寻找隐藏参数的利器
寻找隐藏参数的利器正文这里主要讲解的是运用arjun来寻找一些隐藏的参数,地址如下https://github.com/s0md3v/Arjun安装很简单:pip3 install arjun这里讲一 2025-1-29 12:30:0 Author: mp.weixin.qq.com(查看原文) 阅读量:8 收藏
寻找隐藏参数的利器正文这里主要讲解的是运用arjun来寻找一些隐藏的参数,地址如下https://github.com/s0md3v/Arjun安装很简单:pip3 install arjun这里讲一 2025-1-29 12:30:0 Author: mp.weixin.qq.com(查看原文) 阅读量:8 收藏
寻找隐藏参数的利器
正文
这里主要讲解的是运用arjun来寻找一些隐藏的参数,地址如下
https://github.com/s0md3v/Arjun
安装很简单:
pip3 install arjun这里讲一些比较重要的参数:
-m => Method (GET,POST,PUT)
-w => For custom wordlist
— passive => Collect params apart from wordlist(wayback, commoncrawl etc)
-t => Increase total number of threads(To increase the processing speed of the tool)-u => To Specify the URL
这里做个测试:
arjun -u http://testphp.vulnweb.com/artists.php -m GET
参考
https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url
https://hacktivator.medium.com/bug-bounty-find-hidden-parameters-ea219b01e7ca
往期回顾
文章来源: https://mp.weixin.qq.com/s?__biz=MzIzMTIzNTM0MA==&mid=2247496975&idx=1&sn=41875f4fcd79a42421188feb25e23889&chksm=e8a5ff6cdfd2767a4c19aa1cb2ccd7bc363b29d6b2c7cc49beb5a3dcf261222c0dec0d6efac2&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh