Parameth is an open source tool developed by maK- (obviously a l33t name) through which you can easily find GET and POST URLs by a single command.
Often when you are busting a directory for common files, you can identify scripts (for example page.php, test.php, search.php) that look like they need to be passed an unknown parameter.
Installation of Parameth in Kali Linux –
You can easily install parameth tool with the help of Git by typing
“git clone https://github.com/maK-/parameth.git“.
After that you need to install all dependencies which is listed on “requirements.txt” and for this the command is – “pip install -r requirements.txt” which will install all the required packages to run parameth on your local machine.
To see help screen, type “python parameth.py”
Usage: parameth.py [-h] [-v] [-u URL] [-p PARAMS] [-H HEADER] [-a AGENT]
[-t THREADS] [-off VARIANCE] [-o OUT] [-P PROXY]
[-x IGNORE] [-s SIZEIGNORE] [-d DATA] [-i IGMETH]
[-c COOKIE]
Optional arguments:
- -h, –help show this help message and exit
- -v, –version Version Information
- -u URL, –url URL Target URL
- -p PARAMS, –params PARAMS Provide a list of parameters to scan for
- -H HEADER, –header HEADER Add a custom header to the requests
- -a AGENT, –agent AGENT Specify a user agent
- -t THREADS, –threads THREADS Specify the number of threads.
- -off VARIANCE, –variance VARIANCE The offset in difference to ignore (if dynamic pages)
- -diff DIFFERENCE, –difference DIFFERENCE Percentage difference in response (recommended 95)
- -o OUT, –out OUT Specify output file
- -P PROXY, –proxy PROXY Specify a proxy in the form http|s://[IP]:[PORT]
- -x IGNORE, –ignore IGNORE Specify a status to ignore eg. 404,302…
- -s SIZEIGNORE, –sizeignore SIZEIGNORE Ignore responses of specified size
- -d DATA, –data DATA Provide default post data (also taken from provided url after ?)
- -i IGMETH, –igmeth IGMETH Ignore GET or POST method. Specify g or p
- -c COOKIE, –cookie COOKIE Specify Cookies
- -T TIMEOUT, –timeout TIMEOUT Specify a timeout in seconds to wait between each request
To scan a site with parameth, type “python parameth.py -u “http://example.com/”
You may also like:- Most Common DNS Record Types and Their Roles
- Top Skills Needed to Become a Cybersecurity Analyst
- Mastering Windows Management with WMIC Commands – Top 20 Examples
- Edit and Compile Code with the Best 5 Code Editors
- 50+ Top DevSecOps Tools You Need To Know
- Learn How to Add Proxy and Multiple Accounts in MoreLogin
- Some Useful PowerShell Cmdlets
- Create Free SSL Certificate – ZEROSSL.COM [2020 Tutorial]
- Generate Self-Signed SSL Certificate with OPENSSL in Kali Linux
- RDP – CredSSP Encryption Oracle Remediation Solution 2020