fuzzparam

command module
v0.0.0-...-dbcf21e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2021 License: MIT Imports: 14 Imported by: 0

README

fuzzparam

What is?

A fast go based param miner to fuzz possible parameters a URL can have.

TL;DR

Give it list of URL's and it will find the parameters that URL will have

Download

Download and Build it using following command:

$ git clone https://github.com/0xsapra/fuzzparam
$ cd fuzzparam
$ go build fuzzparam.go

Flags supported

Flag Description Example
-X HTTP Method -X POST
-x Proxy Url -x http://127.0.0.1:8080
-c Concurrency/threads(Default 25) -c 100
-H Headers -H "Cookie: test:1" -H "X-Forwarded-For: x.com"
-w Path to wordlist -w ./parameters.txt

Usage

$ ./fuzzparam -X GET -w ./parameters.txt -H "Cookie: asdf" https://site.com

OR

$ echo "https://site.com\nhttps://site2.com\nhttps://site.com/asdf.php\n" > domains.txt

$ cat domains.txt | ./fuzzparam -w ./parameters.txt -H "Cookie: asdg"

OR, use it will other tools. Like projectdiscovery's httpx. https://github.com/projectdiscovery/httpx and, tomnonnom's waybackurls https://github.com/tomnomnom/waybackurls

$ cat domains.txt | waybackurls | httpx | fuzzparam -w ./parameters.txt > finalUrlsWithParams.txt

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.