PRINT
PRINT
SEND MAIL
SEND MAIL

Introduction
Web applications use parameters (or queries) to accept user input, take the following example into consideration
http://api.example.com/v1/userinfo?id=751634589
This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to True makes the endpoint provide more information about the user?
This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,980 parameter names.
The best part? It takes less than 30 seconds to go through this huge list while making just 50-60 requests to the target.
Want to know how Arjun does that? Here's how.

Features
  • Multi-threading
  • Thorough detection
  • Automatic rate limit handling
  • A typical scan takes 30 seconds
  • GET/POST/JSON methods supported
  • Huge list of 25,980 parameter names
Note: Arjun doesn't work with python < 3.4

How to use Arjun?
A detailed usage guide is available on Usage section of the Wiki.\
An index of options is given below:

Credits
The parameter names are taken from @SecLists.


©2021 By Cyber Sec Labs

   

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account