Getting started

Knowledge hub



Brute-Force Parameters - Single URL

Parameters on certain endpoints could contain vulnerabilities, and pretty often as

Complexity: basic

Category: Web Discovery



You can set up this workflow by changing initial input value:

  • TARGET - provide a target web URL
  • and optionally custom wordlists for parameter names.

Workflow Targets Setup

Execution and results

After setup workflow is ready to be executed. Once workflow’s last node, found-parameters script, is finished result can be viewed and downloaded.

found-parameters script node will contain all of the URLs.

Try it out!

This workflow is available in the Library, you can copy it and execute it immediately!

Improve this workflow

  • support multiple URLs
  • generate POST requests based on the data