ParamSpider a parameter discovery suite.It finds parameters from web archives of the entered domain as well as from its subdomain without interacting the target host.It gives support to exclude urls with specific extensions.
Usage
paramspider.py [-h] -d DOMAIN [-s SUBS] [-l LEVEL] [-e EXCLUDE] [-o OUTPUT] [-p
PLACEHOLDER] [-q] [-r RETRIES]
Demo
optional arguments
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
Domain name of the taget [ex : hackerone.com]
-s SUBS, --subs SUBS Set False for no subs [ex : --subs False ]
-l LEVEL, --level LEVEL
For nested parameters [ex : --level high]
-e EXCLUDE, --exclude EXCLUDE
extensions to exclude [ex --exclude php,aspx]
-o OUTPUT, --output OUTPUT
Output file name [by default it is 'domain.txt']
-p PLACEHOLDER, --placeholder PLACEHOLDER
The string to add as a placeholder after the parameter name.
-q, --quiet Do not print the results to the screen
-r RETRIES, --retries RETRIES
Specify number of retries for 4xx and 5xx errors