Custom Parameter Discovery Wordlist

Custom wordlists per target could give a a security reseacher a huge leverage when finding new vulnerabilities, this workflow will gather all of those parameters and sort them by popularity.

Complexity: basic

Category: Web Discovery

Tools

gau
unfurl

Setup

The input is a list of webservers or hostnames, this workflow will gather all of the URLs archived by different providers and create a wordlist with custom parameters to be used further.

Execution and results

After setup workflow is ready to be executed. Once workflow's last node, filter-and-sort-by-popularity script, is finished result can be viewed and downloaded.

filter-and-sort-by-popularity will contain all of the parameters gathered in the workflow.

Custom Parameter Discovery Wordlist Workflow Results

Try it out!

This workflow is available in the Library, you can copy it and execute it immediately!

Improve this workflow

Use it to brute-force parameters and verify their existence by using hostnames supplied
Sort out found parameters with gf
use notify to send newly found parameters via anew

Private Agents - Scan Internal Environments On Any Device