet --numbers

# Append years instead of single digits
osk wordlist gen company --numbers --number-range years --year-start 2020 --year-end 2026

# Show leet speak mappings
osk wordlist leet

Requirements

• Python 3.8+

Related

• OffSecKit — free browser-based security toolkit
• Reverse Shell Generator — browser version
• Encoding Multi-Tool — browser version
• Hash Identifier — browser version
• JWT Decoder — browser version
• Nmap Builder — browser version
• XSS Generator — browser version
• Header Security Analyzer — browser version
• CVSS Calculator — browser version
• Subnet Calculator — browser version
• SQLi Payload Generator — browser version
• CLI Output Formatter — browser version
• Wordlist Generator — browser version

License

MIT