ParamSpider – Mining Parameters From Dark Corners Of Web Archives

ParamSpider : Parameter miner for humans. Key Features : Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude urls with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web archives (without interacting with the target host)Read More

ParamKit – A Small Library Helping To Parse Commandline Parameters

A small library helping to parse commandline parameters (for Windows). Objectives “like Python’s argparse but for C/C++” compact and minimalistic easy to use extendable DemoPrint help for each parameter: Easily store values of popular types, and verify if all required parameters are filled: Verify if no invalid parameter was passed: See the demo code DownloadRead More

See-SURF – Python Based Scanner To Find Potential SSRF Parameters

A Python based scanner to find potential SSRF parameters in a web application. Motivation SSRF being one of the critical vulnerabilities out there in web, I see there was no tool which would automate finding potential vulnerable parameters. See-SURF can be added to your arsenal for recon while doing bug hunting/web security testing. Tech/framework usedBuiltRead More