Paket: arjun (2.2.2-1)

Links für arjun

Debian-Ressourcen:

Quellcode-Paket arjun herunterladen:

Betreuer:

Externe Ressourcen:

Homepage [github.com]

HTTP parameter discovery suite

This package can find query parameters for URL endpoints.

Web applications use parameters (or queries) to accept user input, take the following example into consideration.

   http://api.example.com/v1/userinfo?id=751634589

This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to True makes the endpoint provide more information about the user? This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,890 parameter names. It takes less than 10 seconds to go through this huge list while making just 50-60 requests to the target.

Some features:

  - Supports GET/POST/POST-JSON/POST-XML requests;
  - Automatically handles rate limits and timeouts;
  - Export results to: BurpSuite, text or JSON file;
  - Import targets from: BurpSuite, text file or a raw request file;
  - Can passively extract parameters from JS or 3 external sources.

Arjun is useful for penetration testing (PENTEST) and network security analysis, serving as OSINT.

Andere Pakete mit Bezug zu arjun

hängt ab von

empfiehlt

schlägt vor

erweitert

dep: python3

interactive high-level object-oriented language (default python3 version)
dep: python3-dicttoxml

Python 3 module for converting dict into a XML string
dep: python3-requests

Elegante und einfache Python-3-HTTP-Bibliothek, für Menschen gebaut

arjun herunterladen

Download für alle verfügbaren Architekturen
Architektur	Paketgröße	Größe (installiert)	Dateien
all	79,5 kB	345,0 kB	[Liste der Dateien]