Tutorials

Parameth – a tool for brute discover GET/POST Parameters

Parameth is an open source tool developed by maK- (obviously a l33t name) through which you can easily find GET and POST URLs by a single command.

Often when you are busting a directory for common files, you can identify scripts (for example page.php, test.php, search.php) that look like they need to be passed an unknown parameter.

Installation of Parameth in Kali Linux –

You can easily install parameth tool with the help of Git by typing

git clone https://github.com/maK-/parameth.git“.

After that you need to install all dependencies which is listed on “requirements.txt” and for this the command is – “pip install -r requirements.txt” which will install all the required packages to run parameth on your local machine.

To see help screen, type “python parameth.py

Usage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT]
[-t THREADS] [-off VARIANCE] [-o OUT] [-P PROXY]
[-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGMETH]
[-c COOKIE]

Optional arguments:

  • -h, –help show this help message and exit
  • -v, –version Version Information
  • -u URL, –url URL Target URL
  • -p PARAMS, –params PARAMS Provide a list of parameters to scan for
  • -H HEADER, –header HEADER Add a custom header to the requests
  • -a AGENT, –agent AGENT Specify a user agent
  • -t THREADS, –threads THREADS Specify the number of threads.
  • -off VARIANCE, –variance VARIANCE The offset in difference to ignore (if dynamic pages)
  • -diff DIFFERENCE, –difference DIFFERENCE Percentage difference in response (recommended 95)
  • -o OUT, –out OUT Specify output file
  • -P PROXY, –proxy PROXY Specify a proxy in the form http|s://[IP]:[PORT]
  • -x IGNORE, –ignore IGNORE Specify a status to ignore eg. 404,302…
  • -s SIZEIGNORE, –sizeignore SIZEIGNORE Ignore responses of specified size
  • -d DATA, –data DATA Provide default post data (also taken from provided url after ?)
  • -i IGMETH, –igmeth IGMETH Ignore GET or POST method. Specify g or p
  • -c COOKIE, –cookie COOKIE Specify Cookies
  • -T TIMEOUT, –timeout TIMEOUT Specify a timeout in seconds to wait between each request

To scan a site with parameth, type “python parameth.py -u “http://example.com/

Have something to say about this article? Comment below or share it with us on Facebook or Twitter.

H4ck0
Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.
https://www.yeahhub.com/

WHERE SHOULD WE SEND ?

HACKING TUTORIALS & INFOSEC NEWS?

Subscribe to Our Newsletter and Get Instant Delivered to Your Email Inbox.

We respect your privacy and take protecting it seriously.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 − 6 =