Skip to content
/ ParamHunter Public

๐Ÿ” Advanced tool for extracting hidden web parameters โ€“ built for bug bounty hunters & penetration testers.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Harold-Vanta1/ParamHunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

2 Commits
.github/workflows
.github/workflows
ย 
ย 
paramhunter
paramhunter
ย 
ย 
tests
tests
ย 
ย 
.gitignore
.gitignore
ย 
ย 
LICENSE
LICENSE
ย 
ย 
MIT License
MIT License
ย 
ย 
ParamHunter-main.zip
ParamHunter-main.zip
ย 
ย 
README.md
README.md
ย 
ย 
paramhunter.py
paramhunter.py
ย 
ย 
pyproject.toml
pyproject.toml
ย 
ย 
requirements.txt
requirements.txt
ย 
ย 
urls_example.txt
urls_example.txt
ย 
ย 

Repository files navigation

๐Ÿ”Ž ParamHunter

CI PyPI - Version License

ParamHunter v0.8 is a real and operational CLI tool for extracting URL parameters from websites. It is designed for security researchers, bug bounty hunters, and penetration testers.

โšก Features

  • Multithreading scanning for faster processing

  • GET and POST request support with optional data

  • Proxy support for anonymous scanning

  • Timeout, retry, and backoff settings

  • Output in TXT, JSON, and CSV formats

  • Rich CLI banner (if rich library is installed)

  • ASCII banner for professional CLI appearance

  • Handles multiple URLs from a list file

    โš ๏ธ Important > Use this tool only on websites you have permission to test. Unauthorized scanning may be illegal.

๐Ÿ› ๏ธ Installation

Recommended (from PyPI):

Option Description
-u, --url Scan a single target URL
-l, --list Scan multiple URLs from a file
-o, --output Base name for output files (default: results)
--txt Save output as TXT
--json Save output as JSON
--csv Save output as CSV
--threads Number of concurrent threads (default: 10)
--method Request method: GET or POST (default: GET)
--data POST data to send
--proxy Proxy URL
--timeout Request timeout in seconds (default: 5.0)
--retries Number of retry attempts (default: 2)
--backoff Backoff factor for retries (default: 0.5)
--no-banner Disable ASCII/Rich CLI banner 
pip install paramhunter[rich]

Or from source:

git clone https://github.com/YOUR_USERNAME/ParamHunter.git
cd ParamHunter
pip install -e .[rich]

Scan a single URL

paramhunter -u "https://example.com/?id=1" --txt --json --csv

Scan multiple URLs from a list

paramhunter -l urls_example.txt --txt --csv
Option Description
-u, --url Scan a single target URL
-l, --list Scan multiple URLs from a file
-o, --output Base name for output files (default: results)
--txt Save output as TXT
--json Save output as JSON
--csv Save output as CSV
--threads Number of concurrent threads (default: 10)
--method Request method: GET or POST (default: GET)
--data POST data to send
--proxy Proxy URL
--timeout Request timeout in seconds (default: 5.0)
--retries Number of retry attempts (default: 2)
--backoff Backoff factor for retries (default: 0.5)
--no-banner Disable ASCII/Rich CLI banner

Example URLs

See urls_example.txt for sample targets.

โš ๏ธ Use this tool only on websites you have permission to test.

About

๐Ÿ” Advanced tool for extracting hidden web parameters โ€“ built for bug bounty hunters & penetration testers.

Topics

python security scanner xss bug-bounty pentesting recon lfi

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages