Brute-Force Parameters - Single URL
Parameters on certain endpoints could contain vulnerabilities, and pretty often as
Complexity: basic
Category: Web Discovery
Tools
Setup
You can set up this workflow by changing initial input value:
- TARGET - provide a target web URL
- and optionally custom wordlists for parameter names.
Execution and results
After setup workflow is ready to be executed. Once workflow's last node, found-parameters
script, is finished result can be viewed and downloaded.
found-parameters
script node will contain all of the URLs.
Try it out!
This workflow is available in the Library, you can copy it and execute it immediately!
Improve this workflow
- support multiple URLs
- generate POST requests based on the data
Check other Web Discovery workflows from Trickest library!