Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/s0md3v/Parth

Heuristic Vulnerable Parameter Scanner
https://github.com/s0md3v/Parth

Last synced: about 1 month ago
JSON representation

Heuristic Vulnerable Parameter Scanner

Host: GitHub
URL: https://github.com/s0md3v/Parth
Owner: s0md3v
License: gpl-3.0
Created: 2020-08-19T16:41:52.000Z (about 4 years ago)
Default Branch: master
Last Pushed: 2024-01-08T06:26:26.000Z (8 months ago)
Last Synced: 2024-07-31T10:12:41.635Z (about 2 months ago)
Language: Python
Homepage:
Size: 57.6 KB
Stars: 554
Watchers: 14
Forks: 92
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

WebHackersWeapons - Parth
awesome-hacking-lists - s0md3v/Parth - Heuristic Vulnerable Parameter Scanner (Python)

README

Parth

Heuristic Vulnerable Parameter Scanner

![demo](https://i.ibb.co/6wbY7fT/Screenshot-2020-08-19-22-17-19.png)

## Introduction
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter `?url=` usually contains URLs as the value and hence often falls victim to file inclusion, open redirect and SSRF attacks. Parth can go through your burp history, a list of URLs or it's own discovered URLs to find such parameter names and the risks commonly associated with them. Parth is designed to aid web security testing by helping in prioritization of components for testing.

## Usage
**Installation:** `pip3 install parth`

### Import targets from a file
This option works for all 3 supported import types: Burp Suite history, newline delimited text file or a HTTP request text file.
```
parth -i example.history
```

### Import targets from stdin
```
cat urls | parth
```
An exclusive option `--pipe` is available when importing targets from stdin. It can be used to output URLs vulnerable to a specific vulnerabily.
```
cat urls | parth --pipe xss
```

**Supported Issues:** `lfi, ssrf, sqli, xss, open_redirect, rce`

### Find URLs for a domain
This option will make use of CommonCrawl, Open Threat Exchange and Waybackmachine to find URLs of the target domain.
```
parth -t example.com
```
### Ignore duplicate parameter names
Same parameter names across all URLs are ignored.
```
parth -ut example.com
```
### Save parameter names
This option will write all the parameter names found in a file with name `params-{target}.txt` for later use.
```
parth -pt example.com
```
### JSON Output
The following command will save the result as a JSON object in the specified file.
```
parth -t example.com -o example.json
```

## Credits
The database of parameter names and the risks associated with them is mainly created from the public work of various people of the community such as [@Jhaddix](https://twitter.com/Jhaddix).