Parameth – a tool for brute discover GET/POST Parameters

Parameth is an open source tool developed by maK- (obviously a l33t name) through which you can easily find GET and POST URLs by a single command.

Often when you are busting a directory for common files, you can identify scripts (for example page.php, test.php, search.php) that look like they need to be passed an unknown parameter.

Installation of Parameth in Kali Linux –

You can easily install parameth tool with the help of Git by typing

git clone https://github.com/maK-/parameth.git“.

After that you need to install all dependencies which is listed on “requirements.txt” and for this the command is – “pip install -r requirements.txt” which will install all the required packages to run parameth on your local machine.

To see help screen, type “python parameth.py

Usage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT]
[-t THREADS] [-off VARIANCE] [-o OUT] [-P PROXY]
[-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGMETH]
[-c COOKIE]

Optional arguments:

  • -h, –help show this help message and exit
  • -v, –version Version Information
  • -u URL, –url URL Target URL
  • -p PARAMS, –params PARAMS Provide a list of parameters to scan for
  • -H HEADER, –header HEADER Add a custom header to the requests
  • -a AGENT, –agent AGENT Specify a user agent
  • -t THREADS, –threads THREADS Specify the number of threads.
  • -off VARIANCE, –variance VARIANCE The offset in difference to ignore (if dynamic pages)
  • -diff DIFFERENCE, –difference DIFFERENCE Percentage difference in response (recommended 95)
  • -o OUT, –out OUT Specify output file
  • -P PROXY, –proxy PROXY Specify a proxy in the form http|s://[IP]:[PORT]
  • -x IGNORE, –ignore IGNORE Specify a status to ignore eg. 404,302…
  • -s SIZEIGNORE, –sizeignore SIZEIGNORE Ignore responses of specified size
  • -d DATA, –data DATA Provide default post data (also taken from provided url after ?)
  • -i IGMETH, –igmeth IGMETH Ignore GET or POST method. Specify g or p
  • -c COOKIE, –cookie COOKIE Specify Cookies
  • -T TIMEOUT, –timeout TIMEOUT Specify a timeout in seconds to wait between each request

To scan a site with parameth, type “python parameth.py -u “http://example.com/

You may also like:

Sarcastic Writer

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.

Related Posts