Skip to content

Commit cfc8bfb

Browse files
s0md3vs0md3v
authored
Arjun 1.4 release (Resolves #8)
- Added `JSON` support - Fixed a major bug in detection logic - `-o` option to save result to a file - `--urls` option to scan list of URLs - Ability to supply HTTP headers from CLI
2 parents 0f1fe8e + 6c27006 commit cfc8bfb

7 files changed

Lines changed: 219 additions & 150 deletions

File tree

CHANGELOG.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
#### 1.4
2+
- Added `JSON` support
3+
- Fixed a major bug in detection logic
4+
- `-o` option to save result to a file
5+
- `--urls` option to scan list of URLs
6+
- Ability to supply HTTP headers from CLI
7+
8+
#### 1.3
9+
- improved logic
10+
- detection by plain-text content matching
11+
- `--include` switch to include persistent data
12+
- fixed a bug that caused user supplied HTTP headers to have no effect
13+
14+
#### 1.2-beta
15+
- Drastic performance improvement (x50 faster)
16+
17+
#### 1.1
18+
Initial stable release

README.md

Lines changed: 23 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -18,60 +18,41 @@
1818
</a>
1919
</p>
2020

21-
![demo](https://i.ibb.co/n0XdvZW/Screenshot-2019-04-07-20-08-04.png)
21+
![demo](https://i.ibb.co/0V6ymPy/Screenshot-2019-04-12-18-17-49.png)
22+
23+
### Introduction
24+
Web applications use parameters (or queries) to accept user input, take the following example into consideration
25+
26+
`http://api.example.com/v1/userinfo?id=751634589`
27+
28+
This URL seems to load user information for a specific user id, but what if there exists a parameter named `admin` which when set to `True` makes the endpoint provide more information about the user?\
29+
This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,980 parameter names.
30+
31+
The best part? It takes less than 30 seconds to go through this huge list while making just 30-35 requests to the target.\
32+
Want to know how Arjun does that? [Here's how](https://github.com/s0md3v/Arjun/wiki/How-Arjun-works%3F).
2233

2334
### Features
2435
- Multi-threading
25-
- 4 modes of detection
36+
- Thorough detection
2637
- A typical scan takes 30 seconds
2738
- Regex powered heuristic scanning
2839
- Huge list of 25,980 parameter names
2940
- Makes just 30-35 requests to the target
3041

31-
### Usage
32-
3342
> **Note:** Arjun doesn't work with python < 3.4
3443
35-
#### Discover parameters
36-
37-
To find `GET` parameters, you can simply do:
38-
39-
`python3 arjun.py -u https://api.example.com/endpoint --get`
40-
41-
Similarly, use `--post` to find `POST` parameters.
42-
43-
#### Multi-threading
44-
Arjun uses 2 threads by default but you can tune its performance according to your network connection.
45-
46-
`python3 arjun.py -u https://api.example.com/endpoint --get -t 22`
47-
48-
#### Delay between requests
49-
You can delay the request by using the `-d` option as follows:
50-
51-
`python3 arjun.py -u https://api.example.com/endpoint --get -d 2`
52-
53-
#### Including presistent data
54-
Let's say you have an API key that you need to send with every request, to tell Arjun to do that you can use the `--include` option as follows:
55-
56-
`python3 arjun.py -u https://api.example.com/endpoint --get --include 'api_key=xxxxx'`
57-
58-
OR
59-
60-
`python3 arjun.py -u https://api.example.com/endpoint --get --include '{"api_key":"xxxxx"}'`
61-
62-
To include multiple parameters, use `&` to seperate them or pass them as a valid json object.
63-
64-
#### JSON Output
65-
You can save the result in a JSON format by using the `-o` as follows:
66-
67-
`python3 arjun.py -u https://api.example.com/endpoint --get -o result.json`
68-
69-
#### Adding HTTP Headers
70-
Using the `--headers` switch will open an interactive prompt where you can paste your headers. Press `Ctrl + S` to save and `Ctrl + X` to procced.
44+
#### How to use Arjun?
7145

72-
![headers](https://image.ibb.co/jw5NgV/Screenshot-2018-10-27-18-45-32.png)
46+
A detailed usage guide is available on [Usage](https://github.com/s0md3v/Arjun/wiki/Usage) section of the Wiki.\
47+
An index of options is given below:
7348

74-
> **Note:** Arjun uses `nano` as the default editor for the prompt but you can change it by tweaking `/core/prompt.py`.
49+
- [Scanning a single URL](https://github.com/s0md3v/Arjun/wiki/Usage#scanning-a-single-url)
50+
- [Scanning multiple URLs](https://github.com/s0md3v/Arjun/wiki/Usage#scanning-multiple-urls)
51+
- [Choosing number of threads](https://github.com/s0md3v/Arjun/wiki/Usage#multi-threading)
52+
- [Delay between requests](https://github.com/s0md3v/Arjun/wiki/Usage#delay-between-requests)
53+
- [Including presistent data](https://github.com/s0md3v/Arjun/wiki/Usage#including-persistent-data)
54+
- [Saving output to a file](https://github.com/s0md3v/Arjun/wiki/Usage#saving-output-to-a-file)
55+
- [Adding custom HTTP headers](https://github.com/s0md3v/Arjun/wiki/Usage#adding-http-headers)
7556

7657
##### Credits
7758
The parameter names are taken from [@SecLists](https://github.com/danielmiessler/SecLists).

0 commit comments

Comments
 (0)