Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce.
$ git clone https://github.com/m4ll0k/Aron.git aron
$ cd aron
$ go get github.com/m4ll0k/printer
# now check if $GOPATH is set
$ go env | grep -i gopath
# if $GOPATH not set, try with:
$ export GOPATH=$HOME/go
$ go run aron.go
# OR
$ go build aron.go
$ cp aron /usr/bin/
$ aron
Also Read Whatsapp_Automation : Collection Of APIs Interact With WhatsApp Running In An Android Emulator
___
/ | _________ ___
/ /| | / ___/ __ \/ __\
/ ___ |/ / / /_/ / / / /
/_/ |_/_/ \____/_/ /_/ (v0.1.0 beta)
----------------------------
Momo (M4ll0k) Outaadi
Usage of aron:
-data="": Set post data
-get=false: Set get method
-post=false: Set post method
-url="": Set target URL
-wordlist="dict.txt": Set your wordlist
GET BRUTEFORCE:
$ go run aron.go -url http://www.test.com/index.php -get
$ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get
$ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist my_wordlist.txt
<[?|id=1|id=1&]> => Possible end URL
OR Note: in this case aron need the wordlist path
$ aron -url http://www.test.com/index.php -get -wordlist path/wordlist.txt
$ aron -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist path/wordlist.txt
POST BRUTEFORCE:
$ go run aron.go -url http://www.test.com/index.php -post
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1"
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist my_wordlist
OR Note: in this case aron need the wordlist path
$ aron -url http://www.test.com/index.php -post -wordlist path/wordlist.txt
$ aron -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist path/wordlist.txt
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…