
ParamSpider : Find hidden parameters in web applications
ParamSpider is an open-source bug bounty tool that is designed to help bug hunter and security researchers find hidden parameters in web applications. These hidden parameters are often used by attackers to exploit vulnerabilities and gain unauthorized access to sensitive information. ParamSpider automates the process of identifying these parameters, making it easier for researchers to find vulnerabilities and report them to the affected organization.
How ParamSpider Works
ParamSpider works by analyzing a target web application and looking for hidden parameters that are not easily discoverable using traditional methods. It does this by sending various HTTP requests to the target and analyzing the responses to identify any new parameters that are present.
The tool uses a combination of different techniques to identify hidden parameters. For example, it looks for parameters that are present in the HTML source code but are not visible to the user, as well as parameters that are included in JavaScript files or embedded in images.
Once ParamSpider has identified these hidden parameters, it generates a report that lists all of the parameters it found. The report includes information about the location of the parameter, as well as its value and any other relevant details.
Key Features :
- Finds parameters from web archives of the entered domain.
- Finds parameters from subdomains as well.
- Gives support to exclude urls with specific extensions.
- Saves the output result in a nice and clean manner.
- It mines the parameters from web archives (without interacting with the target host)
ParamSpider Installation
Using ParamSpider to Finde Hidden Parameters
Using ParamSpider is relatively straightforward. The user provides the tool with the URL of the target web application and any additional parameters required for the scan. ParamSpider then begins analyzing the application for hidden parameters. Once the scan is complete, ParamSpider generates a report that lists all of the parameters it found.
The report includes information about each parameter, such as its location and value. The user can use this information to identify potential vulnerabilities in the application and report them to the affected organization.
For a simple scan [without the –exclude parameter]
For excluding urls with specific extensions
For finding nested parameters
Exclude subdomains [for parameters from domain+subdomains, do not specify this argument]
ParamSpider + GF (for massive pwnage)
Lets say you have already installed ParamSpider and now you want to filter out the juicy parameters from plethora of parameters. No worries you can easily do it using GF (by tomnomnom).
Note : Make sure you have go properly installed on your machine.
Filter ParamSpider output to find potential XSS vulnerable parameters
Filter ParamSpider output to find parameter which may vulnerable to SQL Injection
Filter ParamSpider output to find potential open redirect/SSRF parameters
Conclusion
ParamSpider is a powerful tool that can help ethical hackers and security researchers find hidden parameters in web applications. Its ability to identify parameters that are not easily discoverable using traditional methods makes it a valuable addition to any bug bounty toolkit.