#parameters

X8
featured
X8

Hidden parameters discovery suite.

plution
plution

Prototype pollution scanner using headless chrome.

qsinject
qsinject

Allows you to quickly substitute query string values with regex matches, one-at-a-time.

gitscraper
gitscraper

Scrapes public GitHub repositories for common naming conventions in variables, folders and files.

BlackWidow
BlackWidow

Web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

XSpear
XSpear

Powerfull XSS Scanning and Parameter analysis tool&gem.

See-SURF
See-SURF

Detect Vulnerable SSRF parameters.

param-miner
param-miner

Identifies hidden, unlinked parameters, useful for finding web cache poisoning vulnerabilities.

parameth
parameth

Brute discover GET and POST parameters.

GAP
GAP

A Burp Suite extension to find potential endpoints and parameters.

fuzzagotchi
fuzzagotchi

A fuzzing tool written in Go. It helps your pentesting journey.

Arjun
Arjun

HTTP parameter discovery suite.

ParamSpider
ParamSpider

Mining parameters from dark corners of Web Archives.

xnLinkFinder
xnLinkFinder

A python tool used to discover endpoints and potential parameters for a given target.