ParamSpider - Mining parameters from dark corners of Web Archives

(372 views)

Key Features: Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude URLs with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web archives (without interacting with the target host) Usage instructions: Note : Use python 3.7+ $ git clone https://github.com/devanshbatham/ParamSpider $ cd ParamSpider $ pip3 install -r requirements.txt $ python3 paramspider.py --domain hackerone.com Usage options: 1 - For a simple scan [without the --exclude parameter] $ python3 paramspider.py --domain hackerone.com -> Output ex : https://hackerone.com/test.php?q=FUZZ 2 - For excluding urls with specific extensions $ python3 paramspider.py --domain hackerone.com --exclude php,jpg,svg 3 - For finding nested parameters $ python3 paramspider.py --domain hackerone.com --level high -> Output ex : https://hackerone.com/test.php?p=test&q=FUZZ 4 - Saving the results $ python3 paramspider.py --domain hackerone.com --exclude php,jpg --output hackerone.txt 5 - Using with a custom placeholder text (default....

July 14, 2020
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.