ParamSpider - FBI for Parameters on a Website

ParamSpider is a tool which is written in python that is able to find the parameters which are available on a particular domain or the URL after crawling, this tool is helpful for Web Application Penetration Testers as well as Bug Hunters & Security Researchers for finding parameters that might be vulnerable to test the particular payloads which will help to find various types of vulnerabilities. It also finds parameters from target subdomains and has support for URLs with specific extensions. ParamSpider mines the parameters from web archives without interacting with the victim host.

  • The GitHub repository can be cloned using the command - git clone
  • Once the repository has been cloned. Re-direct to the folder using the cd command. Before starting the tool we need to install a few python packages. This can be done using the command pip3 install -r requirements.txt.
Installing required Python Packages
It is always a good practice to check the help command to know more about the tool and how to use it. This can be done using the command python3 --help
  • A few of the important flags which can be used during your enumeration process are:
    • -d <doamin_name>: Specify the target domain.
    • -o <file_name>: Save the output to a file with the specified name. The default is domain.txt.
    • -q: Quiet Mode. The output will be not shown on the screen i.e. no verbose mode.  
    • -e: Exclude certain types of URLs which are generally false alarms as a parameter for a website. For example .css
Example of the command using Quit Mode

Example of the command without the Quit Mode
  • The output is saved to the file as mentioned. To view the output the cat command can be used. 
Saved Output
ParamSpider can find the parameters which are hiding deep in a website. These parameters are very useful because they can be tested with bugs such as XSS, SQL injection, SSRF, or open redirect easily.
We hope this helps. If any suggestions or doubts you can add a comment and we will reply as soon as possible.

No comments:

Post a Comment