X-code Professional

X-code Community

Facebook group

Telegram group

Instagram X-code

Twitter X-code

X-code Blog

X-code Github

Panel
Welcome! Anonymous

Arjun - HTTP parameter discovery suite.

[ { NUM_COMMENT }]

Forum untuk membahas semua tentang web hacking mulai dari footprint, scanning, gain access, escalate previlege, exploit,cover track, backdoors sampai mengamankan web

Moderators: Paman, Xshadow, indounderground, NeOS-01

Forum rules
Membahas bugs,penetrasi, eksploitasi dan teknik mengamankan website - websrver. Sertakan POC disini agar member dapat mempelajarinya

Arjun - HTTP parameter discovery suite.

Postby familycode » Sat Nov 02, 2019 4:51 pm

Share

Arjun

HTTP parameter discovery suite.

Web applications use parameters (or queries) to accept user input, take the following example into consideration

http://api.example.com/v1/userinfo?id=751634589

This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to True makes the endpoint provide more information about the user?

This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,980 parameter names.

Features

- Multi-threading

- Thorough detection

- Automatic rate limit handling

- A typical scan takes 30 seconds

- GET/POST/JSON methods supported

- Huge list of 25,980 parameter names

Download : https://github.com/s0md3v/Arjun
User avatar
familycode
 
Posts: 428
Joined: Thu Oct 13, 2005 4:06 pm
Location: Yogyakarta

{ FACEBOOK_COMMENT }

Return to Web Hacking

Who is online

Users browsing this forum: No registered users and 12 guests