Parth - Heuristic Vulnerable Parameter Scanner

Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own disocovered URLs to find such parameter names and the risks commonly associated with them. Parth is designed to aid web security testing by helping in prioritization of components for testing.

Usage

Import targets from a file
This option works for all 3 supported import types: Burp Suite history, newline delimited text file or a HTTP request text file.

python3 parth.py -i example.history

Find URLs for a domain
This option will make use of CommonCrawl, Open Threat Exchange and Waybackmachine to find URLs of the target domain.

python3 parth.py -t example.com

Ignore duplicate parameter names
Same parameter names across all URLs are ignored.

python3 parth.py -ut example.com

Save parameter names
This option will write all the parameter names found in a file with name params-{target}.txt for later use.

python3 parth.py -pt example.com

JSON Output
The following command will save the result as a JSON object in the specified file.

python3 parth.py -t example.com -o example.json

Credits
The database of parameter names and the risks associated with them is mainly created from the public work of various people of the community.

Download Parth

via KitPloit

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Continue reading

1. Hack Tools Pc
2. Hacker Tools 2020
3. Hack Tool Apk
4. Hacker Tools 2019
5. Hacker Tools For Pc
6. Android Hack Tools Github
7. Hacking Tools And Software
8. Pentest Tools Online
9. Hacking Tools For Beginners
10. Hacking Tools For Pc
11. Pentest Tools Framework
12. Pentest Tools Subdomain
13. Hacking Tools Mac
14. Hacker Tools For Pc
15. Pentest Tools Alternative
16. Pentest Tools List
17. Hack Tools For Mac
18. Hack Tools For Games
19. Computer Hacker
20. Hack Tool Apk No Root
21. Pentest Tools Tcp Port Scanner
22. Termux Hacking Tools 2019
23. Hack Tools 2019
24. Pentest Tools Subdomain
25. Hacker Hardware Tools
26. Pentest Tools List
27. Pentest Tools Framework
28. Pentest Tools For Android
29. Pentest Tools Nmap
30. Hacking Tools Hardware
31. Pentest Tools For Android
32. Hack Tool Apk No Root
33. Hacking Tools Pc
34. Hack Tools For Mac
35. Hacker Tools 2020
36. Hacking Tools For Windows Free Download
37. Pentest Tools Port Scanner
38. Hack Apps
39. Hacking Tools 2019
40. Pentest Tools Free
41. New Hack Tools
42. Hak5 Tools
43. Pentest Tools Url Fuzzer
44. Hack Tool Apk No Root
45. Hack Tool Apk No Root
46. New Hacker Tools
47. Hacking Tools Name
48. Pentest Tools Framework
49. Pentest Tools Apk
50. Pentest Tools
51. Nsa Hack Tools Download
52. Pentest Reporting Tools
53. Hacking Tools Online
54. Pentest Reporting Tools
55. Physical Pentest Tools
56. Tools 4 Hack
57. Hacker Techniques Tools And Incident Handling
58. Pentest Tools Free
59. Pentest Box Tools Download
60. Pentest Tools Download
61. Hacker Tool Kit
62. Nsa Hacker Tools
63. Hackers Toolbox
64. Hacking App
65. Hacker Tools For Pc
66. Hacker Tools Mac
67. Pentest Tools Android
68. Pentest Tools For Mac
69. Hacking Tools 2020