Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter
?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own disocovered URLs to find such parameter names and the risks commonly associated with them. Parth is designed to aid web security testing by helping in prioritization of components for testing.Usage
Import targets from a file
This option works for all 3 supported import types: Burp Suite history, newline delimited text file or a HTTP request text file.
python3 parth.py -i example.historyFind URLs for a domain
This option will make use of CommonCrawl, Open Threat Exchange and Waybackmachine to find URLs of the target domain.
python3 parth.py -t example.comIgnore duplicate parameter names
Same parameter names across all URLs are ignored.
python3 parth.py -ut example.comSave parameter names
This option will write all the parameter names found in a file with name
params-{target}.txt for later use.python3 parth.py -pt example.comJSON Output
The following command will save the result as a JSON object in the specified file.
python3 parth.py -t example.com -o example.jsonCredits
The database of parameter names and the risks associated with them is mainly created from the public work of various people of the community.
via KitPloit
Read more
- Hack Tools Mac
- Blackhat Hacker Tools
- Hack Tools 2019
- Pentest Tools Linux
- Pentest Tools Apk
- Hacking Tools 2019
- Best Hacking Tools 2020
- Hacker Tool Kit
- Hack App
- Pentest Tools
- Usb Pentest Tools
- Pentest Tools
- How To Hack
- Hack Tools For Windows
- Hacker Tools Linux
- Hack Tools For Pc
- Hacker Tools Apk Download
- Hack Tools
- Hacker Tools Windows
- Hacks And Tools
- Hacking Tools Free Download
- Pentest Tools Website
- Hacker Techniques Tools And Incident Handling
- Pentest Tools Github
- Pentest Tools Android
- Pentest Tools Github
- Hack Tools
- Hacking Tools Github
- Github Hacking Tools
- Pentest Tools Kali Linux
- Pentest Tools Nmap
- Beginner Hacker Tools
- Hacker Tools Online
- Hacker Tools Free Download
- Hacking Tools Online
- Hack Tools For Pc
- Hacking Tools Hardware
- Pentest Tools Online
- Pentest Tools Subdomain
- Hack Tools For Mac
- Hacker Tools
- Pentest Tools Alternative
- Hacking App
- Hacker Search Tools
- Hacker Tools For Ios
- Pentest Tools Framework
- Hacking Tools For Games
- What Are Hacking Tools
- Hack Tools Github
- Hacker Tools Free Download
- Pentest Tools Online
- Blackhat Hacker Tools
- Kik Hack Tools
- Hack Tools 2019
- Hack App
- Pentest Tools For Ubuntu
- Pentest Box Tools Download
- Pentest Tools Find Subdomains
- Hacker Tools Linux
- Hacker Tools Online
- Hacking Tools Kit
- Hacker Tools 2019
- Black Hat Hacker Tools
- Hacker Tools Apk Download
- Black Hat Hacker Tools
- Hacking Tools Github
- Free Pentest Tools For Windows
- Hack Tool Apk
- Pentest Tools Review
- Pentest Tools For Ubuntu
- Blackhat Hacker Tools
- Hack Tools
- How To Hack
- Best Hacking Tools 2019
- Free Pentest Tools For Windows
- Best Hacking Tools 2019
- Hacker Tools Windows
- Hacks And Tools
- Hack Website Online Tool
- Pentest Tools Android
- Hackrf Tools
- Hackers Toolbox
- Hacking Tools For Beginners
- Pentest Tools Review
- Pentest Tools Framework
- Hacker Tools
- World No 1 Hacker Software
- Computer Hacker
- Hacking Tools Usb
- Pentest Tools Nmap
- Pentest Tools Tcp Port Scanner
- Kik Hack Tools
- Hacks And Tools
- Hack Tools
- Hack App
- Hacking Tools Name
- Tools Used For Hacking
- Hacker Hardware Tools
- Pentest Tools Bluekeep
- Hack Tools For Mac
- Pentest Tools Linux
- Pentest Tools Android
- Beginner Hacker Tools
- Hack Tools For Mac
- Hacking Tools Windows 10
- Best Hacking Tools 2020
- Pentest Tools Kali Linux
- Ethical Hacker Tools
- Hacker Tools Apk Download
- Usb Pentest Tools
No comments:
Post a Comment