2018-11-10 05:17:12 +05:30
< h1 align = "center" >
< br >
< a href = "https://github.com/s0md3v/Arjun" > < img src = "https://image.ibb.co/c618nq/arjun.png" alt = "Arjun" > < / a >
< br >
Arjun
< br >
< / h1 >
2019-03-11 19:58:09 +05:30
< h4 align = "center" > HTTP Parameter Discovery Suite< / h4 >
2018-11-10 05:17:12 +05:30
< p align = "center" >
< a href = "https://github.com/s0md3v/Arjun/releases" >
< img src = "https://img.shields.io/github/release/s0md3v/Arjun.svg" >
< / a >
2021-03-01 10:59:21 +04:00
< a href = "https://pypi.python.org/pypi/arjun/" >
< img src = "https://img.shields.io/pypi/v/arjun.svg" >
< / a >
2018-11-10 05:17:12 +05:30
< a href = "https://github.com/s0md3v/Arjun/issues?q=is%3Aissue+is%3Aclosed" >
< img src = "https://img.shields.io/github/issues-closed-raw/s0md3v/Arjun.svg" >
< / a >
< / p >
2020-12-06 16:26:35 +05:30
### What's Arjun?
Arjun can find query parameters for URL enpoints. If you don't get what that means, it's okay, read along.
2019-04-12 19:36:36 +05:30
Web applications use parameters (or queries) to accept user input, take the following example into consideration
`http://api.example.com/v1/userinfo?id=751634589`
2019-04-12 19:38:32 +05:30
This URL seems to load user information for a specific user id, but what if there exists a parameter named `admin` which when set to `True` makes the endpoint provide more information about the user?\
2021-02-08 08:36:52 +05:30
This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 10,985 parameter names.
2019-04-12 19:38:32 +05:30
2021-02-08 08:36:52 +05:30
The best part? It takes less than 10 seconds to go through this huge list while making just 20-30 requests to the target. [Here's how ](https://github.com/s0md3v/Arjun/wiki/How-Arjun-works%3F ).
2019-11-18 21:31:00 +05:30
2020-12-06 16:26:35 +05:30
### Why Arjun?
2019-11-18 21:31:00 +05:30
2021-02-08 08:36:52 +05:30
- Supports `GET/POST/POST-JSON/POST-XML` requests
2020-12-06 16:26:35 +05:30
- Automatically handles rate limits and timeouts
2021-02-08 08:36:52 +05:30
- Export results to: BurpSuite, text or JSON file
- Import targets from: BurpSuite, text file or a raw request file
2020-12-06 16:26:35 +05:30
- Can passively extract parameters from JS or 3 external sources
2019-11-18 21:31:00 +05:30
2021-02-08 14:45:36 +05:30
### Installing Arjun
2021-03-11 06:38:50 +05:30
You can install `arjun` with pip as following:
```
pip3 install arjun
```
or, by downloading this repository and running
2021-02-08 14:45:36 +05:30
```
python3 setup.py install
```
### How to use Arjun?
2018-11-10 05:21:17 +05:30
2020-12-06 16:26:35 +05:30
A detailed usage guide is available on [Usage ](https://github.com/s0md3v/Arjun/wiki/Usage ) section of the Wiki.
2018-11-10 05:17:12 +05:30
2020-12-06 16:26:35 +05:30
Direct links to some basic options are given below:
2019-10-23 13:30:57 +05:30
2020-12-06 16:26:35 +05:30
- [Scan a single URL ](https://github.com/s0md3v/Arjun/wiki/Usage#scan-a-single-url )
2021-02-08 08:36:52 +05:30
- [Import targets ](https://github.com/s0md3v/Arjun/wiki/Usage#import-multiple-targets )
- [Export results ](https://github.com/s0md3v/Arjun/wiki/Usage#save-output-to-a-file )
2020-12-06 16:26:35 +05:30
- [Use custom HTTP headers ](https://github.com/s0md3v/Arjun/wiki/Usage#use-custom-http-headers )
2018-11-10 05:17:12 +05:30
2020-12-06 16:26:35 +05:30
Optionally, you can use the `--help` argument to explore Arjun on your own.
2018-11-10 05:26:26 +05:30
##### Credits
2021-02-08 08:36:52 +05:30
The parameter names wordlist is created by extracting top parameter names from [CommonCrawl ](http://commoncrawl.org ) dataset and merging best words from [SecLists ](https://github.com/danielmiessler/SecLists ) and [param-miner ](https://github.com/PortSwigger/param-miner ) wordlists into that.
