Home

Awesome

<h1 align="center"> <br> <a href="https://github.com/s0md3v/Arjun"><img src="https://image.ibb.co/c618nq/arjun.png" alt="Arjun"></a> <br> Arjun <br> </h1> <h4 align="center">HTTP Parameter Discovery Suite</h4> <p align="center"> <a href="https://github.com/s0md3v/Arjun/releases"> <img src="https://img.shields.io/github/release/s0md3v/Arjun.svg"> </a> <a href="https://github.com/s0md3v/Arjun/issues?q=is%3Aissue+is%3Aclosed"> <img src="https://img.shields.io/github/issues-closed-raw/s0md3v/Arjun.svg"> </a> </p>

demo

Introduction

Web applications use parameters (or queries) to accept user input, take the following example into consideration

http://api.example.com/v1/userinfo?id=751634589

This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to True makes the endpoint provide more information about the user?
This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,980 parameter names.

The best part? It takes less than 30 seconds to go through this huge list while making just 50-60 requests to the target.
Want to know how Arjun does that? Here's how.

Changes

Added support for proxies using the -x parameter, new usage

With Proxy python arjun.py -u http://some.api/ --post -o data/result.json -x http://my.proxy:8080

Without Proxy python arjun.py -u http://some.api/ --post -o data/result.json

Donations

You can encourage me to contribute more to the open source with donations.

Do you want to sponsor Arjun and get mentioned here? Email me s0md3v[at]gmail[dot]com

Features

Note: Arjun doesn't work with python < 3.4

How to use Arjun?

A detailed usage guide is available on Usage section of the Wiki.\

An index of options is given below:

Credits

The parameter names are taken from @SecLists.