Sign Up

Custom Parameter Discovery Wordlist

Custom wordlists per target could give a a security reseacher a huge leverage when finding new vulnerabilities, this workflow will gather all of those parameters and sort them by popularity.

Complexity: basic

Category: Web Discovery



The input is a list of webservers or hostnames, this workflow will gather all of the URLs archived by different providers and create a wordlist with custom parameters to be used further.

Custom Parameter Discovery Wordlist Workflow targets Setup

Workflow Targets Setup

Execution and results

After setup workflow is ready to be executed. Once workflow's last node, filter-and-sort-by-popularity script, is finished result can be viewed and downloaded.

filter-and-sort-by-popularity will contain all of the parameters gathered in the workflow.

Custom Parameter Discovery Wordlist Workflow Results

Try it out!

This workflow is available in the Library, you can copy it and execute it immediately!

Improve this workflow

  • Use it to brute-force parameters and verify their existence by using hostnames supplied
  • Sort out found parameters with gf
  • use notify to send newly found parameters via anew