{"id":10995,"date":"2020-07-22T14:04:30","date_gmt":"2020-07-22T08:34:30","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=10995"},"modified":"2020-07-22T14:04:30","modified_gmt":"2020-07-22T08:34:30","slug":"paramspider","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/paramspider\/","title":{"rendered":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives"},"content":{"rendered":"\n<p><strong>ParamSpider<\/strong> is a mining parameters from dark corners of web archives.<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Features<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Finds parameters from web archives of the entered domain.<\/li><li>Finds parameters from subdomains as well.<\/li><li>Gives support to exclude urls with specific extensions.<\/li><li>Saves the output result in a nice and clean manner.<\/li><li>It mines the parameters from web archives (without interacting with the target host)<\/li><\/ul>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Usage<\/strong><\/p>\n\n\n\n<p class=\"has-background has-luminous-vivid-amber-background-color\"><strong>Note :<\/strong> Use python 3.7+<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">$ git clone https:\/\/github.com\/devanshbatham\/ParamSpider<br>$ cd ParamSpider<br>$ pip3 install -r requirements.txt<br>$ python3 paramspider.py &#8211;domain hackerone.com<\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Usage Options<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>1 &#8211; For a simple scan [without the &#8211;exclude parameter]<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com<br>-&gt;Output ex : https:\/\/hackerone.com\/test.php?q=FUZZ<br><br><strong>2 &#8211; For excluding urls with specific extensions<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;exclude php,jpg,svg<br><br><strong>3 &#8211; For finding nested parameters<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;level high<br>-&gt;Output ex : https:\/\/hackerone.com\/test.php?p=test&amp;q=FUZZ<br><br><strong>4 &#8211; Saving the results<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;exclude php,jpg &#8211;output hackerone.txt<br><br><strong>5 &#8211; Using with a custom placeholder text (default is FUZZ), e.g. don&#8217;t add a placeholder<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;placeholder FUZZ2<br><br><strong>6 &#8211; Using the quiet mode (without printing the URLs on screen)<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;quiet<br><br><strong>7 &#8211; Exclude subdomains [for parameters from domain+subdomains, do not specify this argument]<\/strong><br>$ python3 paramspider.py &#8211;domain hackerone.com &#8211;subs False<\/p>\n\n\n\n<p><strong>Also Read &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/inql-2\/\" target=\"_blank\" rel=\"noreferrer noopener\">InQL : A Burp Extension For GraphQL Security Testing<\/a><\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>ParamSpider+GF (for massive pwnage)<\/strong><\/p>\n\n\n\n<p>Lets say you have already installed the tool and now you want to filter out the juicy parameters from plethora of parameters. No worries you can easily do it using <a href=\"https:\/\/github.com\/tomnomnom\/gf\">GF(by tomnomnom)<\/a> .<\/p>\n\n\n\n<p><strong>Note<\/strong> : Make sure you have <a href=\"https:\/\/golang.org\/doc\/install\">go<\/a> properly installed on your machine .<\/p>\n\n\n\n<p>Follow along this :<\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">$ go get -u github.com\/tomnomnom\/gf<br>$ cp -r $GOPATH\/src\/github.com\/tomnomnom\/gf\/examples ~\/.gf<br><br><strong>Note : Replace &#8216;\/User\/levi\/go\/bin\/gf&#8217; with the path where gf binary is located in your system.<\/strong><br><br>$ alias gf=&#8217;\/User\/levi\/go\/bin\/gf&#8217;<br>$ cd ~\/.gf\/<br><br><strong>Note : Paste JSON files(https:\/\/github.com\/devanshbatham\/ParamSpider\/tree\/master\/gf_profiles) in ~\/.gf\/ folder<\/strong><br><br><strong>Now run ParamSpider and navigate to the output directory<\/strong><br><br>$ gf redirect domain.txt \/\/for potential open redirect\/SSRF parameters<br>$ gf xss domain.txt \/\/for potential xss vulnerable parameters<br>$ gf potential domain.txt \/\/for xss + ssrf + open redirect parameters<br>$ gf wordpress domain.txt \/\/for wordpress urls<br><br><strong>[More GF profiles to be added in future]<\/strong><\/p>\n\n\n\n<p class=\"has-background has-text-align-center has-light-green-cyan-background-color\"><strong>Example<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\">$ python3 paramspider.py &#8211;domain bugcrowd.com &#8211;exclude woff,css,js,png,svg,php,jpg &#8211;output bugcrowd.txt<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-LOvbKlidcJI\/XxQoUKt7hkI\/AAAAAAAAG7E\/NavWRg5fAyw6Hon0IxU-4gNhQNmPf9RxQCLcBGAsYHQ\/s1600\/ParamSpider-1.PNG\" alt=\"\"\/><\/figure>\n\n\n\n<p class=\"has-background has-luminous-vivid-amber-background-color\"><strong>Note : <\/strong>As it fetches the parameters from web archive data ,so chances of false positives are high.<\/p>\n\n\n\n<p><strong>Twitter :<\/strong>  <a href=\"https:\/\/twitter.com\/0xAsm0d3us\">0xAsm0d3us<\/a><\/p>\n\n\n\n<div class=\"wp-block-buttons aligncenter is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/devanshbatham\/ParamSpider\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>ParamSpider is a mining parameters from dark corners of web archives. Features Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude urls with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web archives (without interacting with [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16411,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","fifu_image_alt":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[2403,3621],"class_list":["post-10995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-paramspider","tag-web-archives"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>ParamSpider : Mining Parameters From Dark Corners Of Web Archives<\/title>\n<meta name=\"description\" content=\"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/paramspider\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"ParamSpider : Mining Parameters From Dark Corners Of Web Archives\" \/>\n<meta property=\"og:description\" content=\"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/paramspider\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-22T08:34:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"ParamSpider : Mining Parameters From Dark Corners Of Web Archives\",\"datePublished\":\"2020-07-22T08:34:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/\"},\"wordCount\":457,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\",\"keywords\":[\"ParamSpider\",\"Web Archives\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/\",\"name\":\"ParamSpider : Mining Parameters From Dark Corners Of Web Archives\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\",\"datePublished\":\"2020-07-22T08:34:30+00:00\",\"description\":\"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/paramspider\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives","description":"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/paramspider\/","og_locale":"en_US","og_type":"article","og_title":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives","og_description":"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.","og_url":"https:\/\/kalilinuxtutorials.com\/paramspider\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2020-07-22T08:34:30+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives","datePublished":"2020-07-22T08:34:30+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/"},"wordCount":457,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","keywords":["ParamSpider","Web Archives"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/","url":"https:\/\/kalilinuxtutorials.com\/paramspider\/","name":"ParamSpider : Mining Parameters From Dark Corners Of Web Archives","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","datePublished":"2020-07-22T08:34:30+00:00","description":"ParamSpider is a mining parameters from dark corners of web archives. It finds parameters from web archives of the entered domain.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/paramspider\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/paramspider\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-4l3FybZADw0\/XxQoTPfUbzI\/AAAAAAAAG7A\/j__ohcIN4Mwo_cC4lk2aD_f5RifF5d_wQCLcBGAsYHQ\/s1600\/ParamSpider%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":35756,"url":"https:\/\/kalilinuxtutorials.com\/nucleifuzzer\/","url_meta":{"origin":10995,"position":0},"title":"NucleiFuzzer = Nuclei + Paramspider + waybackurls + gauplus + hakrawler + katana + Fuzzing Templates","author":"Varshini","date":"January 27, 2025","format":false,"excerpt":"NucleiFuzzer is an advanced automation tool designed to streamline and optimize web application security testing by integrating a suite of powerful URL discovery and vulnerability scanning tools. It combines ParamSpider, Waybackurls, Katana, Gauplus, and Hakrawler to comprehensively gather and enumerate potential entry points for web applications. Leveraging the power of\u2026","rel":"","context":"In &quot;Pentesting Tools&quot;","block_context":{"text":"Pentesting Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/penetration-testing-tools\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/NucleiFuzzer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":29791,"url":"https:\/\/kalilinuxtutorials.com\/nucleifuzzer-an-automation-tool-for-web-application-security-testing\/","url_meta":{"origin":10995,"position":1},"title":"NucleiFuzzer &#8211; An Automation Tool","author":"Varshini","date":"August 30, 2023","format":false,"excerpt":"NucleiFuzzer\u00a0is an automation tool that combines and enhances web application security testing. It uses\u00a0ParamSpider\u00a0to identify potential entry points and\u00a0Nuclei's\u00a0templates to scan for vulnerabilities. \u00a0NucleiFuzzer\u00a0streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download\u00a0NucleiFuzzer\u00a0to protect your web applications from vulnerabilities and\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEj-hYNkTStGh78e6tz7ZpVQ0RMhv1LeX9MjhBMx1bW2RhODJ08OKFYTW_anistxhotf6zLy1yFHrp8aCBa8k7F8rvBNTk9cytz4ieIQBibv_T_OvDGu3aKzngrbHcTMTpbqiedrnCuZRhgPBJif2K7FKBoM8JKuTrNXZOAYYCZsScZRA4h9XJuBiWfewg\/s16000\/NuclearFuzer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":36196,"url":"https:\/\/kalilinuxtutorials.com\/web-hacking-and-bug-bounty-tricks\/","url_meta":{"origin":10995,"position":2},"title":"Web Hacking And Bug Bounty Tricks : Tools And Techniques","author":"Varshini","date":"February 7, 2025","format":false,"excerpt":"Web hacking and bug bounty hunting involve identifying vulnerabilities in web applications to enhance their security. This field combines reconnaissance, vulnerability exploitation, and secure coding practices. Below is a detailed overview of tools and techniques commonly used in web hacking. Reconnaissance And OSINT Techniques Reconnaissance is the first step in\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Web-Hacking-And-Bug-Bounty-Tricks.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":10659,"url":"https:\/\/kalilinuxtutorials.com\/web-hackers-weapons\/","url_meta":{"origin":10995,"position":3},"title":"Web Hacker&#8217;s Weapons : Collection Of Cool Tools Used By Web Hackers","author":"R K","date":"May 29, 2020","format":false,"excerpt":"Web Hacker's Weapons is a collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting. Weapons Army-Knife\/ALLBurpSuitethe BurpSuite projectArmy-Knife\/SCANjaelesThe Swiss Army knife for automated Web Application TestingArmy-Knife\/ALLzaproxyThe OWASP ZAP core projectDiscovery\/ALLOneForAllOneForAll\u662f\u4e00\u6b3e\u529f\u80fd\u5f3a\u5927\u7684\u5b50\u57df\u6536\u96c6\u5de5\u5177Discovery\/ALLaquatoneA Tool for Domain FlyoversDiscovery\/ALLlazyreconThis script is intended to automate your reconnaissance process in an organized fashionDiscovery\/CRAWLPhotonIncredibly\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":30520,"url":"https:\/\/kalilinuxtutorials.com\/dark-web-archives\/","url_meta":{"origin":10995,"position":4},"title":"Dark Web Archives &#8211; Unveiling Hidden Marketplaces &#038; Scams","author":"Varshini","date":"September 29, 2023","format":false,"excerpt":"All public\/Privately leaked Dark Web Marketplace (DNM) Scripts, Source codes and information. This archive will be a place for researchers, law enforcemet and etc to study DNMs, Fraud Markets and Common Dark Web Scams without the need to venture to Tor\/I2P to find them, do research and etc. We'll do\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgQBg8X1Hqkj9EiWjkA8s5AfxCSRYe6zepjcCEHvVH0ffqfX6Z_gVdQ2R-t2KCxat3Ccac89442k1-h_Y0Yug5elWRlfyejNX31cuISZRTk27sk6Qb_hOOi9k32yMjKCJtyRSvNzltXvX0N-pvu7pODEipIMxE3HMrr5b851CWr9Pvi-uPvRC3irhsDlg\/s16000\/Dark%20Web%20Archives%20-%20Unveiling%20Hidden%20Marketplaces%20%26%20Scams.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":37187,"url":"https:\/\/kalilinuxtutorials.com\/log4jscanner\/","url_meta":{"origin":10995,"position":5},"title":"Log4jScanner : A Comprehensive Tool For Vulnerability Detection","author":"Varshini","date":"March 24, 2025","format":false,"excerpt":"Log4jScanner is a powerful tool designed to help penetration testers identify Log4j-related vulnerabilities, specifically CVE-2021-44228 and CVE-2021-45046, in web applications. It is primarily used for black box testing on given subdomains, making it an essential asset for security professionals and bug bounty hunters. Key Features Fast & MultiThreaded: Log4jScanner is\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Log4jScanner-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10995","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=10995"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/10995\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16411"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=10995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=10995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=10995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}