Key Features: Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude URLs with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web archives (without interacting with the target host) Usage instructions: Note : Use python 3.7+ $ git clone https://github.com/devanshbatham/ParamSpider $ cd ParamSpider $ pip3 install -r requirements.txt $ python3 paramspider.py --domain hackerone.com Usage options: 1 - For a simple scan [without the --exclude parameter] $ python3 paramspider.py --domain hackerone.com -> Output ex : https://hackerone.com/test.php?q=FUZZ 2 - For excluding urls with specific extensions $ python3 paramspider.py --domain hackerone.com --exclude php,jpg,svg 3 - For finding nested parameters $ python3 paramspider.py --domain hackerone.com --level high -> Output ex : https://hackerone.com/test.php?p=test&q=FUZZ 4 - Saving the results $ python3 paramspider.py --domain hackerone.com --exclude php,jpg --output hackerone.txt 5 - Using with a custom placeholder text (default....