🕵️‍♂️ ParamHunter Documentation

Welcome to ParamHunter! This tool helps you discover URL and form parameters across websites, tag potential vulnerabilities, and supercharge your reconnaissance—all from your browser toolkit.

🚀 Features

Multi-URL Support
- 📝 Paste one or more target URLs (one per line) to start your hunt.
Smart Crawling
- 🔗 Crawl HTML links for new URLs.
- 📜 Analyze JavaScript files for hidden parameters.
- 🗂️ Use Wayback Machine URLs for historical parameter discovery.
- 📝 Extract parameters from forms (POST).
- 🍪 Optionally include headers and cookies (advanced).
Customizable Settings
- ⚡ Threads: Control concurrent crawling.
- ⏱️ Timeout: Set request timeouts.
- 🏞️ Crawl Depth: Choose how deep to follow links.
- 🏷️ Add custom headers and cookies for advanced scenarios.
Results & Tagging
- 📋 Results Table: See found URLs, parameters, sources, and vulnerability tags.
- 🏷️ Automatic tagging for XSS, SQLi, SSRF, LFI, Open Redirect, IDOR, and more.
- 🕒 Timestamped findings for easy tracking.
Statistics
- 🔢 Track URLs found, processed, parameters discovered, and potential vulns tagged.
- ⏳ See elapsed time and progress bar.
Filtering & Export
- 🔍 Filter results by vulnerability type or search term.
- 📤 Export results as JSON for further analysis.
Logging
- 📝 Real-time log of actions, errors, and progress.

🛠️ How to Use

Enter Target URLs
- Paste one or more URLs (one per line) in the Target URL(s) box.
Configure Options
- Select which sources to crawl: HTML, JS, Wayback, Forms, Headers/Cookies.
- Adjust threads, timeout, and crawl depth as needed.
- Add custom headers/cookies if required.
Start the Hunt
- Click the 🔍 Start Hunt button.
- Progress, stats, and logs update live.
- Stop anytime with the ⏹️ Stop Hunt button.
View & Filter Results
- Results appear in the Results tab.
- Filter by vulnerability type or search for specific URLs/parameters.
Export Findings
- Click 📤 Export Results to save your discoveries as JSON.
Check Logs
- Switch to the Log tab for detailed activity and troubleshooting.