Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce.
$ git clone https://github.com/m4ll0k/Aron.git aron
$ cd aron
$ go get github.com/m4ll0k/printer
# now check if $GOPATH is set
$ go env | grep -i gopath
# if $GOPATH not set, try with:
$ export GOPATH=$HOME/go
$ go run aron.go
# OR
$ go build aron.go
$ cp aron /usr/bin/
$ aron Also Read Whatsapp_Automation : Collection Of APIs Interact With WhatsApp Running In An Android Emulator
___
/ | _________ ___
/ /| | / ___/ __ \/ __\
/ ___ |/ / / /_/ / / / /
/_/ |_/_/ \____/_/ /_/ (v0.1.0 beta)
----------------------------
Momo (M4ll0k) Outaadi
Usage of aron:
-data="": Set post data
-get=false: Set get method
-post=false: Set post method
-url="": Set target URL
-wordlist="dict.txt": Set your wordlist GET BRUTEFORCE:
$ go run aron.go -url http://www.test.com/index.php -get
$ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get
$ go run aron.go -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist my_wordlist.txt <[?|id=1|id=1&]> => Possible end URL
OR Note: in this case aron need the wordlist path
$ aron -url http://www.test.com/index.php -get -wordlist path/wordlist.txt
$ aron -url http://www.test.com/index.php<[?|id=1|id=1&]> -get -wordlist path/wordlist.txt POST BRUTEFORCE:
$ go run aron.go -url http://www.test.com/index.php -post
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1"
$ go run aron.go -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist my_wordlist OR Note: in this case aron need the wordlist path
$ aron -url http://www.test.com/index.php -post -wordlist path/wordlist.txt
$ aron -url http://www.test.com/index.php<[?id=1]> -post -data "user=1" -wordlist path/wordlist.txt
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…