Arjun – Tool To Find Hidden GET & POST Parameters

Arjun – Tool To Find Hidden GET & POST Parameters

Arjun is a python script for finding hidden GET & POST parameters using regex and bruteforce.

Dependencies

  • requests
  • threading


Usages
Here’s how you can scan a webpage for get parameters

python arjun.py -u http://example.com/index.php --get

For POST, just use the –post flag. To specify the number of threads you can use the –threads option as following:

python arjun.py -u http://example.com/index.php --get --threads 4

Here’s a screenshot you can fap to:

http://feeds.feedburner.com/PentestTools