Parameth – This Tool Can Be Used To Brute Discover GET And POST Parameters

This tool can be used to brute discover GET and POST parametersOften when you are busting a directory for common files, you can identify scripts (for example test.php) that look like they need to be passed an unknown parameter. This hopefully can help find them.The -off flag allows you to specify an offset (helps with dynamic pages) so for example, if you were getting alternating response sizes of 4444 and 4448, set the offset to 5 and it will only show the stuff outside the norm.Installationvirtualenv venv. ./venv/bin/activatepip install -u -r requirements.txtUsageusage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT] [-t THREADS] [-off VARIANCE] [-diff DIFFERENCE] [-o OUT] [-P PROXY] [-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGMETH] [-c COOKIE] [-T TIMEOUT]optional arguments: -h, –help show this help message and exit -v, –version Version Information -u URL, –url URL Target URL -p PARAMS, –params PARAMS Provide a list of parameters to scan for -H HEADER, –header HEADER Add headers in format a:b c:d -a AGENT, –agent AGENT Specify a user agent -t THREADS, –threads THREADS Specify the number of threads. -off VARIANCE, –variance VARIANCE The offset in difference to ignore (if dynamic pages) -diff DIFFERENCE, –difference DIFFERENCE Percentage difference in response (recommended 95) -o OUT, –out OUT Specify output file -P PROXY, –proxy PROXY Specify a proxy in the form http|s://[IP]:[PORT] -x IGNORE, –ignore IGNORE Specify a status to ignore eg. 404,302… -s SIZEIGNORE, –sizeignore SIZEIGNORE Ignore responses of specified size -d DATA, –data DATA Provide default post data (also taken from provided url after ?) -i IGMETH, –igmeth IGMETH Ignore GET or POST method. Specify g or p -c COOKIE, –cookie COOKIE Specify Cookies -T TIMEOUT, –timeout TIMEOUT Specify a timeout in seconds to wait between each reque stAdding new params from source:The following regexes might be useful to parse $_GET or $_POST parameters from source:$> grep -rioP ‘$_POST[\s*[“‘]\s*\w+\s*["’]\s*]’ PHPSOURCE | grep -oP ‘$_POST[\s*["’]\s*\w+\s*["’]\s*]’ | sed -e "s/$_POST[\s*["’]//g" -e "s/\s*[‘"]\s*]//g" | sort -u > /tmp/outfile.txt$> grep -rioP ‘$_GET[\s*["’]\s*\w+\s*["’]\s*]’ PHPSOURCE | grep -oP ‘$_GET[\s*["’]\s*\w+\s*["’]\s*]’ | sed -e "s/$_GET[\s*["’]//g" -e "s/\s*[‘"]\s*]//g" | sort -u > /tmp/outfile.txtDownload Parameth

Link: http://feedproxy.google.com/~r/PentestTools/~3/E2J6ATzXZjw/parameth-this-tool-can-be-used-to-brute.html

Aron – A GO Script For Finding Hidden GET & POST Parameters

Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce.Installation$ git clone https://github.com/m4ll0k/Aron.git aron$ cd aron $ go get github.com/m4ll0k/printer# now check if $GOPATH is set$ go env | grep -i gopath# if $GOPATH not set, try with:$ export GOPATH=$HOME/go$ go run aron.go# OR $ go build aron.go$ cp aron /usr/bin/$ aronUsage ___ / | _________ ___ / /| | / ___/ __ \/ __\ / ___ |/ / / /_/ / / / / /_/ |_/_/ \____/_/ /_/ (v0.1.0 beta)—————————- Momo (M4ll0k) Outaadi Usage of aron: -data=”": Set post data -get=false: Set get method -post=false: Set post method -url="": Set target URL -wordlist="dict.txt": Set your wordlistGET BRUTEFORCE:$ go run aron.go -url http://www.test.com/index.php -get $ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get$ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist my_wordlist.txt<[?|id=1|id=1&]> => Possible end URLOR Note: in this case aron need the wordlist path$ aron -url http://www.test.com/index.php -get -wordlist path/wordlist.txt$ aron -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist path/wordlist.txtPOST BRUTEFORCE:$ go run aron.go -url http://www.test.com/index.php -post $ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1"$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist my_wordlistOR Note: in this case aron need the wordlist path$ aron -url http://www.test.com/index.php -post -wordlist path/wordlist.txt$ aron -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist path/wordlist.txtDownload Aron

Link: http://feedproxy.google.com/~r/PentestTools/~3/aUZYreq7Jl0/aron-go-script-for-finding-hidden-get.html

Arjun – Tool To Find Hidden GET & POST Parameters

Arjun is a python script for finding hidden GET & POST parameters using regex and bruteforce.DependenciesrequeststhreadingUsagesHere’s how you can scan a webpage for get parameterspython arjun.py -u http://example.com/index.php –getFor POST, just use the –post flag. To specify the number of threads you can use the –threads option as following:python arjun.py -u http://example.com/index.php –get –threads 4Here’s a screenshot you can fap to:Download Arjun

Link: http://feedproxy.google.com/~r/PentestTools/~3/IIBJ1DCDYRs/arjun-tool-to-find-hidden-get-post.html

parameth – Tool to brute discover GET and POST parameters

This tool can be used to brute discover GET and POST parameters.Often when you are busting a directory for common files, you can identify scripts (for example test.php) that look like they need to be passed an unknown parameter. This hopefully can help find them.The -off flag allows you to specify an offset (helps with dynamic pages) so for example, if you were getting alternating response sizes of 4444 and 4448, set the offset to 5 and it will only show the stuff outside the normUsageusage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT] [-t THREADS] [-off VARIANCE] [-o OUT] [-P PROXY] [-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGMETH] [-c COOKIE]***optional arguments:-h, –help show this help message and exit-v, –version Version Information-u URL, –url URL Target URL-p PARAMS, –params PARAMS Provide a list of parameters to scan for-H HEADER, –header HEADER Add a custom header to the requests-a AGENT, –agent AGENT Specify a user agent-t THREADS, –threads THREADS Specify the number of threads.-off VARIANCE, –variance VARIANCE The offset in difference to ignore (if dynamic pages)-diff DIFFERENCE, –difference DIFFERENCE Percentage difference in response (recommended 95)-o OUT, –out OUT Specify output file-P PROXY, –proxy PROXY Specify a proxy in the form http|s://[IP]:[PORT]-x IGNORE, –ignore IGNORE Specify a status to ignore eg. 404,302…-s SIZEIGNORE, –sizeignore SIZEIGNORE Ignore responses of specified size-d DATA, –data DATA Provide default post data (also taken from provided url after ?)-i IGMETH, –igmeth IGMETH Ignore GET or POST method. Specify g or p-c COOKIE, –cookie COOKIE Specify Cookies-T TIMEOUT, –timeout TIMEOUT Specify a timeout in seconds to wait between each requestAdding new params from source:The following regexes might be useful to parse $_GET or $_POST parameters from source:$> grep -rioP ‘$_POST[\s*[“‘]\s*\w+\s*["’]\s*]’ PHPSOURCE | grep -oP ‘$_POST[\s*["’]\s*\w+\s*["’]\s*]’ | sed -e "s/$_POST[\s*["’]//g" -e "s/\s*[‘"]\s*]//g" | sort -u > /tmp/outfile.txt$> grep -rioP ‘$_GET[\s*["’]\s*\w+\s*["’]\s*]’ PHPSOURCE | grep -oP ‘$_GET[\s*["’]\s*\w+\s*["’]\s*]’ | sed -e "s/$_GET[\s*["’]//g" -e "s/\s*[‘"]\s*]//g" | sort -u > /tmp/outfile.txtDownload parameth

Link: http://feedproxy.google.com/~r/PentestTools/~3/X02YkmBy6k0/parameth-tool-to-brute-discover-get-and.html