ParameterPatrol v-0.1 released : A penetration testing tool for searching and recording parameters within forms and urls for a target web application.

ParameterPatrol v-0.1 released : A penetration testing tool for searching and recording parameters within forms and urls for a target web application.

ParameterPatrol is A penetration testing tool for searching archive.org and recording parameters within forms and urls for a target web application. The results can then be compared to the current version of the web site, any differences can be investigated to see if the current site accepts old/dormant parameters which could be vulnerable to security issues such as SQLi, XSS, Direct Object Reference, Authenication Bypass, etc. Currently, results are saved to a sqlite database in the current working directory. The next version will include comparison funtionality between archived results.

Usage Examples :
Search archive.org for the target domain and include any additional domains listed using the -i option. Interactive mode will be started to help choose an archived year based on which snapshots are available on archive.org for the chosen domain.

Arguments for Searching Archive.org

-i or –includedomain= 

Arguments for Searching Other Locations

-s or –site=

Download : Master.zip  | Clone Url
Source : https://github.com/poshea