Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter
?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own disocovered URLs to find such parameter names and the risks commonly associated with them. Parth is designed to aid web security testing by helping in prioritization of components for testing.Usage
Import targets from a file
This option works for all 3 supported import types: Burp Suite history, newline delimited text file or a HTTP request text file.
python3 parth.py -i example.historyFind URLs for a domain
This option will make use of CommonCrawl, Open Threat Exchange and Waybackmachine to find URLs of the target domain.
python3 parth.py -t example.comIgnore duplicate parameter names
Same parameter names across all URLs are ignored.
python3 parth.py -ut example.comSave parameter names
This option will write all the parameter names found in a file with name
params-{target}.txt for later use.python3 parth.py -pt example.comJSON Output
The following command will save the result as a JSON object in the specified file.
python3 parth.py -t example.com -o example.jsonCredits
The database of parameter names and the risks associated with them is mainly created from the public work of various people of the community.
via KitPloit
Related word
- Hack Tools
- Hacker Tools Hardware
- Hacking Tools Windows 10
- Hack Rom Tools
- Hack Tools Online
- Hacker Tools For Ios
- Hacker Tools Github
- Hacker Tools For Ios
- Best Hacking Tools 2020
- Hacking Tools For Mac
- Hacker Tools Apk
- Pentest Tools Subdomain
- Hacker Tools Apk Download
- Hacker Tools For Ios
- Pentest Automation Tools
- Hacker Tools Free
- Hacker Techniques Tools And Incident Handling
- Hack Website Online Tool
- Hacking Tools
- Game Hacking
- Hacking Tools For Games
- How To Make Hacking Tools
- Pentest Tools Bluekeep
- Hack Tools Download
- Hack App
- Hack Tools Online
- Hacker Tools Linux
- Pentest Tools
- Best Pentesting Tools 2018
- Hacking Tools Hardware
- Hacking Tools For Pc
- Hacking Tools For Beginners
- Hacker Tools For Windows
- Pentest Tools
- Hack Tools Online
- Top Pentest Tools
- Hacking Tools And Software
- Hacker Security Tools
- Hack Tools Github
- World No 1 Hacker Software
- Install Pentest Tools Ubuntu
- Hacker Tools Hardware
- Hacker
- Physical Pentest Tools
- Best Pentesting Tools 2018
- Hacking Tools For Kali Linux
- Hacker Tools List
- Hacker Tools List
- Hack Tools
- Beginner Hacker Tools
- Nsa Hacker Tools
- Hack Tools Github
- Install Pentest Tools Ubuntu
- Hack Tools Github
- Tools For Hacker
- Pentest Tools Online
- Tools 4 Hack
- Usb Pentest Tools
- Hacking Tools For Games
- Pentest Tools Review
- Hak5 Tools
- Android Hack Tools Github
- Pentest Tools Android
- Hacker Tools
- Hackers Toolbox
- Hacking Tools And Software
- Hack Tools Online
- Hack Tool Apk No Root
- Hack Tools For Pc
- Hacks And Tools
- Pentest Tools Port Scanner
- Hacking Apps
- Hack Tools Download
- Pentest Tools Subdomain
- Hacking Tools For Mac
- Hacker Search Tools
- Hack Website Online Tool
- Pentest Tools Free
- Pentest Automation Tools
- Kik Hack Tools
- Pentest Tools Framework
- Pentest Tools Alternative
- Best Hacking Tools 2020
- Pentest Tools Download
- Hacker Tools Online
- Termux Hacking Tools 2019
- Hacker Techniques Tools And Incident Handling
- Best Pentesting Tools 2018
- Pentest Tools Framework
- Pentest Tools Linux
- Computer Hacker
- Hacker Security Tools
- Hacking Tools 2019
- Kik Hack Tools
- Hack Tools For Pc
- Easy Hack Tools
- Hacking Tools Online
- Best Hacking Tools 2020
No comments:
Post a Comment