Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter
?url=
usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own disocovered URLs to find such parameter names and the risks commonly associated with them. Parth is designed to aid web security testing by helping in prioritization of components for testing.Usage
Import targets from a file
This option works for all 3 supported import types: Burp Suite history, newline delimited text file or a HTTP request text file.
python3 parth.py -i example.history
Find URLs for a domain
This option will make use of CommonCrawl, Open Threat Exchange and Waybackmachine to find URLs of the target domain.
python3 parth.py -t example.com
Ignore duplicate parameter names
Same parameter names across all URLs are ignored.
python3 parth.py -ut example.com
Save parameter names
This option will write all the parameter names found in a file with name
params-{target}.txt
for later use.python3 parth.py -pt example.com
JSON Output
The following command will save the result as a JSON object in the specified file.
python3 parth.py -t example.com -o example.json
Credits
The database of parameter names and the risks associated with them is mainly created from the public work of various people of the community.
via KitPloit
Related news
- Pentest Tools Apk
- Install Pentest Tools Ubuntu
- Hacking Tools For Beginners
- Hacking Tools For Kali Linux
- Pentest Recon Tools
- Hack Tools For Ubuntu
- Pentest Reporting Tools
- Pentest Tools
- Growth Hacker Tools
- World No 1 Hacker Software
- Pentest Tools
- Hack Tools Download
- Hacking Tools Name
- Pentest Tools Android
- Hacker Tools Software
- Top Pentest Tools
- Hacking Tools For Mac
- Hack Tools
- Hack Tools
- Hacking Tools For Games
- Hacking Tools Download
- Pentest Tools Free
- Hacks And Tools
- Hackers Toolbox
- Hack Tools
- How To Hack
- Wifi Hacker Tools For Windows
- Pentest Tools Website
- Pentest Tools Linux
- Pentest Tools Framework
- Pentest Reporting Tools
- Physical Pentest Tools
- Hacker Tools For Pc
- Pentest Tools Android
- Pentest Tools Alternative
- Computer Hacker
- Black Hat Hacker Tools
- Pentest Tools Nmap
- Computer Hacker
- Hack Tool Apk
- Nsa Hacker Tools
- Hack Apps
- Hack And Tools
- World No 1 Hacker Software
- Hacking Tools 2019
- Pentest Tools Github
- Hacker Tool Kit
- Hacking Tools Usb
- Hack Tools For Windows
- Blackhat Hacker Tools
- Hacking Tools For Windows
- Hacker Tools Github
- Hacker Tools 2019
- Hack Tools For Mac
- Pentest Tools Download
- Easy Hack Tools
- Pentest Tools Windows
- Hacker Tools 2020
- Hack Tools Online
- Pentest Tools Free
- Hacking Tools For Beginners
- Hacking Tools For Games
- Pentest Reporting Tools
- How To Hack
- Hacker Tools Mac
- Pentest Automation Tools
- Hack Apps
- Hack Tools For Mac
- Wifi Hacker Tools For Windows
- Hacking Tools And Software
- Hacker Tools For Pc
- Hacker Tools
- Pentest Tools Android
- Hacking Tools Mac
- Hack Tools Github
- Hacker Search Tools
- What Are Hacking Tools
- Pentest Reporting Tools
- Github Hacking Tools
- Pentest Box Tools Download
- Hack Apps
- Hack Tools
- Free Pentest Tools For Windows
- Hacker Tools Free
- Hak5 Tools
- Hacker Tools Apk Download
- Hacks And Tools
- Hacker Tools Windows
- Hack Tool Apk
- Hack Tools For Pc
- Pentest Tools
- Hacking Tools Usb
- Pentest Tools Tcp Port Scanner
- Hacker Tools For Pc
- Pentest Tools For Ubuntu
- Growth Hacker Tools
- Hacker Tools Apk Download
- Hacking App
- Hack Tools For Games
- Hacking Tools For Kali Linux
- Pentest Tools Url Fuzzer
- Hack Tools Download
- Hack Tools
- New Hacker Tools
- Hacker Tools Apk Download
- Pentest Tools Online
- Hack Tools For Ubuntu
- Hacking Tools 2020
- Best Hacking Tools 2019
- Pentest Tools Apk
No hay comentarios:
Publicar un comentario